SSHPeaches Privacy Policy
Effective date: March 5, 2026
This Privacy Policy explains how SSHPeaches ("we", "us", "our") handles information when you use the SSHPeaches Android app.
1. Scope
This policy applies to the SSHPeaches Android app distributed by Major Daft Apps.
2. Information We Process
A. Information you enter and store in the app (stored locally on your device)
- Host profiles (for example: host name, IP or domain, port, username, notes, transport preferences, and command preferences)
- Port forward configurations
- Snippets/commands
- Terminal and app settings
- Identity metadata (for example: label, fingerprint)
B. Sensitive secrets stored locally
- Host passwords and imported private keys are stored locally using Android EncryptedSharedPreferences when available.
- Local trust data for SSH host verification (known_hosts) is stored on-device in app-private storage.
C. Data processed during SSH use
- SSH, SFTP, SCP, and optional Mosh session traffic is sent between your device and the servers you connect to.
- This session traffic is required for app functionality.
3. Telemetry, Analytics, and Crash Reporting
In release builds, SSHPeaches can integrate with Firebase Crashlytics and Firebase Analytics.
Default behavior:
- Crash reports: OFF by default
- Usage analytics: OFF by default
- Advanced usage reports: OFF by default
You can enable or disable these in app Settings at any time.
If enabled, telemetry may include app action events and crash diagnostics. We do not use telemetry for advertising profiles in the app.
Debug builds do not send telemetry.
4. Permissions and Why They Are Used
- INTERNET: Required to connect to SSH/SFTP/SCP/Mosh endpoints.
- FOREGROUND SERVICE and related foreground service permissions: Required to keep active sessions running in the background.
- POST_NOTIFICATIONS: Used to show session status and controls while sessions are active.
- CAMERA: Used only when you choose to scan QR codes for import.
5. QR Export/Import and Data Sharing
SSHPeaches includes QR-based export/import features.
- Exported QR payloads are generated on-device.
- Depending on your export choices, payloads may include hosts, identities, and settings.
- Password and key payloads can be protected with user-provided passphrases where supported by the export flow.
- Sharing QR data is initiated by you.
6. Data Retention
Your local app data remains on your device until you edit, delete, clear app data, or uninstall the app.
If telemetry is enabled, telemetry retention is subject to the policies and retention controls of the configured Firebase services.
7. Data Security
We use platform security features (including encrypted storage for supported secrets) and app-private storage to reduce unauthorized access risk. No method of electronic storage or transmission is perfectly secure.
8. Third-Party Services
If telemetry is enabled, SSHPeaches may use:
- Google Firebase Crashlytics
- Google Firebase Analytics
Your use of these services is also subject to Google's applicable privacy terms.
9. Children's Privacy
SSHPeaches is not directed to children under 13, and we do not knowingly collect personal information from children under 13.
10. International Use
If you use SSHPeaches outside your home country, your information may be processed in countries where your selected third-party services operate.
11. Your Choices
You can:
- Edit or delete saved hosts, identities, forwards, snippets, and settings in the app.
- Clear stored host keys and saved credentials.
- Disable telemetry toggles in Settings.
- Remove app data by clearing app storage or uninstalling the app.
12. Changes to This Policy
We may update this policy from time to time. Updated versions will be posted at:
https://majordaftapps.com/privacy
13. Contact
For support or privacy questions, visit:
