Privacy Policy for Mobile Terminal
Last Updated: January 2025
Effective Date: January 2025
Introduction
BinaryScript ("we," "our," or "us") operates the Mobile Terminal application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile SSH client application.
We are committed to protecting your privacy and ensuring the security of your data. Please read this Privacy Policy carefully. By using Mobile Terminal, you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
1.1 Information You Provide
Account Information (via Google Sign-In):
- Email address
- Name (if provided by your Google account)
- Google account profile picture
- Firebase User ID (unique identifier)
1.2 Automatically Collected Information
Device Information:
When you log in to the App, we collect the following device information:
- Device ID (Android ID on Android, identifierForVendor on iOS)
- Device model and manufacturer
- Operating system version
- App version and build number
- Platform type (Android or iOS)
- Country code (derived from SIM card, network, or device locale)
- Device language preference
Usage Data:
- App feature usage through Firebase Analytics
- Crash reports and error logs through Firebase Crashlytics
- Session timestamps and duration
- App interaction patterns
1.3 Information Stored Locally on Your Device
The following information is stored only on your device and never transmitted to our servers:
SSH Connection Profiles:
- Server hostnames and IP addresses
- Port numbers
- SSH usernames
- Connection names you assign
- Authentication method preference
SSH Credentials:
- SSH passwords (encrypted in secure storage)
- SSH private keys (encrypted in secure storage)
- SSH public keys
Terminal Data:
- Command history
- Session logs
- Terminal output
Important: Your SSH credentials, private keys, and passwords are NEVER uploaded to our servers. They remain exclusively on your device in encrypted form.
2. How We Use Your Information
2.1 Core Functionality
- Authenticate your identity via Google Sign-In
- Maintain your user account
- Provide SSH terminal services
- Store and manage your SSH connections locally
- Enable premium features for subscribed users
2.2 Service Improvement
- Analyze app usage patterns to improve features
- Identify and fix bugs through crash reporting
- Optimize app performance
- Develop new features based on usage data
2.3 Communication
- Send important service updates
- Notify you about app version updates
- Respond to your support requests
- Inform you about changes to our Terms or Privacy Policy
2.4 Security
- Detect and prevent fraud
- Ensure account security
- Manage JWT authentication tokens
- Monitor for unauthorized access
3. Data Storage and Security
3.1 Local Storage (On Your Device)
Encrypted Storage:
We use flutter_secure_storage to encrypt sensitive data on your device:
- Android: Uses EncryptedSharedPreferences with Tink encryption library
- iOS: Uses iOS Keychain with hardware-backed encryption
Encrypted Data:
- SSH passwords
- SSH private keys
- JWT authentication tokens
- User profile data
Database Encryption:
Connection profiles and session history are stored in an encrypted SQLite database using SQLCipher
3.2 Remote Storage (On Our Servers)
We store the following information on our backend servers (api.binaryscript.com):
- Your user profile (name, email, Firebase UID)
- Device information (for analytics and multi-device support)
- JWT authentication tokens (securely hashed)
- Subscription status
- Account activity timestamps
What We DON'T Store:
- SSH passwords
- SSH private keys
- SSH connection details
- Terminal commands or output
- Any information about the servers you connect to
3.3 Data in Transit
All data transmitted between the App and our servers is encrypted using:
- HTTPS/TLS 1.2 or higher
- Industry-standard encryption protocols
- Certificate pinning (where applicable)
4. Third-Party Services
4.1 Firebase (Google Cloud Platform)
Services Used:
- Firebase Authentication: Manages Google Sign-In
- Firebase Analytics: Tracks app usage for improvements
- Firebase Crashlytics: Collects crash reports for debugging
Data Shared with Firebase:
- Device information
- App usage statistics
- Crash and error logs
- Authentication data
Firebase Privacy Policy: https://firebase.google.com/support/privacy
4.2 Google Sign-In
Used for secure authentication. Google's Privacy Policy applies:
https://policies.google.com/privacy
4.3 BinaryScript Backend API
Our own backend service (api.binaryscript.com) processes:
- Authentication requests
- User profile management
- Subscription management
This service is operated by BinaryScript and follows this Privacy Policy.
