/ legal

Privacy Policy

Effective June 11, 2026 · Replaces all prior versions

This Privacy Policy describes how Parallelogram ("we", "us", "our") handles information in connection with the parallelogram.dev website and the open-source parallelogram command-line interface ("CLI"). We wrote this policy to be direct and complete, not to bury important details. Please read it in full.

The short version: the CLI collects nothing whatsoever. The website collects almost nothing — only what your browser unavoidably transmits and what our hosting provider logs for operational reasons. We do not sell, rent, or share your data with anyone for commercial purposes.

1. Scope of this policy

This policy applies to:

• The parallelogram.dev website and all pages served from that domain.
• The parallelogram Python package distributed via PyPI and any source builds from the GitHub repository.
• Any email or written communications you initiate with us.

This policy does not apply to third-party services you may access through links on this website, to the Hugging Face model hub (which you may optionally contact when using --tokenizer), or to GitHub, PyPI, or Vercel, each of which operates under its own privacy policy.

2. The CLI: zero data collection

The parallelogram CLI is a fully offline, local tool. When you run it, it reads the files you point it at on your own machine and writes output to your own machine. It performs no outbound network activity of any kind unless you explicitly pass the --tokenizer flag.

Specifically, the CLI does not:

• Transmit your dataset — or any portion of it — to any server, ours or otherwise.
• Send telemetry, crash reports, usage statistics, or error logs to any remote endpoint.
• Check for updates, ping a version server, or poll any URL on startup or shutdown.
• Read, write, or store any data outside the files and directories you explicitly name on the command line.
• Create, read, or modify environment variables beyond those required for standard Python operation.
• Access any file on your system other than the input file(s) you specify and the output file(s) you specify with --output.

The one and only network call the CLI can ever make is the optional download of a tokenizer vocabulary when you pass --tokenizer <model-id>. This request is made directly from your machine to the Hugging Face Hub API. We are not involved in that request; it goes to Hugging Face under their own privacy policy. We do not intercept it, proxy it, or receive any copy of it. If you do not pass --tokenizer, no network call is ever made.

Because the CLI collects nothing, there is nothing for us to disclose, sell, or retain. This is a design choice, not a policy choice that could change by amending this document — the code simply contains no instrumentation code.

3. The website: what we collect and why

3.1 Information you provide directly

The parallelogram.dev website has no user accounts, no sign-up forms, no comment sections, and no input fields of any kind. You cannot submit personal data to us through the website interface because the interface provides no mechanism to do so.

3.2 Server logs (Vercel hosting)

The website is hosted on Vercel's global edge network. As with every web server on the internet, Vercel's infrastructure automatically records certain metadata for each HTTP request it receives. This typically includes:

• IP address of the requesting client.
• Date and time of the request.
• URL path requested (e.g., /privacy.html).
• HTTP method (GET, etc.).
• HTTP status code returned.
• Referrer URL, if your browser transmitted one.
• User-agent string of your browser or client.
• Response size in bytes.

These logs exist for operational and security purposes — to detect abuse, diagnose errors, and maintain uptime. We do not access Vercel's access logs for analytics, marketing, or product purposes. We do not configure any custom logging beyond Vercel's defaults. Vercel's retention and processing of these logs is governed by Vercel's Privacy Policy.

3.3 Fonts

This website serves its typefaces (Geist and Geist Mono) directly from parallelogram.dev as self-hosted font files. Loading a page here makes no request to Google Fonts or any other third-party font service — your browser talks only to the same Vercel-hosted origin that serves the page itself. No font-related data is transmitted to any third party.

3.4 Analytics and tracking

We run no analytics of any kind. There is no Google Analytics, no Mixpanel, no Segment, no Plausible, no Fathom, no Cloudflare Web Analytics, no Hotjar, no FullStory, no advertising pixel, no conversion tracker, and no behavioral fingerprinting script on this website. You can verify this by inspecting the page source — there are no third-party script, font, or resource tags of any kind. Every asset on this site is served first-party.

3.5 Cookies and local storage

The website sets one functional cookie: a small first-party cookie named pg_cookie_consent that stores your acceptance or declination of cookies as presented in the cookie notice. This cookie contains no personal information — only the string "accepted" or "declined" — and is used solely to avoid showing the cookie banner on every subsequent visit. It is not read by any analytics or advertising system, because we have none.

