Privacy Policy

Last updated: 2026-06-01

Thank you for using Caret, a cross-platform tool for managing your own servers over SSH on iOS, Android and macOS. We built Caret so that your data stays with you. Caret has no backend service of its own, runs no advertising, and contains no analytics or tracking. This policy explains, in plain language, what stays on your device and what does not. It also covers the two optional features that can move data off your device — cloud sync and in‑app purchases — both of which are entirely up to you.

1. The short version

  • Caret does not collect or sell any personal information, and never transmits it to us — it has no backend. Anything you choose to sync goes only to your own iCloud or Google Drive (see below).
  • There is no Caret server. The app connects directly from your device to the servers you configure.
  • Your passwords, private keys and passphrases are kept in your device's secure storage (Apple Keychain on iOS / macOS, Android Keystore) — never in the app's regular database, and never sent to us. If you turn on cloud sync, a copy also goes to your own iCloud or Google Drive, as described below.
  • Everything Caret needs — server settings, monitoring history, command snippets — lives in a database on your device.
  • Cloud sync is optional and off by default. If you turn it on, your data syncs through your own iCloud or Google Drive — Caret has no servers of its own. On Google Drive it is end-to-end encrypted, credentials included, with a master password only you know.
  • Purchases are handled by the App Store and Google Play. Caret has a free tier and an optional paid upgrade; the stores process payment and we never receive your payment details.

2. Information we do not collect

Caret has no account system, and we run no servers or cloud of our own. We do not collect your name, email address, phone number, location, contacts, or any usage analytics. Because there is no Caret backend, your information never reaches us and there is nothing for us to store or share. The optional cloud sync described below uses your own iCloud or Google Drive, not ours.

3. Information stored on your device

To do its job, Caret saves the following locally on your device. By default none of it leaves your device — it is never transmitted to us, and reaches a third party only if you turn on the optional cloud sync described below:

  • Server connection details — host address, port, username, and your chosen display name and grouping for each server.
  • Authentication credentials — passwords, SSH private keys and key passphrases. On your device these live in the operating system's secure storage (Keychain / Keystore), never in the app database — which only holds a reference key pointing to that secure entry, never the secret itself. If you enable cloud sync, a copy is also stored in your own iCloud or Google Drive (end-to-end encrypted on Google Drive), as described in How your data is transmitted.
  • Monitoring history — the CPU, memory, disk, network and load readings the app collects while connected, kept so it can draw historical charts.
  • Command snippets and deployment templates — the commands and Docker run / Pod templates you choose to save.

This data remains under your control. You can remove any of it at any time (see Your choices below). If you enable cloud sync, a copy of this data is also kept in your own iCloud or Google Drive, stored as described in How your data is transmitted.

4. How your data is transmitted

Caret communicates only with the servers you explicitly add, and only over the SSH protocol:

  • Connections are made directly from your device to your server. Traffic does not pass through any Zobubo or Caret infrastructure — there is none.
  • Nothing is installed on your server. Caret speaks standard SSH and does not require an agent or any companion software on the remote machine.
  • The security of each connection is provided by SSH itself and by the server you are connecting to.

Optional cloud sync (off by default)

Caret can optionally keep your servers, groups, command snippets, Pod templates and credentials in sync across your own devices. Sync is off until you enable it, and it uses your own cloud account — Caret has no servers of its own:

  • iCloud (iOS / macOS) stores the data in Caret's private iCloud container, visible only to your Apple ID.
  • Google Drive stores it in a hidden app-data area of your Drive. There, everything — including your credentials — is end-to-end encrypted with a key derived from a master password that only you know. The master password is never uploaded and cannot be recovered by us, Apple or Google.

Once data is in your iCloud or Google Drive, Apple's and Google's respective privacy policies also apply to how they store it.

In-app purchases

Caret offers a free tier and an optional paid upgrade (a subscription or a one-time lifetime purchase). Payments are processed entirely by the App Store or Google Play — Caret has no payment backend, and we never see or store your payment details. Your purchase status is checked on your device through the platform's own purchase APIs.

5. Third-party services

Caret embeds no third-party advertising, analytics, or tracking SDKs, and sells no data. Apart from the servers you choose to connect to, Caret talks to a third party only when you turn on an optional feature: Apple iCloud or Google Drive for cloud sync, and the App Store or Google Play for purchases. How those services handle data is governed by Apple's and Google's own policies; how your servers handle data is governed by your own configuration and their operators' policies.

6. Your choices and control

Because your data is stored locally:

  • Delete a server to remove its connection details and its stored credentials from secure storage. This is the most reliable way to erase a saved secret.
  • Delete monitoring history, snippets or templates from within the app.
  • Turn off cloud sync, or delete the synced copy, from the app's sync settings. Disabling sync stops further uploads; deleting the synced data removes it from your iCloud or Google Drive.
  • Uninstall Caret to remove its on-device database and app data. Please note that on some platforms — notably iOS and macOS — credentials saved in the system keychain may persist after an app is removed. If you want to be certain every saved secret is gone, delete your servers inside the app before uninstalling.

There is no remote copy for us to delete, because we never receive one.

7. Children's privacy

Caret is a tool for developers and system administrators and is not directed at children. We do not knowingly collect any information from children.

8. Changes to this policy

We may update this Privacy Policy to reflect changes to the app or to clarify our practices. When we do, we will revise the "Last updated" date above. Please review this page periodically for the latest information.

9. Contact us

If you have any questions or suggestions about this Privacy Policy, please contact us at: