← vmux

Privacy Policy

Last updated: April 25, 2026

The short version

vmux is a terminal client. It connects directly from your device to SSH, Mosh, and tmux servers that you configure. We do not run those servers. We do not see, route, store, or analyze your terminal traffic. We do not collect analytics, telemetry, or crash reports. We do not embed third-party tracking SDKs.

Data we collect on our servers

Launch-list email signups — if you submit an email address through the “notify me at launch” form on vmux.app, we store the email address, the time you submitted, and the country code your request came from (for capacity planning). We use the address only to send launch-related announcements. We do not share or sell it. You can request deletion by emailing the support address below.

That is the only personal data the vmux operators retain.

Data the app stores on your device

  • Connection profiles (host, port, username, your chosen SSH keys) and saved preferences — stored in iOS/macOS/visionOS user defaults, scoped to the app.
  • SSH credentials — passwords are stored in the system Keychain. Keys generated on-device are ECDSA P-256 (ecdsa-sha2-nistp256) and live in the Secure Enclave when the hardware supports it. The Secure Enclave never exposes the private key material; vmux can only ask it to produce signatures.
  • Pane and window state — your open sessions, scrollback, and layout, so the app can restore where you left off.

Per the bundled PrivacyInfo.xcprivacy manifest, the app accesses only two Apple Required Reason API categories: user defaults (reason CA92.1, app-only settings) and system boot time (reason 35F9.1, in-app input timing).

For the technical detail on App Lock, Secure Enclave keys, and encrypted backups, see Security in the docs.

Optional iCloud backup

If you enable iCloud backup, vmux encrypts your snapshot of connection profiles and pane state on-device with AES-256-GCM, then writes the already-encrypted blob to your private iCloud container. The encryption key is generated locally and stored in the device Keychain. Apple transports the data; we do not hold the key.

Because the key is device-local and does not currently sync between your devices, a backup uploaded from one device cannot be decrypted on another. iCloud backup today is best understood as a same-device safety net rather than a cross-device sync.

You can disable backup in app settings; existing encrypted blobs remain in your iCloud container until you delete them.

Local network

On your local network the app advertises and discovers the following Bonjour services so that vmux components can find each other across devices: _ssh._tcp, _vmuxsigner._tcp, _vmuxmackey._tcp. No data leaves your local network as a result of this discovery.

What we never do

  • No analytics — no Google Analytics, Mixpanel, Segment, or equivalent.
  • No crash reporting — no Sentry, Bugsnag, Crashlytics, or equivalent.
  • No advertising identifiers, no IDFA, no cross-app tracking.
  • No third-party SDKs that phone home.
  • No interception of your terminal traffic.

Children

vmux is a developer tool not directed at children under 13. We do not knowingly collect personal information from children.

Changes

If this policy changes materially we will update the date at the top and announce the change on the launch-list. The current version is always at vmux.app/privacy.

Contact

Email support@vmux.app with privacy questions or deletion requests.