OpenVide Privacy Policy

1. Scope

This Privacy Policy applies to the OpenVide mobile app and the privacy practices directly controlled by the OpenVide project for that app. It is intended to support App Store and Google Play distribution.

OpenVide is designed to let you control AI coding tools running on infrastructure that you choose. The app is built around direct SSH connections between your device and your host rather than a central OpenVide application backend.

OpenVide does not process, collect, or store your app data on OpenVide-controlled servers. Any data saved by the app is stored locally on your device or on the remote host machines that you configure.

2. Data we process

Depending on how you use the app, data stored locally by the app may include host labels, hostnames or IP addresses, usernames, ports, workspace paths, prompt templates, session metadata, local preferences, and other configuration details that you enter.

The app may also store or display prompts, model outputs, terminal output, diff content, file metadata, and attachment metadata when you use OpenVide to run remote sessions.

• SSH credentials and tool-specific environment variables are stored locally on your device using secure storage APIs provided by the operating system.
• General app state such as configured hosts, workspaces, prompt library items, notification settings, speech-language settings, and UI preferences may be stored locally on the device.
• If you configure a remote host, the companion daemon may store session records, output logs, metadata, and an optional push token on that host.
• If you choose to attach images, videos, or files, OpenVide processes the selected file data needed to include those attachments in your workflow.

3. Device permissions

OpenVide may request access to specific device capabilities only when the related feature is used.

• Camera: to scan QR codes for host setup.
• Microphone and speech recognition: for optional voice input.
• Photos, videos, or files: when you choose attachments from your device.
• Notifications: for local notifications and optional push notifications about session status.
• Local authentication / Face ID / biometrics: if you enable biometric app unlock.
• Local network access: to connect to SSH servers on your local network when applicable.

4. How we use data

OpenVide uses locally stored data only to provide the product features you request: connecting to hosts over SSH, managing remote sessions, persisting local settings, streaming output, showing diffs and terminal data, and optionally notifying you when a session completes or fails.

OpenVide does not use your data for advertising, cross-app tracking, profiling for marketing purposes, or OpenVide-operated server-side analytics.

5. How data may be shared

OpenVide itself does not transmit your data to OpenVide-controlled servers. Data may still be disclosed to systems that you choose to use with the product or that are technically required for optional features.

• Your configured host: the app sends commands and session data to the machines you choose over SSH.
• AI tool providers you choose to run on the host: if you use Codex, Claude Code, or similar tools, prompts, outputs, and related context may be sent from your host to those providers under their own privacy policies.
• Expo and platform notification providers: if you enable push notifications, notification tokens and notification payload data may be processed through Expo's push service and the relevant Apple or Google notification infrastructure.
• Platform speech-recognition providers: if you use voice input, audio or transcript data may be processed by speech-recognition services provided by your device platform.

6. What OpenVide does not do

OpenVide is not designed as an advertising or analytics product. Based on the current application architecture, OpenVide does not require user accounts for the app, does not sell personal information, and does not run a central backend that proxies or stores your SSH session traffic.

7. Retention and deletion

Data stored locally on your device remains there until you delete it, clear the app's local data, or remove the app, subject to how your operating system handles secure storage.

Data stored on your own hosts remains under your control and may remain available on those hosts until you delete it there. For example, host-side daemon data may be stored under ~/.openvide-daemon/.

If you enable push notifications, a push token may be stored on the configured host so that host can send notifications for your sessions.

• You can remove host entries and session data from the app interface.
• You can remove host-side daemon data from the machine you control.
• Because OpenVide does not currently operate app accounts, there is no separate central account database to delete.

8. Security

OpenVide uses direct SSH connections and stores sensitive credentials locally using secure storage APIs where available. The host-side daemon is designed to communicate over a local Unix socket rather than exposing a public network port.

No method of transmission or storage is perfectly secure, and you remain responsible for the security of the hosts, SSH credentials, AI provider credentials, and remote repositories that you connect to OpenVide.

9. Children's privacy

OpenVide is not directed to children. If you believe a child has provided personal information through the app, contact us so we can review the situation.

10. Changes to this policy

We may update this Privacy Policy as the product evolves, including when new distribution channels, integrations, or data flows are added. When we make material changes, we will update the effective date on this page.

11. Contact

Privacy questions or requests may be sent to privacy@openvide.app. If you are using a store build, you may also use the developer contact information published in the relevant App Store or Google Play listing.