Privacy
Privacy Policy
Last updated: July 11, 2026
TouchMac is designed around one principle: your data stays between your devices. This policy explains how TouchMac (including the iPhone/iPad and Mac apps, the "App") handles your data.
1. What We Do Not Collect
- Screen content: Your Mac's screen and audio travel only between your devices with end-to-end encryption. We cannot access them and store no frames.
- Input: Your touch, keyboard, and mouse activity likewise travels encrypted only between your devices.
- Account data: The App requires no account registration; we hold no name, email, or any identity data about you.
- Behavioral analytics: No third-party analytics or advertising SDKs are embedded, and your usage is not tracked.
2. Data Stored on Your Devices
- Pairing credentials: The identifiers and keys generated during pairing are stored in each device's system Keychain and used to verify the identity of both ends of a connection. They can be revoked on the shared Mac at any time.
- Preferences: Virtual controller layouts, sensitivity, and similar settings are stored locally on the device.
- None of this data is uploaded to our servers.
3. Local Network Connections
When used on the same Wi-Fi, all streaming and control traffic is a direct peer-to-peer connection; screen and input data pass through no external server. During connection setup, devices may query public STUN servers for their own network address (this involves the IP address only — no screen or input content).
4. Remote Access (Optional Paid Feature)
When cross-network Remote Access is enabled:
- The signaling server relays only the messages needed to establish a connection (each carrying a cryptographic signature) and never touches stream content.
- If a direct peer-to-peer link fails, traffic is forwarded via a TURN relay; because the stream is DTLS-SRTP end-to-end encrypted, the relay server cannot read its contents.
- The signaling server itself keeps no application-level records (no device identifiers, no connection content); the underlying cloud platform (Fly.io) may retain short-term network-level technical logs for infrastructure operations.
5. How System Permissions Are Used
- Screen Recording (shared Mac): captures the Mac's screen for your device to view.
- Accessibility (shared Mac): injects your input into the Mac.
- Camera (iPhone): used only to scan pairing QR codes; nothing is recorded or uploaded.
- Local network: discovers and connects to Macs on the same network.
- Microphone usage declaration (iPhone): initializing the audio engine requires this permission declaration; the App only plays audio sent from your Mac and never records or uploads your microphone.
6. Children's Privacy
The App is not designed for children under 13 and collects no personal data.
7. Changes to This Policy
If this policy changes materially, we will announce it on this page and in the App. Continued use constitutes acceptance of the updated policy.
8. Contact Us
For any questions about this policy, contact [email protected].