If you decline cookies, the banner will not appear again during that browser session, but the preference is not persisted across sessions (since storing it would itself require a cookie). If you accept, the cookie is set with a 365-day expiry on the parallelogram.dev domain only, with the SameSite=Lax attribute.

Beyond this consent cookie, the website uses no cookies, no local storage, and no session storage for any other purpose.

4. Email correspondence

If you contact us by email at tsenangthatayotlhe04@gmail.com, we will receive your email address and the contents of your message. We use these only to respond to you.

We do not:

• Add you to a mailing list.
• Share your email address or message contents with third parties.
• Use your message for marketing, research, or product analytics.
• Retain your email beyond the period needed to address your inquiry, except where we are required by law to do so.

Note that email is transmitted through Gmail (Google's email infrastructure), which has its own privacy policy governing email in transit and at rest.

5. GitHub and PyPI

If you interact with the Parallelogram project on GitHub — for example, by opening an issue, submitting a pull request, starring the repository, or leaving a comment — that activity is governed by GitHub's Privacy Statement. We see the information you post publicly there (your username, comments, code contributions), but we have no special access to private GitHub data about you.

If you download the package from PyPI, PyPI may log that download. That logging is governed by PyPI's Privacy Policy. We do not receive download records from PyPI that identify individual users.

6. Children's privacy

Parallelogram is a developer tool intended for use by practitioners working with machine learning training data. It is not directed at children under the age of 13 (or 16 where applicable under GDPR). We do not knowingly collect personal information from children. If you believe a child has inadvertently provided us with personal information, please contact us at tsenangthatayotlhe04@gmail.com and we will promptly take steps to delete it.

7. International users

Parallelogram is developed and operated from South Africa. If you are accessing the website from the European Economic Area, the United Kingdom, California, or any other jurisdiction with data protection laws, please be aware of the following:

EEA / UK (GDPR and UK GDPR): We believe our data processing activities described in this policy are either (a) not subject to GDPR because we do not systematically monitor individuals or offer goods and services to EEA/UK residents on a commercial basis, or (b) permissible under the legitimate interests basis for purely operational server logging that we do not use for profiling or marketing. In any case, the volume and sensitivity of information involved is minimal. If you have specific concerns or requests under GDPR (access, rectification, erasure, portability, objection), please contact us and we will respond in good faith.

California (CCPA/CPRA): We do not sell personal information. We do not share personal information for cross-context behavioral advertising. The information we collect is used solely for operational purposes as described in this policy.

8. Data retention

Because we collect almost nothing, our retention considerations are narrow:

• Vercel server logs are retained according to Vercel's default retention policy, which we do not control.
• Email correspondence is retained in our email inbox for as long as we deem it necessary to address the matter, after which it may be deleted.
• The cookie consent value is stored in your browser for up to 365 days and is never transmitted to us; you can delete it by clearing your browser cookies at any time.

9. Security

The website is served over HTTPS, which means the data in transit between your browser and Vercel's edge network is encrypted. The site is a static HTML/CSS/JS bundle with no server-side processing, no database, and no user-facing backend — there is no application layer to exploit or breach in the conventional sense.

For the CLI: because it collects no data and transmits nothing, there is no data store to secure on our end. The security surface is entirely local to your machine.

10. Changes to this policy

We will update this policy if our practices change. The effective date at the top of this page will be updated whenever the policy changes. If a future version of Parallelogram introduces a backend service, a paid tier, or any other feature that would cause data to leave your machine and reach our infrastructure, that change will be prominently disclosed — not buried in a policy update — before the feature is shipped. We will not retroactively apply a more permissive data policy to any past interactions.

You can track the history of changes to this page in the Parallelogram GitHub repository, where the source for this site is maintained.

11. Contact

Questions, concerns, or requests relating to this privacy policy should be directed to:

Thatayotlhe Tsenang
Email: tsenangthatayotlhe04@gmail.com
Jurisdiction: South Africa

We aim to respond to all privacy inquiries within 14 calendar days.

← Back to parallelogram.dev