5. Your Privacy Rights
Depending on your location, you may have the following rights:
5.1 General Rights (Applicable Globally)
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your account and data
- Portability: Request your data in a machine-readable format
- Objection: Object to certain data processing activities
5.2 GDPR Rights (European Users)
If you are in the European Economic Area (EEA), you have additional rights under GDPR:
- Right to withdraw consent
- Right to lodge a complaint with supervisory authority
- Right to restrict processing
5.3 CCPA Rights (California Users)
If you are a California resident, you have rights under CCPA:
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of sale of personal information
- Right to non-discrimination
Note: We do NOT sell your personal information.
5.4 How to Exercise Your Rights
To exercise any of these rights, contact us at:
- Email: [email protected]
- Subject: Data Privacy Request
We will respond to your request within 30 days.
6. Data Retention
6.1 Account Data
We retain your account data for as long as your account is active. When you delete your account:
- User profile data is permanently deleted within 30 days
- JWT tokens are immediately invalidated
- Analytics data is anonymized
6.2 Local Data
Data stored on your device remains until you:
- Uninstall the App
- Manually delete connections or keys
- Clear app data through device settings
6.3 Backup Data
Firebase may retain backup data for up to 180 days after deletion. After this period, all data is permanently removed.
7. Children's Privacy
Mobile Terminal is rated "Everyone" (3+) on app stores. However:
- The App requires a Google account, which requires users to be at least 13 years old (per Google's Terms of Service)
- The App's technical nature is intended for teens and adults
- We do not knowingly collect information from children under 13
Parental Guidance: If you are a parent/guardian and believe your child under 13 has used this App, please contact us immediately at [email protected].
8. International Data Transfers
Mobile Terminal is a global service. Your information may be transferred to and processed in:
- United States (Google Cloud Platform / Firebase)
- Other countries where our infrastructure operates
We ensure appropriate safeguards are in place for international transfers, including:
- Standard contractual clauses
- Privacy Shield certification (where applicable)
- GDPR-compliant data processing agreements
9. Data Security Measures
We implement industry-standard security measures:
9.1 Technical Measures
- End-to-end encryption for SSH connections
- AES encryption for local storage
- HTTPS/TLS for all API communications
- Secure key generation using cryptographically secure random generators
- JWT token authentication with automatic refresh
- Regular security audits
9.2 Organizational Measures
- Limited access to user data (need-to-know basis)
- Regular security training for team members
- Incident response procedures
- Regular security updates
However: No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.
10. Cookies and Tracking
The Mobile Terminal app does NOT use cookies. However:
- Firebase Analytics may use identifiers for analytics
- You can opt-out of analytics through your device settings (iOS: Limit Ad Tracking, Android: Opt out of Ads Personalization)
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of changes by:
- Posting the new Privacy Policy in the App
- Updating the "Last Updated" date
- Sending an in-app notification (for significant changes)
Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy.
12. Contact Us
If you have questions about this Privacy Policy, please contact us:
BinaryScript
Email: [email protected]
Website: https://binaryscript.com
Data Protection Officer (if applicable):
For GDPR-related inquiries: [email protected]
13. Legal Basis for Processing (GDPR)
For users in the EEA, our legal basis for processing your data:
- Consent: When you agree to this Privacy Policy
- Contract: To provide the App services you've requested
- Legitimate Interests: To improve our services and prevent fraud
- Legal Obligation: To comply with applicable laws
You may withdraw consent at any time by deleting your account.
14. Your California Privacy Rights
California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for their direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.
15. Do Not Track (DNT)
Mobile Terminal does not respond to Do Not Track (DNT) signals. However, you can control analytics through device settings as mentioned in Section 10.
Acknowledgment
By using Mobile Terminal, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.
BinaryScript
Committed to Your Privacy and Security
Last Updated: January 2025