Contents
Your privacy is important to us. This Privacy Policy explains how James Betchley ("Developer", "we", "us", or "our") collects, uses, and protects information when you use meshTerm (the "Application"). We have designed meshTerm with privacy as a core principle — the Application is built to handle sensitive SSH credentials and terminal sessions, and we take that responsibility seriously.
1 Information We Do Not Collect
meshTerm is designed so that the following sensitive information never leaves your device and is never transmitted to the Developer or any third party:
- Terminal session content — everything you type and everything displayed in the terminal
- SSH private keys and passwords — stored exclusively in the iOS Keychain on your device
- SSH host details and connection logs
- Command history
- Snippet vault contents
- Tailscale authentication credentials
- Contents of any file accessed through the Application
We do not use advertising identifiers (IDFA) or any equivalent tracking technologies. meshTerm does not contain advertising SDKs or analytics SDKs that transmit personal data to third parties.
2 Information We Do Collect
2.1 Crash Reports
If the Application crashes, anonymised crash data may be collected through Apple's standard crash reporting infrastructure (if you have opted in to sharing diagnostic data with app developers in your iOS Settings). This data includes:
- Stack traces showing which code was executing at the time of the crash
- Device model and iOS version
- Application version
- Date and time of the crash
Crash reports explicitly exclude terminal content, SSH credentials, command history, and any other user data. We configure our crash reporting to prevent any such data from appearing in crash logs.
2.2 Subscription Information
When you purchase a meshTerm Pro subscription, Apple processes your payment and provides the Application with a transaction receipt. We receive:
- Confirmation that a valid subscription exists
- The subscription product identifier (monthly or annual)
- Subscription expiry date
We do not receive your payment card details, billing address, or Apple ID. All payment processing is handled entirely by Apple Inc.
2.3 iCloud Sync Data
If you use iCloud sync for your snippet vault, host configurations, and settings, this data is stored in your personal iCloud account using Apple's CloudKit framework. This data is:
- Stored in your iCloud account, not on Developer-operated servers
- Encrypted in transit and at rest by Apple
- Subject to Apple's iCloud privacy policy
- Accessible only to you and to the Application running on your devices
We do not have access to the contents of your iCloud data.
3 How Information Is Stored on Your Device
3.1 SSH Credentials
SSH private keys and passwords are stored in the iOS Keychain with the following protections:
- Private keys: kSecAttrAccessibleWhenUnlockedThisDeviceOnly — requires device to be unlocked, never backed up to iCloud or transferred to other devices
- Passwords: kSecAttrAccessibleWhenUnlocked — protected by your device passcode
- Biometric authentication (Face ID / Touch ID) is required each time a private key is used
3.2 Application Data
All application data stored on your device (host configurations, snippets, themes, known SSH host keys) is protected by iOS Data Protection with NSFileProtectionComplete, meaning data is encrypted when the device is locked.
3.3 SSH Host Keys
SSH host key fingerprints are stored locally on your device only and are not synchronised to iCloud. This is intentional — known host key trust is device-specific for security reasons.
4 Tailscale
The Application integrates with Tailscale networking. When you use Tailscale features:
- You authenticate directly with Tailscale using your Tailscale account — your Tailscale credentials are never seen by the Developer
- The Application creates an independent Tailscale node associated with your Tailnet
- Network traffic flows directly between your device and your Tailscale nodes, or via Tailscale DERP relay servers — it does not pass through Developer-operated infrastructure
- Tailscale's own privacy policy governs data processed by Tailscale infrastructure
5 Third-Party Services
The Application uses the following third-party open source components. These run entirely on your device and do not transmit data to third-party servers:
- Tailscale iOS SDK — BSD-3-Clause licence — tailscale.com
- SwiftNIO SSH — Apache 2.0 licence — Apple Inc.
- SwiftTerm — MIT licence — Miguel de Icaza
The Application does not integrate any advertising networks, social media SDKs, or data broker services.
6 Apple App Store and Apple Services
The Application is distributed through the Apple App Store. Apple may collect certain information in connection with your download and use of the Application, including your Apple ID and device identifiers, subject to Apple's own Privacy Policy available at apple.com/legal/privacy.
In-app subscription purchases are processed by Apple. Apple's privacy policy governs the data collected in connection with those transactions.
7 Children's Privacy
meshTerm is not directed at children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. The Application is intended for use by developers, system administrators, and technical users who manage remote Linux infrastructure.
8 Your Rights
Under the UK General Data Protection Regulation (UK GDPR) and applicable data protection legislation, you have the following rights:
- Right of access — to request information about personal data we hold about you
- Right to rectification — to correct inaccurate personal data
- Right to erasure — to request deletion of personal data we hold
- Right to restriction — to restrict processing of your personal data
- Right to data portability — to receive your personal data in a portable format
- Right to object — to object to processing of your personal data
Given the privacy-by-design nature of meshTerm, we hold minimal personal data about you. Most data is stored exclusively on your device and in your iCloud account, both of which you control directly. To exercise any of these rights or for any privacy-related enquiry, please contact us at the address below.
9 Data Retention
We retain crash report data (if collected through Apple's crash reporting) for a period of up to 12 months, after which it is deleted. This data is anonymised and cannot be linked back to you individually.
Subscription transaction data is retained for the period required by applicable tax and financial regulations, typically 7 years in the United Kingdom.
All other data (SSH credentials, snippets, host configurations) is stored exclusively on your device and in your iCloud account. Deleting the Application removes all locally stored data. You can manage iCloud data through your device Settings → Apple ID → iCloud → Manage Storage.
10 Security
We implement appropriate technical and organisational measures to protect the limited data we handle. The Application itself employs multiple layers of security including iOS Keychain storage, Data Protection, biometric authentication, and SSHv2 with modern cipher suites.
However, no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
11 Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the effective date at the top of this document and, where appropriate, providing notice within the Application. We encourage you to review this Privacy Policy periodically.
Your continued use of the Application after any changes to this Privacy Policy constitutes your acceptance of the updated policy.
12 Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
We will respond to all privacy enquiries within 30 days.