Privacy Policy for Rooted SSH

1. Information We Collect

We collect various types of information to provide and improve our Service to you.

1.1. Information You Provide Directly:

• Account Information: When you create an account, we collect your Name and Email address. Your email address is obtained through third-party authentication services like Google Sign-In or Apple Sign-In.
• SSH Configuration Data: You may provide information about your SSH hosts (server addresses, usernames, ports), SSH keys, and command snippets (Snips). This data is encrypted on your device before being synced to our servers.

1.2. Information We Collect Automatically:

• Encrypted Sync Data: Your SSH hosts, keys, and command snippets are encrypted client-side with AES-256 encryption before being transmitted to our servers for synchronization across your devices. We cannot decrypt this data as your master password never leaves your device.
• Usage Data: We collect information about how you access and use the App, such as features you use, connection statistics, and session duration.
• Device Information: We may collect information about the device you use to access the App, including device model, operating system version, unique device identifiers, IP address, language settings, and time zone. This data helps us optimize the App for your device.
• Technical Data: We may collect technical information like crash logs and error reports to diagnose problems and improve the App's stability and performance.

2. How We Use Your Information

We use the collected information for various purposes, primarily to provide, maintain, and improve the Rooted SSH App:

• To Provide and Maintain the Service: To operate the App, allow you to create and log into your account, and deliver the core SSH client functionalities.
• For Encrypted Data Sync: To synchronize your encrypted SSH hosts, keys, and command snippets across all your devices. We store this data in encrypted form and cannot access its contents.
• To Analyze and Improve the App: To understand user behavior, identify trends, troubleshoot technical issues, and enhance existing features or develop new ones.
• For Account Management: To manage your lifetime license and purchases.
• For Communication: To send you updates, notifications, and information related to your account or the App.
• To Ensure Security: To protect the App from fraudulent or malicious activity and to enforce our Terms and Conditions.
• For Legal Compliance: To comply with applicable laws, regulations, and legal processes.

3. How We Share Your Information

We share your information with third parties only in the following limited circumstances:

With Third-Party Service Providers: We use third-party companies to perform services on our behalf, such as:

• Cloud Storage Providers: For storing your encrypted data. We may utilize cloud providers for infrastructure and encrypted data storage. Your data is encrypted client-side before transmission.
• Authentication Providers: For secure account creation and login via Google Sign-In or Apple Sign-In.

For Legal Reasons: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).

In Case of Business Transfer: In the event of a merger, acquisition, reorganization, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our App of any such change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

With Your Consent: We may share your information with your explicit consent or at your direction.

No Advertising: We do not share your data with third parties for their direct marketing or advertising purposes, as there are no ads displayed within the App.

4. Zero-Knowledge Encryption

Rooted SSH implements zero-knowledge encryption, which means:

• All your SSH hosts, keys, and command snippets are encrypted on your device using AES-256 encryption before being transmitted to our servers.
• Your master password is never sent to our servers and remains only on your devices.
• We cannot decrypt, access, or read your SSH configuration data, keys, or snippets.
• Only you, with your master password, can decrypt and access your data.
• This ensures that even in the unlikely event of a data breach, your sensitive SSH information remains secure and unreadable.

5. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

• Encrypted Sync Data: Your encrypted SSH hosts, keys, and command snippets are retained for as long as you maintain an active account.
• Account Information: Your account information (name, email) is retained for the duration of your active account.
• Deletion upon Account Termination: If you choose to delete your Rooted SSH account, we will delete all personal data associated with your account within 24 hours of your deletion request. This includes your account information, encrypted sync data, and any other directly identifiable personal data we hold.
• Technical Data: Crash logs and similar technical data may be retained for a limited period to allow for troubleshooting and improvement.

6. Data Transfer (International)

Velosify Private Limited is based in India. However, our servers and some third-party service providers may be located in the United States or other countries. This means that your information, including personal data, may be transferred to, stored, and processed in countries where data protection laws may differ from those in India.

By using the Rooted SSH App, you understand and consent to the transfer of your information to these countries. We take appropriate measures to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable data protection laws. Importantly, all sensitive data (SSH hosts, keys, snippets) is encrypted before transmission and storage.

7. Your Data Protection Rights

You have certain rights regarding your personal data, subject to local data protection laws:

• Right to Access: You have the right to request access to the personal data we hold about you.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
• Right to Erasure ("Right to be Forgotten"): You have the right to request the deletion of your personal data. You can exercise this right by deleting your account directly within the App or by contacting us. As stated, we commit to deleting all associated personal data within 24 hours of your account deletion request.
• Right to Restrict Processing: You have the right to request that we limit the processing of your personal data under certain conditions.
• Right to Data Portability: You have the right to request a copy of your personal data in a structured, commonly used, machine-readable format.
• Right to Object: You have the right to object to our processing of your personal data under certain circumstances.
• Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of any processing carried out before you withdraw your consent.

To exercise any of these rights, please contact us using the contact information provided in Section 10.

8. Security of Your Information

We implement reasonable technical and organizational measures designed to protect your personal data from unauthorized access, use, alteration, or destruction. This includes client-side AES-256 encryption for all sensitive SSH data before it leaves your device.

However, please be aware that no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data and implement zero-knowledge encryption for your most sensitive information, we cannot guarantee its absolute security.

9. Children's Privacy

Rooted SSH is not intended for use by children under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children under the age of 13 without verification of parental consent, we will take steps to remove that information from our servers.

For users between 13 and 18, we require parental or guardian consent to use the App, as stated in our Terms and Conditions.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top of this Privacy Policy. We may also notify you through other prominent means, such as an in-app notification or email, prior to the change becoming effective.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

Velosify Private Limited
Plot No 5a/g1 Gemini Squa, Thenanthoppu St,
Kanchipuram, Tamil Nadu
Pincode: 600043
Country: India
Email: support@rootedssh.com