NeoShell Privacy Policy

Last updated: 2026-02-18

NeoShell is a local-first SSH workspace app for iPad. This policy describes how data is handled in the current implementation.

1) What NeoShell does not do

• No account sign-in is required.
• No analytics SDK, ad SDK, or tracking SDK is built in.
• No crash-reporting service is integrated.
• NeoShell does not transmit host profiles, terminal content, or files to any NeoShell-operated server in the current version.

2) Data processed and stored on your device

To provide core features, NeoShell stores some data locally:

• Connection and project metadata (for example: host name, port, username, project/base directory, session preferences, and last connected time) in local app storage.
• Sensitive credentials (password, private key path, private key passphrase) in iOS Keychain.
• Imported SSH key files in the app sandbox (Application Support/SSHKeys) when you choose to import a key file.
• Terminal and workspace preferences (such as terminal settings and session persistence) in local storage.
• Feedback draft/inbox entries in local app settings storage (limited history).

3) Network behavior

• NeoShell connects to SSH/SFTP servers that you configure.
• Data you type, paste, upload, or transfer is sent to the remote server you choose over that connection.
• This connection payload is not additionally sent to a separate NeoShell cloud service.

4) Clipboard, Photos, and Files access

NeoShell accesses clipboard/photos/files only when you trigger related actions:

• Paste text or image from clipboard.
• Pick an image from Photos.
• Pick a file from Files.

This content is used only for the terminal paste/upload workflow you initiate.

5) Feedback and rating

• In the current version, feedback content is stored locally and is not transmitted to any external service.
• Optional attached “logs” currently include only lightweight local metadata (for example app version, host count, project count, and platform).
• Rate App uses Apple in-app review (StoreKit) and does not create a NeoShell account.

6) Third-party components

NeoShell uses open-source components (including libssh2 and Ghostty runtime libraries) for SSH and terminal functionality. Related licenses are available in the in-app License page.

7) Data retention and deletion

• You can delete host/project profiles in the app.
• Deleting a host profile also removes its stored credentials from Keychain.
• Removing the app from your device removes app sandbox data.

8) Security note

No software can guarantee absolute security. You are responsible for remote server configuration, SSH key hygiene, and access control on servers you connect to. NeoShell does not monitor or control the security configuration of the remote servers you connect to.

9) Data controller scope

NeoShell does not operate a backend service and does not act as a data controller for remote server data.

10) Privacy contact

For privacy-related inquiries, contact: [email protected]

11) Policy updates

If NeoShell data practices change in future versions, this policy will be updated accordingly.