SeasaltBack to home

Privacy Policy

Last updated: January 2026

Overview

Seasalt ("we," "us," or "our") operates a secure remote terminal access platform. This Privacy Policy explains how we collect, use, and protect information when you use our services, including the Seasalt macOS agent, iOS companion application, and relay infrastructure.

Our core principle is simple: we cannot see your data. Seasalt uses end-to-end encryption, meaning all terminal content is encrypted on your devices before it reaches our servers. We architecturally cannot decrypt, read, or store your terminal sessions.

Information We Collect

Account Information

When you create an account, we collect your email address. This is used for authentication and to communicate essential service information to you.

Device Metadata

When you register a device, we store the device name you provide, application version, and operating system version. This metadata helps us provide device management features and troubleshoot issues.

Session Metadata

We store session lifecycle events (created, attached, detached, ended) and session metadata (title, working directory). We do not store any terminal input or output content. The relay server passes encrypted binary frames in real time and does not persist them.

Connection Metadata

Our relay infrastructure necessarily processes connection metadata including IP addresses, connection timing, and encrypted payload sizes. This data is used for routing and is not stored long-term.

Billing Information

Payment processing is handled by Stripe. We store your Stripe customer ID and subscription status but do not store credit card numbers or full payment details on our servers.

What We Cannot Access

Due to our end-to-end encryption architecture, the following data is never accessible to Seasalt:

  • Terminal commands you type or output you receive
  • Encryption keys (these exist only in your device Keychains)
  • Pairing shared secrets (computed exclusively on your endpoints)
  • File contents accessed during terminal sessions

All terminal I/O is encrypted with AES-256-GCM using per-session keys derived through Curve25519 ECDH key exchange. Encryption keys are stored in your device's hardware Keychain and never transmitted.

How We Use Information

We use the information we collect to:

  • Provide and maintain the Seasalt service
  • Authenticate your identity and manage your devices
  • Route encrypted data between your paired devices
  • Process subscription payments via Stripe
  • Enforce plan-based feature limits
  • Send essential service communications

We do not sell, rent, or share your personal information with third parties for marketing purposes.

Data Security

Security is foundational to Seasalt. Our measures include:

  • End-to-end encryption (AES-256-GCM) for all terminal content
  • Outbound-only connections — no ports are opened on your devices
  • Short Authentication String (SAS) verification to prevent man-in-the-middle attacks during device pairing
  • Ed25519 identity keys stored in hardware Keychains
  • Parameterized database queries to prevent injection attacks
  • JWT-based authentication with separate secrets for user and device tokens
  • Device token revocation with immediate effect across all layers

Data Retention

Account and device data is retained while your account is active. Session metadata is retained for service operation. Terminal content is never stored. When you delete your account, we will delete your personal data in accordance with applicable law.

Your Rights

Depending on your jurisdiction, you may have rights regarding your personal data, including the right to access, correct, delete, or export your data. To exercise these rights, contact us at the email address below.

Third-Party Services

We use Stripe for payment processing. Stripe's privacy policy governs how they handle your payment information. We do not have access to your full payment card details.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the service. Your continued use of Seasalt after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this Privacy Policy, please contact us at privacy@seasalt.app.