Download Beta
Guide contents

Overview

Getting started

Concepts

Using the app

Collaboration

Reference

Sync & privacy: what syncs, and what you control

Merget is a synced version control system: like any hosted VCS, your code and its history live on Merget's servers, not only on your machine. Merget also records the prompts and transcripts behind your code, so those sync too. Here's exactly what syncs, who can see it, and the controls you have.

In short: your code, prompts, and transcripts go to Merget's servers as part of normal use. Repos are private by default - other users can't see them - and you choose what syncs and what stays local.

What is transmitted

When you use Merget normally (signed in, repo registered), these leave your machine:

  • Your source code - actual file contents and directory structure, synced to your configured remotes, not just metadata about changes.
  • Prompt text and agent transcripts - the prompts you type, the tools your agent runs, and the diffs they produce. For most agents (Claude Code, Codex, Copilot) Merget doesn't record the agent's written replies; some, such as Cursor, do emit their responses, which are then captured.
  • Diffs of your changes, sent to Merget's processing service while history is committed (see Third-party AI processing below).
  • Token and cost statistics from your agent sessions.
  • Repository and author identity - repo name, namespace, and your account identity on every step you or your agent create.
Under the hood

There are two distinct paths out of your machine:

  1. Sync to remotes - file contents and history objects push to every remote the repo has configured. This is the "version control" path.
  2. AI processing - Merget's historian runs locally and organizes your raw activity into goals, prompts, and steps. To do that it sends your prompt text and diffs to Merget's processing service, which uses third-party AI providers for the organizing. That's a single network call, during committing, before any push.

What stays local

  • The repository's object store and history live in the .merget/ folder inside your repo; you always have a complete local copy.
  • Bookmarks, your working files, and your editor state.
  • App preferences (theme, layout, launcher choice), per machine.
  • Files matched by your ignore rules are never stored or synced; see Excluding files. (Ignore rules apply to files; they don't redact things you or your agent typed during a session.)

What you control

You're not locked into syncing everything. Sign-in is required before anything commits, and committing runs through Merget's processing service, so there's no fully offline mode today. Within that, you decide a lot:

  • Don't configure a remote. A repo with no remotes doesn't push your code or history anywhere.
  • Keep repos private (the default). Visibility controls which users can see a repo; it isn't an opt-out of syncing.
  • Auto-track consent. Merget asks before it starts auto-tracking your coding sessions; decline it, or turn it off later in Settings.
  • Data-use opt-out (per repo, in repo settings). Tells Merget not to reuse that repo's committed data for its own purposes; see the callout below for what it does and doesn't cover.
  • Pause or remove committing entirely; see Disabling and uninstalling.
Under the hood: what the data-use opt-out covers

It controls how Merget itself reuses your data, not what the third-party AI providers receive. With it on, your repo's committed steps are routed into a restricted internal collection, segregated from Merget's own reuse and analytics. It doesn't change what's sent to the third-party providers that power history processing, and it doesn't attach a "do not train" instruction to those provider calls, so it isn't a provider-level guarantee.

In transit

Traffic between the app and Merget's servers uses HTTPS, with certificate validation against your operating system's trust store.

At rest

Data stored on Merget's servers isn't end-to-end encrypted. Treat it the way you'd treat code on any hosted service: protected by access controls, and readable by the service itself.

Who can read it

  • Private repos (the default): you, the collaborators you add, and members of the owning organization according to their roles.
  • Public repos: anyone, including through the Explore page. Going public publishes your prompts and transcripts along with your code.
  • Merget operators, in the course of running the service.

Retention & deletion

Deleting your account hard-deletes your personal repositories and their data, including for collaborators on those repos. Organizations you solely own are deleted with their repos; repos you merely collaborate on are untouched. A minimal account tombstone (with personal information scrubbed) is kept so your username isn't silently recycled.

Merget doesn't currently publish a fixed retention period for committed data, so treat it as persisting until you delete it.

Third-party AI processing

The features that make Merget useful - organizing raw coding activity into goals and prompts, and answering questions in chat - are powered by third-party AI providers (models routed through services such as OpenRouter, including OpenAI and Google models). Your prompt text and diffs are part of what those providers process.

Merget doesn't currently attach zero-data-retention or "do not train" terms to these provider calls, so we don't promise your data is never used for training.

Secrets accidentally captured

If you paste an API key into your agent's chat, or your agent reads a .env file aloud, that content can end up in a committed transcript. There's no automatic secret redaction in the committing pipeline.

  • Use ignore rules to keep secret files out of committed history - though they don't scrub transcripts.
  • If a secret has been captured and synced, rotate it. That's the only reliable remedy, on Merget or any other service.

Next: How Merget works | Related: Excluding files | Disabling and uninstalling | Settings