Back to Home

Terms & Conditions

Last updated: April 2026

1. About Laya

Laya is an open-source, local-first desktop application that intercepts events from professional tools (such as Jira, Slack, Gmail, Outlook, GitHub, Bitbucket, GitLab, Google Calendar, Linear, Notion, and others you may connect), classifies them using large language models (LLMs), stages suggested actions, and presents them as Action Cards for your review and approval.

Laya runs entirely on your machine. There are no Laya-operated servers, no Laya accounts to create, and no telemetry or analytics data is transmitted to Laya's developers or any third party by the application itself. Laya's developers do not operate any email, messaging, code-hosting, calendar, or other platform accounts on your behalf — every ingestion connection and every outbound action uses credentials you personally provide and operates under your own identity on each platform.

2. Data Processing & Third-Party LLMs

This is the most important section to understand. To classify events, generate action suggestions, power chat, and compute semantic embeddings, Laya sends portions of your professional data to the LLM and embedding providers you configure. The specific data transmitted on any given request depends on the event type, the persona processing it, and the prompts Laya uses, but may include:

The list above is illustrative and not exhaustive. You should assume that any content ingested from a connected platform is eligible to be transmitted to your configured LLM provider.

Laya is Local-First. Laya fully supports self-hosted LLM providers including Ollama, LM Studio, and any OpenAI-compatible endpoint. When using self-hosted models, your data does not leave your machine or local network via Laya. This is the recommended configuration.

Laya also supports cloud-hosted LLM providers such as Anthropic (Claude), OpenAI (GPT), Google (Gemini), OpenRouter, and any other OpenAI-compatible provider you configure. If you configure a cloud provider, the data described above will be transmitted to that provider's servers and will be subject to that provider's privacy policy, data-processing agreement, and terms of service.

Different LLM providers handle your data differently. Some retain inputs for abuse monitoring, some offer zero-retention or enterprise endpoints, and some may use your inputs to train or improve their models. Before configuring a cloud-hosted provider, you are responsible for reviewing that provider's current terms and selecting a plan, tier, or endpoint appropriate for the sensitivity of your data.

3. Platform Integrations & Outbound Actions

Laya connects to third-party platforms to ingest events and, with your approval, execute actions on your behalf. All outbound actions are executed exclusively through the connections you personally authorize (via OAuth or API keys you provide) and are attributed to your own account on the destination platform. Example actions include:

You are solely responsible for the content, timing, recipients, and consequences of every outbound action executed through your connected accounts, regardless of whether that action was originally suggested by an LLM, triggered by a workflow, or produced by a coding agent.

4. Manual Approval & Automatic Execution

No action is executed without your explicit approval unless you have opted into automatic execution for a specific action type, workflow, or rule. LLM-suggested actions may contain errors, hallucinations, factual inaccuracies, incorrect recipients, or otherwise inappropriate content; you are solely responsible for reviewing every staged action before approval.

If you enable automatic execution, Laya will carry out those actions on your behalf without per-action confirmation. Automatic execution amplifies the consequences of any LLM error, misclassification, or prompt-injection attempt originating in ingested content. You accept full responsibility for all actions performed under automatic execution rules you configure.

5. Credential & API Key Handling

Laya stores your API keys and OAuth tokens in your operating system's secure credential store (macOS Keychain, Windows Credential Manager, or Linux Secret Service). Credentials are never stored in plain text on disk by Laya.

API keys are transmitted only to their respective service providers. OAuth tokens are used to authenticate with the platforms you have connected. You can revoke any connection at any time from Settings, and you are responsible for revoking credentials on the originating platform as well if you wish to fully terminate Laya's access.

6. Local Data Storage & Environment Security

All Laya data is stored locally on your machine in the ~/.laya/ directory:

You own your data. You may delete the ~/.laya/ directory at any time to remove all Laya data from your system.

Because Laya stores sensitive event content, credentials, and n8n workflow data on disk, the security of that data ultimately depends on the security of your machine. You are responsible for maintaining full-disk encryption, operating-system updates, user-account access controls, endpoint protection, and physical security for any device on which you run Laya.

