Last updated: April 24, 2026
Everything stays on your computer. CopyPaste does not collect, transmit, or share any of your data. There's no cloud, no accounts, no telemetry, no analytics, no tracking — nothing leaves your machine, ever.
"Everything local" is not a feature — it's the foundation. It's a technical fact you can verify yourself: the entire source code is open and public. Read the code, run a network monitor, check for yourself.
CopyPaste was built with a privacy-first mindset from day one. This isn't an afterthought or a feature — it's a core design principle. Everything stays on your machine.
- 🔒 Local-only by design — Your data never leaves your computer
- 🚫 No telemetry — We don't measure, track, or analyze your usage
- 🚫 No analytics — No Google Analytics, no App Insights, no Sentry, nothing
- 🚫 No accounts — No sign-up, no login, no user profiles
- 🚫 No cloud sync — Your clipboard history is yours alone
- 🚫 No automatic reporting — Errors are logged locally only; nothing is sent anywhere without your action
- 🔍 Fully auditable — Every line of code is open source under GPLv3
The data on your computer is yours. I built CopyPaste to respect that boundary completely — not just in policy, but in code.
CopyPaste monitors your system clipboard to maintain a local history. The following data is stored exclusively on your computer:
| Type | What's Stored | Where |
|---|---|---|
| Text | The copied text content | SQLite database |
| Images | Image files (PNG) | Local images folder |
| Files & Folders | File/folder paths (not the files themselves) | SQLite database |
| Links | URL text | SQLite database |
| Audio & Video | File paths only | SQLite database |
| Thumbnails | Small preview images (<id>_thumb.png) generated by the OS shell for images, video and audio entries |
Local images folder |
For each clipboard item, CopyPaste also stores:
- Timestamp — When the item was copied
- Content type — Text, Image, File, Folder, Link, Audio, or Video
- Source application — The name of the app where you copied from (window title)
- User labels — Custom labels you assign to items (optional)
- Color tags — Color categories you assign (optional)
- Pin status — Whether you pinned the item
- Paste count — How many times you have pasted the item
- Media metadata — Duration, dimensions, or codec info for audio and video files (stored as JSON)
- Image thumbnails — Smaller preview versions of copied images
- Broken-since timestamp (
broken_since) — When the referenced file/image stopped being available on disk (set tonullwhile the file exists). Used to keep the entry visible during the configured retention window so reconnecting an external drive restores the preview instead of losing it.
Your settings are stored locally:
- Hotkey preferences
- Theme selection
- Language preference
- Panel width
- Retention period
- Filter behavior
- Startup preferences
- Image quota (MB) (
imagesQuotaMB) — Maximum disk space copied images may use;0means unlimited (default). When the cap is reached, the oldest non-pinned images inside the app's ownimagesfolder are evicted (LRU). Pinned items and any path that does not live under that folder are never touched. - Broken-item retention days (
keepBrokenItemsDays) — Number of days an entry whose referenced file is missing is preserved before being purged (default 30). - Thumbnail generation toggles — Independent on/off switches for image, video and audio thumbnails, plus a maximum image processing size (MB) to skip very large files.
- Onboarding completion flag (
hasCompletedOnboarding) — Remembers that the first-launch walkthrough has already been shown.
When you enable Start with Windows in Settings, CopyPaste registers itself as a startup application using the appropriate mechanism for each distribution channel — and removes the registration when you disable it:
| Distribution | Mechanism | What is written |
|---|---|---|
| Standalone installer (.exe) | Windows registry key | HKCU\Software\Microsoft\Windows\CurrentVersion\Run\CopyPaste |
| Microsoft Store (MSIX) | Windows StartupTask API | System startup catalog (no registry write) |
Neither mechanism requires administrator rights. On uninstall, the standalone installer automatically removes the registry entry. The MSIX version is cleaned up by Windows when the app is uninstalled through the Store or Settings → Apps.
If you never enable "Start with Windows," nothing is written to the registry or the startup catalog.
