← Back to SSHoo

Privacy Policy

Effective Date: April 15, 2026

SSHoo is designed with privacy as a core principle. This Privacy Policy explains how SSHoo ("we", "our", or "the app") collects, stores, uses, and safeguards information when you use our Android SSH client application.

Information We Collect

SSHoo collects the minimum information needed to provide SSH, terminal, tunneling, AI chat, and subscription features. Most information is stored locally on your device and is never transmitted to our servers unless explicitly stated below.

  • Connection data: SSH host addresses, ports, usernames, jump hosts, and connection preferences you configure
  • Authentication material: SSH passwords, private keys, and key passphrases you choose to save locally
  • Host fingerprints: SSH server fingerprints for known host verification
  • Session data: Terminal tabs, optional terminal session recordings, saved commands, aliases, and autocomplete data
  • Tunnel configurations: Port forwarding settings and related connection metadata
  • App preferences: Theme, font, SSH defaults, AI agent selection, analytics preference, and behavior settings
  • Optional Tailscale data: Your Tailscale API key if you enable Tailscale device discovery
  • Subscription data: Google Play purchase tokens and anonymous premium subscription status used only for receipt validation
  • Optional analytics: Basic usage, crash, and performance data only when you opt in from app settings

We do not collect terminal output, file contents transferred through SFTP, SSH credentials stored on your device, or data from your remote servers.

Data Storage

All sensitive data is stored locally on your device. SSHoo does not operate a cloud sync service for your hosts, credentials, terminal sessions, or files.

  • Credentials: SSH passwords, private keys, key passphrases, and Tailscale API keys are encrypted locally using Android EncryptedSharedPreferences with AES-256-GCM, backed by Android Keystore and hardware security module (HSM) where available
  • Local app data: Hosts, known hosts, tunnels, commands, aliases, sessions, recordings, and preferences are stored in local app storage; sensitive preferences use encrypted DataStore
  • Private keys: Private keys remain on your device and are never transmitted to our servers
  • Session recordings: Optional terminal recordings are stored in local encrypted storage and can be deleted at any time
  • Backups: Stored credentials are excluded from Android cloud backups and device transfers to reduce exposure
  • External transmission: Data is sent outside the device only for optional analytics, subscription validation, direct Tailscale API use, Google Play Billing, or AI services you choose to use

You can delete stored credentials and local records from within SSHoo, by clearing app data in Android settings, or by uninstalling the app.

Third-Party Services

SSHoo integrates with the following third-party services. Use of these services is subject to their respective privacy policies:

Firebase (Opt-in)

When you opt in to analytics in the app settings, we use Firebase services provided by Google:

  • Firebase Analytics: Collects anonymized usage data to help us improve the app
  • Firebase Crashlytics: Collects crash reports to help us identify and fix bugs
  • Firebase Performance: Monitors app performance metrics

You can disable analytics at any time in the app settings. When disabled, no data is sent to Firebase services.

Google Play Billing

For premium subscriptions, we use Google Play Billing. Payment information is handled entirely by Google and we do not have access to your payment card details.

Appwrite

We use Appwrite for server-side receipt validation of premium subscriptions. This process verifies your Google Play purchase token and does not collect or store any personal information beyond anonymous subscription status needed to unlock premium features.

Tailscale (Optional)

If you choose to use Tailscale integration, you provide your own Tailscale API key. This key is encrypted locally and used by the app to query the Tailscale API for your device list. The API key is never transmitted to our servers; it remains on your device and communicates directly with Tailscale's API. You can revoke the API key at any time from your Tailscale admin console.

AI Services

SSHoo can integrate with AI assistants such as Claude or Codex running on your remote servers. Chat messages are transmitted over your SSH connection to the remote host, not through our servers. We do not process or store AI conversations, and the AI provider's terms and privacy policies apply to your interactions with their services.

Data Sharing

We do not sell, trade, or share your personal information with third parties. Your SSH credentials, private keys, terminal sessions, remote server data, and SFTP file contents remain on your device or on the remote hosts you connect to.

Limited data may be sent to third-party services only when needed for the features you use: Firebase analytics when opted in, Google Play and Appwrite for subscription validation, Tailscale for optional device discovery, and AI providers reached through your remote host when you use AI chat features.

Data Security

We implement appropriate security measures to protect your data:

  • SSH credentials and API keys are encrypted at rest using Android encrypted storage, AES-256-GCM, and Android Keystore where available
  • Private keys are encrypted locally and are not accessible to our servers
  • SSH connections use standard SSH encryption protocols
  • Known host fingerprints help verify server identity
  • The app supports biometric authentication for additional local protection
  • No data is synced to cloud services without your explicit action

Your Rights

You have control over the information stored by SSHoo:

  • Delete stored hosts, keys, tunnels, sessions, commands, aliases, and recordings at any time
  • Disable Firebase analytics collection in app settings
  • Clear all SSHoo app data through Android settings
  • Uninstall the app to remove local app storage from your device
  • Revoke optional Tailscale API keys from your Tailscale admin console
  • Manage or cancel premium subscriptions through Google Play
  • Export configuration for backup purposes where the app provides export features

Analytics data collected by Firebase when enabled is subject to Google's data retention policies.

Children's Privacy

SSHoo is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and we will update the Effective Date at the top. Continued use of SSHoo after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this Privacy Policy or our data practices, please contact us by email:

[email protected]