7. Automation Engine (n8n)

Laya bundles n8n, an open-source workflow automation tool, which runs as a local process on your machine (port 45678). n8n handles event ingestion from connected platforms and executes approved outbound actions. n8n's data and encrypted credentials are stored locally in ~/.laya/n8n/.

You may create, modify, import, or disable n8n workflows beyond those bundled with Laya. Any custom workflows you configure are your own responsibility. n8n is distributed under its own licenses and is not a product of Laya.

8. Coding Agents

Laya can optionally integrate with coding agents (such as Claude Code, Gemini CLI, or OpenAI Codex CLI) to execute development tasks on your behalf. When enabled, these agents operate in your local development environment and may:

Coding agents carry significant risk. A misinterpreted instruction, erroneous LLM output, or prompt-injection attempt can result in deleted or corrupted files, credential exposure, unintended git history rewrites, or unwanted changes to your environment. You are solely responsible for reviewing agent-proposed changes, sandboxing agent environments appropriately, and maintaining backups.

9. Telemetry & Analytics

Laya itself does not collect, transmit, or share any usage analytics, telemetry, crash reports, or diagnostic data with Laya's developers or any third party.

Laya bundles several open-source third-party components that may emit anonymous telemetry to their respective maintainers by default. Laya makes a best-effort attempt to disable telemetry in every bundled third-party component that offers an opt-out. However, this cannot be guaranteed. If you require an absolute guarantee that no network traffic leaves your machine beyond what you explicitly authorize, we recommend running Laya with an outbound firewall.

10. Cost & Billing

Laya itself is free and open-source. However, using cloud-hosted LLM, embedding, or platform providers incurs costs billed directly by those providers to your account. Laya provides cost estimation and budget controls in Settings, but these are approximations and do not constitute billing guarantees.

11. Compliance With Third-Party Platforms

You are responsible for complying with the terms of service, acceptable-use policies, data-processing agreements, and API rate limits of every platform you connect to Laya. Laya does not monitor or enforce these policies on your behalf.

You are also responsible for ensuring that your use of Laya with a given platform is permitted by your employer, organization, or any applicable data-sharing, confidentiality, or regulatory agreement covering the content on that platform.

12. Your Responsibilities

13. Disclaimer of Warranties

LAYA IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, ACCURACY, AND UNINTERRUPTED OPERATION.

LLM-generated suggestions, classifications, summaries, and staged actions may be inaccurate, incomplete, biased, or inappropriate. You are solely responsible for reviewing all suggestions before approval.

14. Limitation of Liability

IN NO EVENT SHALL THE AUTHORS, COPYRIGHT HOLDERS, CONTRIBUTORS, OR MAINTAINERS OF LAYA BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, LOSS OF USE, DATA, OR PROFITS, BUSINESS INTERRUPTION, REPUTATIONAL HARM, OR REGULATORY PENALTIES) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

15. Indemnification

To the fullest extent permitted by applicable law, you agree to indemnify, defend, and hold harmless Laya's authors, copyright holders, contributors, and maintainers from and against any claim, demand, loss, liability, damage, fine, penalty, or expense arising out of or related to your use of Laya or your violation of these terms.

16. Age, Authority & Acceptance

By installing, configuring, or using Laya, you represent that you are at least the age of majority in your jurisdiction and that you have the legal capacity to accept these terms. If you are using Laya on behalf of an employer or organization, you further represent that you have the authority to bind that organization to these terms.

If you do not agree with any part of these terms, you must not install or use Laya.

17. Software Updates & Changes to These Terms

Laya may be updated from time to time. Updates may modify data formats, adjust pipeline or prompt behavior, add or remove supported platforms, and revise these terms. Continued use of Laya after an update constitutes acceptance of the then-current terms.

18. Severability & Entire Agreement

If any provision of these terms is found to be invalid or unenforceable, the remaining provisions will continue in full force and effect. These terms, together with the Apache License 2.0 under which Laya is distributed, constitute the entire agreement between you and Laya's contributors regarding your use of the software.

19. Open Source

Laya is open-source software licensed under the Apache License 2.0. You may inspect, modify, and redistribute the source code subject to the license terms. The full license text is available in the LICENSE file in the GitHub repository.