Application logs are stored locally for troubleshooting:
- Windows:
%LOCALAPPDATA%\CopyPaste\logs\ - macOS:
~/Library/Application Support/com.rgdevment.copypaste/CopyPaste/logs/ - Linux:
~/.local/share/com.rgdevment.copypaste/CopyPaste/logs/ - Content: Application events, errors, and diagnostic information only
- No personal data: Logs do not contain clipboard content — your copied text, images, or file paths are never written to log files
If the app fails to start or crashes during initialization, a single crash.log file is written next to the data folder so the failure is recoverable on the next launch. This file:
- Lives at
<data folder>/crash.logon every platform (e.g.%LOCALAPPDATA%\CopyPaste\crash.logon Windows) - Is capped at 512 KB — older content is overwritten automatically
- Contains: timestamp (UTC), OS name and version, Dart runtime version, the failing operation, and the stack trace
- Has automatic redaction applied at write time: your Windows/macOS/Linux user name, full home folder path, and any email addresses found in stack traces are replaced with
<USER>,<HOME>, and<EMAIL>placeholders before being written to disk - Never contains clipboard content — clipboard data does not flow through error paths
- Is never sent anywhere automatically — same rule as the regular logs
CopyPaste includes a Support section in Settings → About that lets you export a diagnostic log bundle. Here is exactly what this does and doesn't do:
- Collects recent
.logfiles from the local logs folder - Includes the
crash.logfile if one exists - Applies an additional redaction pass before zipping: user name, home folder path and email addresses are replaced with
<USER>,<HOME>and<EMAIL>in every file added to the archive - Adds a
device_info.txtwith your OS version, OS build, system locale, and CopyPaste app version - Packages everything into a single
.zipfile saved to a location you choose on your computer
- Does not send anything anywhere automatically — the zip stays on your disk until you manually share it
- Does not include clipboard content — your copied text, images, or file paths are never in the logs and never in the export
- Does not connect to the internet — the export is a local file operation only
- Does not run in the background — it only happens when you explicitly click "Export Logs"
If you want to attach logs to a GitHub issue:
- Open the exported zip and review it before sharing — you can read the log files in any text editor
- Redact anything you're uncomfortable sharing (though there should be no personal data)
- Attach the zip manually to your bug report
You are in control at every step. Nothing goes anywhere without your explicit action.
All data is stored locally under your user profile:
Windows:
| Data | Location |
|---|---|
| Database | %LOCALAPPDATA%\CopyPaste\clipboard.db |
| Images | %LOCALAPPDATA%\CopyPaste\images\ |
| Configuration | %LOCALAPPDATA%\CopyPaste\config\ |
| Logs | %LOCALAPPDATA%\CopyPaste\logs\ |
| Crash log | %LOCALAPPDATA%\CopyPaste\crash.log |
macOS:
| Data | Location |
|---|---|
| Database | ~/Library/Application Support/com.rgdevment.copypaste/CopyPaste/clipboard.db |
| Images | ~/Library/Application Support/com.rgdevment.copypaste/CopyPaste/images/ |
| Configuration | ~/Library/Application Support/com.rgdevment.copypaste/CopyPaste/config/ |
| Logs | ~/Library/Application Support/com.rgdevment.copypaste/CopyPaste/logs/ |
| Crash log | ~/Library/Application Support/com.rgdevment.copypaste/CopyPaste/crash.log |
Linux:
| Data | Location |
|---|---|
| Database | ~/.local/share/com.rgdevment.copypaste/CopyPaste/clipboard.db |
| Images | ~/.local/share/com.rgdevment.copypaste/CopyPaste/images/ |
| Configuration | ~/.local/share/com.rgdevment.copypaste/CopyPaste/config/ |
| Logs | ~/.local/share/com.rgdevment.copypaste/CopyPaste/logs/ |
| Crash log | ~/.local/share/com.rgdevment.copypaste/CopyPaste/crash.log |
These folders are protected by your operating system's user account permissions. Other users on the same computer cannot access them under normal conditions.
To be absolutely clear:
- ❌ Does not send data to any server — No clipboard content, no metadata, no usage data
- ❌ Does not use cookies or tracking technologies
- ❌ Does not create user accounts or profiles
- ❌ Does not share data with third parties
- ❌ Does not use advertising or ad networks
- ❌ Does not use AI or machine learning on your data
- ❌ Does not sync across devices
- ❌ Does not upload crash reports — Crashes are written to a local
crash.log(with PII redacted at write time); log export is always manual and user-initiated - ❌ Does not phone home — No background network calls except the update checker described below (all platforms)
CopyPaste makes one type of network request for update checking:
| Detail | Value |
|---|---|
| Purpose | Check if a newer version of CopyPaste is available and enforce blocks for versions with known critical issues |
| URL (all platforms) | https://github.com/rgdevment/CopyPaste/releases/latest/download/release-manifest.json (and its .sig signature file) |
| Method | GET (read-only) |
| Data sent | Standard HTTP headers only — no user data |
| Data received | A small signed JSON file listing the latest version, minimum supported version, any blocked versions, and per-channel install info. An accompanying Ed25519 signature is verified locally before the manifest is trusted |
| Frequency | Every 24 hours, plus once at startup |
| Cached locally | Yes — last successfully verified manifest is cached for up to 15 days so the app works offline |
Important notes:
- This request is read-only — it only downloads two small public files; no data is ever uploaded
- No clipboard content, no usage data, no personal information is ever sent
- The manifest is cryptographically signed with an Ed25519 key. If the signature does not verify, the manifest is discarded and no update indicator is shown
- All platforms: If an update is found, a non-invasive indicator appears in the app's footer bar — no popups or dialogs interrupt your workflow. You can click the indicator to see details
- Standalone builds (Windows / macOS / Linux): Clicking the indicator opens the GitHub release page (or shows the Homebrew / apt / dnf upgrade command). Nothing is downloaded or installed automatically
- Microsoft Store version: Clicking the indicator opens a dialog explaining that Microsoft Store delivers updates on its own schedule. The app is never blocked on Store builds, since update delivery is outside our control
- Blocked versions: If the manifest flags the installed version as having a critical issue (for example, a severe security bug or data-corruption fix), standalone builds show a full-screen prompt with direct install/download instructions. This mechanism is disabled on Microsoft Store builds
When you explicitly click certain UI buttons, CopyPaste opens URLs in your default browser:
- "Report issue" button → Opens
https://github.com/rgdevment/CopyPaste/issues - "Download update" indicator → Opens the GitHub release page
These are standard browser navigations initiated by your action — CopyPaste does not make these requests itself.
CopyPaste includes built-in protections for sensitive content:
Clipboard content from recognized password managers is automatically excluded from history. Supported password managers include:
- 1Password
- Bitwarden
- LastPass
- KeePass
- And others that use standard clipboard security flags
- Password managers typically set a clipboard format flag indicating sensitive content
- CopyPaste detects these flags and skips storing the content entirely
- The sensitive data is never written to the database or disk
CopyPaste operates independently from Windows' built-in clipboard history (Win+V). Your CopyPaste settings do not affect Windows clipboard behavior, and vice versa.
- CopyPaste automatically deletes unpinned items older than your configured retention period (default: 30 days)
- Cleanup runs periodically in the background
- Pinned items are preserved regardless of the retention setting
You can delete any clipboard item at any time:
- Select an item and press
Delete - Right-click and choose "Delete"
CopyPaste includes in-app reset options at Settings → About → Reset & Clean Install:
- Soft Reset — Resets all settings to defaults. Your clipboard history is preserved.
- Hard Reset — Deletes everything: history, images, settings, and logs. The app restarts completely clean. This cannot be undone.
These options work on all platforms including the Microsoft Store version.
To completely remove all CopyPaste data when uninstalling:
Windows:
- Uninstall CopyPaste (via Settings → Apps or the standalone uninstaller)
- Delete the data folder:
%LOCALAPPDATA%\CopyPaste\
macOS:
- Move CopyPaste to Trash from Applications
- Delete the data folder:
~/Library/Application Support/com.rgdevment.copypaste/CopyPaste/
Linux:
- Uninstall CopyPaste (via your package manager or remove the binary)
- Delete the data folder:
~/.local/share/com.rgdevment.copypaste/CopyPaste/
After these steps, no CopyPaste data remains on your system.
CopyPaste does not knowingly collect any personal information from anyone, including children under 13. The application does not collect personal information from any user — it has no accounts, no registration, and no data transmission.
CopyPaste is available through the Microsoft Store. The Store version:
- Follows the same privacy principles as the standalone version
- Makes one read-only network request — queries the GitHub Releases API every 24 hours to check if a newer version exists. If found, a non-invasive indicator appears in the footer bar. No download link is shown and nothing is installed automatically — updates are delivered through the Microsoft Store
- Uses MSIX packaging — installs/uninstalls cleanly with Windows standard mechanisms
- Microsoft Store policies apply to distribution, but CopyPaste itself does not share any data with Microsoft beyond what the Store platform requires for installation and updates
For Microsoft's own privacy practices regarding the Store, refer to Microsoft's Privacy Statement.
The best privacy policy is one you can verify. CopyPaste is 100% open source under the GNU General Public License v3.0:
- 📂 Full source code: github.com/rgdevment/CopyPaste
- 🔍 Audit the code yourself — every network request, every database write, every file operation
- 🐛 Report concerns — open an issue or email us
We encourage security researchers and privacy advocates to inspect the code. See our Security Policy for responsible disclosure guidelines.
If we ever change this privacy policy, the changes will be:
- Committed to the public repository with a clear commit message
- Reflected in the "Last updated" date at the top
- Documented in the release notes
Since CopyPaste is open source, any change to privacy behavior would also be visible as a code change in the public repository before it reaches you.
If you have questions or concerns about this privacy policy:
- 📧 Email: github@apirest.cl
- 💬 GitHub Discussions: github.com/rgdevment/CopyPaste/discussions
- 🐛 Issues: github.com/rgdevment/CopyPaste/issues
Everything local. Your clipboard is yours — I built CopyPaste to keep it that way.