Last updated: 2026-05-17 · Applies to AI Terminal iOS (org.aiterminal.app) and Android (org.aiterminal.app) apps (version 1.0.0+) and AI Terminal desktop daemon (Mac / Linux / Windows / WSL).
AI Terminal lets you remotely control terminal sessions on your computer from your phone — including any AI coding agent (aider, Cursor CLI, Codex, etc.) or any PTY-based application. This policy explains how we handle your data.
| Data | Purpose | Stored |
|---|---|---|
| Device identifier (random UUID, not Android ID / IDFV) | Identify your phone for pairing persistence and trial calculation | Relay server |
| Public key (end-to-end encryption) | Establish encrypted channel between your phone and computer; relay cannot decrypt | Relay server + paired computer daemon |
| Device name | Display in device management UI (e.g. "iPhone 15 Pro" / "Xiaomi 13 Pro") | Paired computer daemon + local device |
| Push notification token (FCM on Android, APNs on iOS) | Notify your phone when AI tasks finish or require approval | Relay server |
| Subscription status | Validate App Store / Google Play subscription tier | Relay server |
The following data is collected only if you enable it in Settings → Privacy. All toggles are OFF by default; first-launch consent dialog respects your choice (declining keeps everything off).
| Data | Purpose | Processor | Region |
|---|---|---|---|
| App usage analytics (screen views, button clicks) | Improve UI / feature prioritization | Firebase Analytics (Android), built-in (iOS) | Google global |
| Crash reports (stack trace, device model, OS version) | Fix bugs faster | Self-hosted GlitchTip (Sentry-compatible) | Operator infrastructure |
| In-app feedback (your text message, contact email if provided) | Respond to your feedback | Self-hosted backend | Operator infrastructure |
Anonymity: Telemetry uses a randomly generated install UUID (not Android ID / IDFV, not your device identifier). We do not link telemetry to your subscription or pairing identity. You can wipe and regenerate the install UUID at any time via Settings → Privacy → Reset Telemetry ID.
Opt-out: Toggle off in Settings → Privacy at any time. Past data submitted while opt-in cannot be retroactively recalled (technical limitation), but no further data will be sent.
The iOS app may request the following permissions on first use:
NSCameraUsageDescription): Scan the QR code shown by your desktop daemon to pair devices.NSPhotoLibraryUsageDescription): Pick photos to send to your paired computer.NSPhotoLibraryAddUsageDescription): Save received images to your local photo library.NSFaceIDUsageDescription): Verify your identity before approving a new device pairing or sensitive action — biometric data stays on your phone and is never transmitted.NSLocalNetworkUsageDescription): Discover your desktop daemon on the same Wi-Fi network for low-latency LAN mode.NSBonjourServices: _aiterminal._tcp): mDNS-based local network device discovery.All permissions can be individually toggled in iOS Settings → AI Terminal. Disabling a permission makes the corresponding feature unavailable, but the app continues to function for other operations.
AI Terminal also includes a PrivacyInfo.xcprivacy manifest (Apple 2024+ SDK requirement) declaring all Required Reason APIs used by the app.
Sensitive data (biometric, encryption keys) is stored exclusively in iOS Keychain, accessible only to the AI Terminal app.
USE_BIOMETRIC): Verify identity for sensitive actions.Sensitive data is stored in Android Keystore, accessible only to the AI Terminal app.
iOS subscriptions are processed through Apple App Store In-App Purchases (StoreKit). Payment information is collected and processed by Apple and never passes through AI Terminal servers. We only receive subscription status (active / expired / tier) from Apple in order to unlock Pro features. Refunds and cancellations are managed through iPhone Settings → Apple ID → Subscriptions.
Android subscriptions are processed through Google Play Billing. Payment information is collected by Google and never passes through AI Terminal servers. We only receive subscription status from Google.
AI Terminal operates 4 relay PoPs (Beijing / Hong Kong / US-West / EU on Hetzner) to route encrypted WebSocket traffic between your desktop daemon and mobile app. Relay servers:
If your desktop and phone are on the same Wi-Fi network, AI Terminal automatically switches to LAN-direct mode (relay is bypassed entirely).
device_id and pairing_token are deleted immediately.Data Retention: device_id + pairing_token are deleted immediately when you unpair. Relay connection logs are retained for at most 30 days then auto-purged. Crash reports retained for at most 90 days.
AI Terminal is not intended for use by children under 13. We do not knowingly collect data from children under 13. If we become aware that a user is under 13, we will delete their data immediately.
AI Terminal is currently in closed beta. During beta:
We will notify users of material changes via in-app notification at least 7 days before they take effect. The current version of this policy is always available at ai-terminal.org/privacy.html.
© 2026 AI Terminal. All rights reserved.