Desktop Privacy Policy

Effective 3 June 2026. Applies to the Comfy Desktop application.

This Privacy Policy describes the personal data we process when you use Comfy Desktop, the purposes and lawful bases for that processing, the recipients of the data, and the rights available to you. The same policy is shown in the application on first run and is available at any time from Settings → About → Privacy Policy.

Controller

Comfy Organization Inc ("Comfy Org", "we", "us") is the data controller for personal data processed in connection with your use of Comfy Desktop. We are established in San Francisco, USA. For privacy enquiries: support@comfy.org.

Personal data we process

If you have enabled telemetry, either on the first-run consent screen or at Settings → Telemetry, we process the following categories of data:

  • Device identifier. A pseudonymous identifier generated locally on first run. Before you sign in to Comfy Cloud it is not linked to your name, email address, or hardware. When you sign in, it is associated with your Comfy account.
  • Technical metadata. Application version, operating system, and processor architecture.
  • Product usage events. Feature interactions, navigation between views, installation and update milestones, and approximate timing.
  • Custom node identifiers. Public package names of custom nodes you install through Manager (for example, "comfyui-impact-pack"). The local installation path is not transmitted.
  • Crash and error diagnostics. Stack traces, error messages, and short stdout/stderr fragments captured at the moment of failure.

Before crash or error diagnostic data is transmitted, we apply automated redaction to home-directory paths and to well-known credential patterns (Bearer tokens, OpenAI sk-* and Hugging Face hf_* keys, basic-auth URLs, and KEY= / SECRET= environment assignments).

We do not process:

  • Workflow content (the graph, the nodes you connect, their parameters)
  • Prompts you write
  • Generated images, video, or audio
  • Model weights, or the local filenames under which you save them
  • Network activity outside the application

Your workflow files, your models, the outputs you generate, the list of installations you create, and your local settings remain on your device. They are not transmitted to Comfy Org, and they are not accessible to us.

Purposes and lawful bases

We process personal data on the following lawful bases under GDPR and UK GDPR:

  • Product usage analytics: consent under Article 6(1)(a).
  • Crash and error diagnostics: consent under Article 6(1)(a).
  • Delivery of software updates and integrity verification: legitimate interests under Article 6(1)(f).
  • Authentication when you sign in to Comfy Cloud: performance of a contract under Article 6(1)(b).

Consent for analytics and crash diagnostics is opt-in, and you may withdraw it at any time at Settings → Telemetry. Withdrawal does not affect the lawfulness of processing carried out before withdrawal. To object to processing on the basis of legitimate interests, contact support@comfy.org.

We do not carry out automated decision-making, including profiling, that produces legal or similarly significant effects. We do not sell personal data, and we do not share personal data for cross-context behavioural advertising.

Recipients

We engage the following processors under Data Processing Agreements:

  • PostHog (product usage analytics)
  • Datadog (crash and error diagnostics)
  • ToDesktop (application distribution and software updates)
  • Comfy Org analytics warehouse (long-term aggregate analytics, operated by Comfy Org)

International transfers

Comfy Organization Inc is established in the United States. Personal data of users in the EU, UK, EEA, or other jurisdictions outside the United States may be transferred to the United States and to other locations where our processors operate. Where required, we rely on the European Commission Standard Contractual Clauses (and the UK International Data Transfer Addendum where applicable) as the transfer mechanism under Chapter V GDPR.

Retention

  • Product usage analytics: up to 24 months from the event, then aggregated or deleted.
  • Crash and error diagnostics: 15 days at full fidelity, then sampled or aggregated.
  • Aggregate analytics: up to 36 months in aggregated form.
  • Update-server logs: 90 days.
  • Local device identifier: stored on your device only, and removed when you uninstall the application.

Your rights

If you are in the EU, UK, or EEA, you have the following rights under GDPR and UK GDPR: access, rectification, erasure, restriction of processing, objection, portability, and withdrawal of consent.

If you are a California resident, you have rights under CCPA and CPRA: to know what we collect, to delete, to correct, and to limit use of sensitive personal information. We do not sell personal information, and we do not share it for cross-context behavioural advertising.

You also have the right to lodge a complaint with your supervisory authority, such as the UK Information Commissioner's Office, your EU member-state data protection authority, or the California Privacy Protection Agency.

To exercise any of these rights, contact support@comfy.org. If you have signed in to Comfy Cloud, your account verifies your identity. If you have not signed in, please tell us your approximate install date, platform, and application version, and we will attempt to match these against our records. We aim to respond within 30 days.

Children

Comfy Desktop is not intended for, and we do not knowingly collect personal data from, individuals under 13 years of age.

Changes

We will revise this Privacy Policy when our processing changes materially. The Effective date at the top of this policy reflects the date of the most recent revision.

Contact

For any privacy enquiry, contact support@comfy.org.