Legal

Data Processing & Usage

OrgVitals by CloudAlgo  ·  CloudAlgo Private Limited  ·  Last updated: July 1, 2026

1. How data flows

OrgVitals runs as a desktop application on your machine. When you run a scan, it uses your existing Salesforce CLI (sf) authentication to pull a read-only metadata snapshot from your org and stores it, along with all findings and scan history, in a local SQLite database on your device. This processing happens locally. CloudAlgo does not receive your metadata, Apex source, findings, or org identity.

Your findings, scores, and full scan history are stored only in this local database — none of it is uploaded to CloudAlgo, and there is no cross-device scan history.

Separately, a small amount of account and telemetry data is sent to CloudAlgo through Google Firebase. The "Ask Vita" assistant is opt-in and off by default: it is the only feature that sends org metadata off your device, and it does nothing until you add your own Anthropic API key and explicitly acknowledge (via a checkbox, recorded by the ov.consent.vita flag) that your question and the org metadata Vita reads will be sent to Anthropic's Claude API. When enabled and used, that data goes directly from your device to Anthropic under your own API key, never to CloudAlgo. If you never enable Vita, nothing is ever sent to Anthropic.

2. Stays on your device vs. leaves your device

OrgVitals does not upload your scan results, scores, findings, scan summaries, scan history, or your Salesforce org metadata or identity to CloudAlgo, and there is no cross-device history.

3. Sub-processors

We use the following sub-processors to provide OrgVitals. Because these providers operate globally, the data they handle may be processed outside India.

4. International transfers

Data that leaves your device may be transferred to and processed in countries outside India, including the United States, where these sub-processors operate. We rely on the sub-processors' own safeguards and contractual commitments for such transfers, consistent with applicable law.

5. Your controls and rights

You can turn crash diagnostics off and product analytics on or off at any time in the in-app "Privacy & Data" dialog, and you can remove your local data by deleting it or uninstalling the app. For your rights of access, correction, erasure, and consent withdrawal, and for how we handle the data we control, see the Privacy Policy or contact contact@cloudalgo.com.