Built so we couldn't spy even if we wanted to.
Dwell's whole reason to exist is verified attention without surveillance. These are the commitments that make that real, not a slogan.
We never read prompts, code, or files
The client only ever sees turn boundaries — that a turn started and that it ended. It ignores everything inside. There is no path in our design for your code to reach us.
Targeting is yours to set
The only inputs to which ad you see are the interest tags you choose on the website. Nothing is inferred from what you're building.
Managed sign-in, never our own passwords
Authentication is Google sign-in via a trusted provider. We don't store passwords and don't build our own credential system. Your existing Google security protects your account.
Minimal telemetry, hashed identifiers
We report only what's needed to count an impression: a signed token, how long the line was visible, and coarse signals. IP addresses are hashed with a salt and never stored in the raw.
Honest about verification
Verified means a real, present, human-initiated wait — not a guarantee that someone is staring at the pixels. On the terminal we can prove an interactive session but not screen focus; our VS Code surface goes further. We price each tier for exactly what it can prove.
Fairness is enforced, not assumed
Impressions are signed and single-use, identity is verified at payout, and farming patterns are detected and reversed. The goal is to make fabricating attention more expensive than it's worth.
Have a security concern? Reach us at security@dwell.app. We welcome responsible disclosure.