Neo Zed keeps its data collection minimal by design.
Website. The public site sets exactly one cookie, neozed_session, after browser sign-in. It is HTTP-only, SameSite=Lax, and contains only an opaque session identifier. User data is stored server-side. The site runs no analytics, trackers, or third-party telemetry.
Editor. The desktop app talks to cloud.neozed.dev only for update checks, authentication handoff, and features you explicitly enable (collaboration, extension installation, managed AI routing).
Hosted AI gateway. If you opt into the optional managed gateway, prompts transit through the fork's cloud service to your selected provider. They are not logged beyond anonymous request metrics. If you configure a provider key directly in the editor, requests go straight to the provider and the fork's cloud never sees them.
This page documents the default deployment. Self-hosted instances may have different data flows.