Privacy Policy

Introduction

Luca De Blasio ("we", "our", or "DeepTerm") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the DeepTerm macOS application and the DeepTerm web services at deepterm.net (collectively, the "Service").

Information We Collect

Account Information

When you create an account, we collect your email address and a display name. If you sign up via GitHub or Apple OAuth, we receive your email address and public profile name from the identity provider. We do not store your OAuth passwords.

Zero-Knowledge Vault Data

DeepTerm uses a zero-knowledge encryption architecture. Your vault data (SSH credentials, keys, identities, snippets, port forwarding rules) is encrypted on your device before being transmitted to our servers. We store only the encrypted ciphertext. We do not have access to your master password, encryption keys, or the plaintext contents of your vault. We cannot decrypt your data, even if compelled by law.

Subscription and Payment Data

Payments are processed by Stripe (web) and Apple (App Store). We receive confirmation of your subscription status, plan tier, and transaction identifiers. We do not store credit card numbers or payment credentials.

Collaboration Data

When you use team collaboration features (shared terminal sessions, chat, voice calls), messages and session metadata are transmitted through our servers. Chat messages are stored to provide message history. Voice calls use peer-to-peer WebRTC connections; audio streams do not pass through our servers. Shared terminal data is relayed in real time and is not persistently stored.

Usage Analytics

Our website may collect anonymous page-view data (page URL, timestamp, approximate geographic region derived from IP address) to understand how visitors use our site. We do not use third-party analytics services such as Google Analytics. The macOS application does not collect any analytics or telemetry data.

How We Use Your Information

• To provide and maintain the Service, including cloud vault synchronization
• To process subscriptions and manage your account
• To facilitate team collaboration features (chat, voice, shared sessions)
• To send transactional emails (account verification, password resets, organization invitations)
• To respond to support requests
• To improve our website and documentation

Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We share data only in the following circumstances:

• Payment processors: Stripe and Apple receive payment information to process subscriptions.
• Email delivery: Transactional emails are sent via Gmail API and ImprovMX for email forwarding.
• AI features: When you use AI-powered features, your terminal context or chat messages are sent to the LLM provider you have selected (e.g., Anthropic, OpenAI). No data is sent without your explicit action.
• Legal requirements: We may disclose information if required by law, provided that we cannot disclose your vault contents because they are encrypted with keys we do not possess.

Data Security

We implement industry-standard security measures including TLS encryption for all network traffic, bcrypt password hashing, AES-256 vault encryption, and hardened server configurations. The macOS application runs in an App Sandbox and uses macOS Keychain for local credential storage.

Data Retention

We retain your account data for as long as your account is active. If you delete your account (available via the macOS app or the web dashboard), all associated data is permanently removed, including your encrypted vault items, organization memberships, chat history, and account information.

Your Rights

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and all associated data
• Export your vault data before account deletion
• Opt out of non-essential communications
• Manage your privacy choices at deepterm.net/privacy-choices

Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected data from a child under 16, we will delete it promptly.

International Data Transfers

Our servers are located in Switzerland. If you access the Service from outside Switzerland, your data may be transferred to and processed in Switzerland. By using the Service, you consent to this transfer. Your vault data remains encrypted at all times regardless of location.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or your personal data, contact us at:

• Email: [email protected]
• Web: deepterm.net/documentation