telnety.

Privacy Policy

Last updated: March 1, 2026

1. Data Collection

Telnety ("we", "us", "our") is committed to protecting your privacy. We collect different categories of data depending on how you use the Software.

Desktop Application (Local Data)

The desktop application stores all data locally in an encrypted SQLite database on your device. This includes:

  • Host configurations (hostname, port, username, protocol settings)
  • Encrypted credential vault entries (AES-256-GCM encrypted; we never see plaintext)
  • Application settings and preferences
  • Session recordings (stored locally in asciicast v2 format)
  • MCP audit logs and command history
  • Plugin data and configurations

This data never leaves your device unless you explicitly enable Cloud Sync.

Cloud Services (Optional)

If you create an account and use cloud features, we collect:

  • Email address and name (for account authentication)
  • Encrypted sync data (end-to-end encrypted; we cannot read this data)
  • Device identifiers and hardware fingerprints (for license validation)
  • Subscription and billing information (processed by Safepay)
  • IP address and approximate location (for fraud prevention)

2. How We Use Data

We use your data for the following purposes:

  • Authenticate your account and manage active sessions
  • Validate your license key and enforce device activation limits
  • Process subscription payments through Safepay
  • Sync your encrypted data across devices (when Cloud Sync is enabled)
  • Send important account and security notifications via email (SMTP)
  • Improve the Software based on aggregated, anonymized usage analytics via Google Analytics
  • Detect and prevent fraud, abuse, and unauthorized access

3. Data Storage and Security

All credential vault data is encrypted using AES-256-GCM with keys derived from your master password via Argon2id (64 MiB memory, 3 iterations, 4 threads). Each credential entry uses a unique salt and 96-bit nonce. On Windows, the vault master key is additionally protected by DPAPI. On macOS, Keychain Services is used. On Linux, the Secret Service API (libsecret) provides additional protection.

Cloud data is encrypted end-to-end before transmission using TLS 1.3. Our servers store only ciphertext that we cannot decrypt. Database backups are encrypted at rest. We use PostgreSQL 16 with row-level security and parameterized queries to prevent SQL injection.

4. Third-Party Services

We use the following third-party services that may process your data:

Authentication

Our built-in authentication system provides user authentication, session management, and multi-factor authentication. It processes your email address, name, login timestamps, and session data.

Safepay (Payments)

Safepay processes subscription payments. We do not store your credit card details. Safepay receives your billing address, email, and payment instrument details. See Safepay's Privacy Policy.

Google Analytics (Analytics)

Google Analytics provides website usage analytics. We track page views, feature adoption, and conversion events. Google Analytics is configured with IP anonymization enabled. You can opt out of analytics tracking at any time using browser extensions or settings. See Google's Privacy Policy.

Email (SMTP)

Transactional emails (account verification, password reset, billing receipts) are delivered via our SMTP email service. Only your email address and message content are processed.

5. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your data ("right to be forgotten")
  • Export: Request your data in a portable, machine-readable format
  • Restrict Processing: Request that we limit how we use your data
  • Withdraw Consent: Withdraw consent for data processing at any time
  • Object: Object to automated decision-making and profiling

To exercise any of these rights, contact us at privacy@telnety.com. We will respond within 30 days.

6. Cookie Policy

Our marketing website (telnety.com) uses the following cookies:

  • Essential cookies: Session cookies required for website functionality. These cannot be disabled.
  • Analytics cookies: Google Analytics cookies for anonymous usage analytics. You can opt out at any time from your browser settings or using the Google Analytics opt-out browser add-on.

We do not use advertising cookies, remarketing pixels, or cross-site tracking. The desktop application does not use cookies.

7. Data Retention

Local data is retained on your device until you delete it or uninstall the application. Cloud account data is retained while your account is active. Upon account deletion, we will remove all personal data within 30 days, except where retention is required by law (e.g., billing records retained for 7 years for tax compliance).

Anonymized, aggregated analytics data may be retained indefinitely as it cannot be linked back to individual users.

8. Data We Do NOT Collect

We want to be explicit about what we never collect:

  • Your vault master password or decrypted credentials
  • The content of your terminal sessions or commands
  • File contents transferred via SFTP or other protocols
  • SSH private keys (these are encrypted in your local vault)
  • Your server IP addresses or hostnames (unless Cloud Sync is enabled)
  • Keystrokes, screen recordings, or clipboard contents

9. Children's Privacy

The Software is not directed at children under the age of 13. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child under 13, we will take steps to delete that information promptly.

10. Contact

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact our Data Protection Officer at privacy@telnety.com.

ANUBRIS (Private) Limited
Lahore, Pakistan
privacy@telnety.com