Pace
Legal

Privacy

Plain-English. The short version: Pace is software you install in your own AI harness; nothing about your work flows through pace.tools. The longer version is below.

The website (pace.tools)

pace.tools is a static site hosted on Cloudflare Pages. It serves marketing pages, documentation, and the marketplace catalog (/.claude-plugin/marketplace.json). The site does not set tracking cookies, run analytics, or fingerprint visitors.

Cloudflare may collect standard web-request logs (IP, user agent, request path) for security and operational purposes. See Cloudflare's privacy policy for what they retain and for how long.

The CLI (pace-tools)

The npx pace-tools CLI runs entirely on your machine. It wraps claude plugin commands; the actual plugin install happens between your machine and GitHub. No identifying information is sent back to pace.tools or any Pace-controlled server.

Network traffic from the CLI:

  • pace.tools/api/commands, read-only HTTPS GET for the plugin catalog. No request body, no cookies.
  • github.com, when claude plugin marketplace add GoldenBerry-SO/Pace clones the marketplace repo.
  • registry.npmjs.org, if npx downloads the package fresh.

Plugins, skills, and MCP connectors

This is where most concerned privacy questions land. Pace plugins are normal Claude Code plugins; their data flow looks like this:

  1. You install a plugin (locally or via Cowork). The plugin files live on your machine inside Claude Code or Cowork's plugin directory.
  2. The plugin declares MCP connectors in its .mcp.json (Slack, HubSpot, Snowflake, etc.).
  3. The first time a skill needs a connector, your AI harness (Claude Code / Cowork) opens an OAuth flow with the vendor (Slack, HubSpot, etc.). You sign in on the vendor's site; the vendor issues a token; your harness stores the token locally.
  4. When a skill runs, MCP calls go directly from your harness to the vendor's MCP server. Pace's servers are not in this path. See how connectors work for the full picture.

Anthropic Routines (cloud-scheduled jobs) run on Anthropic-managed infrastructure. When a Routine fires, it executes as a Claude Code session on Anthropic's cloud; MCP calls in that session route through Anthropic's network to the vendor's MCP server. Anthropic's privacy policy applies. See anthropic.com/legal/privacy and Routines documentation.

Cookbook example links

The Cookbook page links to claude.ai/desktop/customize/plugins/new?... deep links. Clicking these opens Cowork (the Claude desktop app). What Cowork does with that data is governed by Anthropic's privacy policy.

Forking + self-hosting

Pace is Apache-2.0. You can fork the repo, host the marketplace.json yourself, and run the entire surface inside your own infrastructure. In that case nothing touches goldenberry.so or pace.tools.

Questions, requests, deletions

Pace does not maintain user records, so there is nothing to request deletion of. For everything else : clarifications, security disclosures, GDPR queries about the static site logs Cloudflare holds : email hello@goldenberry.so or open an issue at github.com/GoldenBerry-SO/Pace.

See also: Security for our security posture and disclosure process.