docs(privacy): align Zoo Code observability retention with website policy

[JamesRobert20]

Summary

• Updates extension PRIVACY.md: 90-day metadata retention (matches zoocode.dev legal policy), plan-gated dashboard visibility (7 days Free / 90 days Pro+)
• Updates zoo-telemetry.ts doc comment to match

Independent of Zoo Gateway provider code (split from #229 per review).

Test plan

• Policy text review against https://www.zoocode.dev/legal/privacy

Made with Cursor

Summary by CodeRabbit

• Documentation

  • Privacy policy updated: telemetry described as metadata-only API request logs, retention up to 90 days, payload contents (task ID, provider/model, token counts, estimated cost), account linkage, and dashboard visibility differences between free and Pro+ plans.

• New Features

  • Telemetry collection now applies to all authenticated users (not subscription-restricted). Users can stop collection by signing out via the chat badge or request data deletion per the privacy policy.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 44f8213b-32bd-483f-a917-60e4b709daa1

📥 Commits

Reviewing files that changed from the base of the PR and between f0aa066 and 3251b6e.

📒 Files selected for processing (3)

• PRIVACY.md
• src/services/__tests__/zoo-telemetry.test.ts
• src/services/zoo-telemetry.ts

🚧 Files skipped from review as they are similar to previous changes (2)

• PRIVACY.md
• src/services/zoo-telemetry.ts

---

📝 Walkthrough

Walkthrough

This PR broadens LLM telemetry collection from authenticated subscribers only to all authenticated users. The code removes subscription-status gating from the telemetry sending function, and the privacy policy is updated to document the expanded scope, retention details, and user controls.

Changes

Telemetry Collection for All Authenticated Users

Layer / File(s)	Summary
Remove subscription gating from telemetry src/services/zoo-telemetry.ts, src/services/__tests__/zoo-telemetry.test.ts	Subscription-status imports are removed, sendLlmTelemetry sends telemetry when a Zoo Code token is present (no subscription check). Tests were updated to drop subscription-status mocks and assert the outgoing POST uses the expected Authorization bearer token and correct status handling.
Update privacy policy for broadened telemetry scope PRIVACY.md	Zoo Code Observability section updated to clarify telemetry is collected for all authenticated users, including payload composition (task ID, provider/model, token counts, estimated cost), linkage to account, retention up to 90 days, metadata-only classification, plan-based dashboard visibility windows, and user controls (sign-out via chat badge, data deletion requests).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• Zoo-Code-Org/Zoo-Code#32: Modifies the same sendLlmTelemetry function by removing checkSubscriptionStatus gating to enable telemetry for all authenticated users, with directly overlapping observability logic.

Suggested reviewers

• hannesrudolph
• taltas
• edelauna

Poem

🐰 Hops with keys and a tiny report,
I log the hops in a careful sort,
For every user who signs in today,
Metadata dances and skips away,
A polite rabbit hums: "Telemetry, hooray!"

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description lacks critical required sections from the template: no linked GitHub issue (required), no test procedure details, and the pre-submission checklist is incomplete or missing.	Add the Related GitHub Issue section with issue number, provide detailed test procedure steps, and complete the pre-submission checklist to match the repository template.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: updating PRIVACY.md to align Zoo Code observability retention policy with the website policy, which matches the primary content change in the PR.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/zoo-gateway-telemetry-policy

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

src/services/__tests__/zoo-telemetry.test.ts

ESLint skipped: missing config or dependency (missing-dependency). The ESLint configuration references a package that is not available in the sandbox.

src/services/zoo-telemetry.ts

ESLint skipped: the ESLint configuration for this file references a package that is not available in the sandbox.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[proyectoauraorg]

Review: Privacy/Telemetry Alignment

Verdict: ✅ Approved

Verified

• ✅ zoo-telemetry.test.ts — 5 tests pass (including new 'all authenticated users' test)
• ✅ Subscription check removal is correct — server-side gating at zoocode.dev
• ✅ PRIVACY.md matches the code changes (90-day retention, plan-gated dashboard)
• ✅ Net code reduction (-10 lines) — removes unnecessary complexity

Important

The old code sent telemetry only to users with active subscriptions. This PR removes that client-side gate, so all authenticated users (free and paid) will now send telemetry. This is correct IF the server enforces plan-gated dashboard visibility (7 days Free / 90 days Pro+).

Recommend confirming that zoocode.dev server-side retention and dashboard visibility policies are implemented before merging this PR.

Dependency

Independent of the Zoo Gateway stack. Can merge to main at any time.