Privacy Policy

RemoteAI ("we", "us", or "our") is an independent app that lets you connect to your own computer and run AI coding tools (Claude Code, Gemini CLI, Codex CLI) remotely from your phone or any device. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

By creating an account or using the app, you agree to the practices described here. If you do not agree, please do not use the app.

RemoteAI is an independent product and is not affiliated with, endorsed by, or connected to Anthropic, PBC in any way. All AI processing happens on your own computer using your own Anthropic API key. We have no access to your Claude conversations, prompts, code, or outputs.

For any privacy-related questions, contact us at support@remoteai.cloud.

Account information. When you create an account, we collect your email address and a hashed password. Your email is used to identify your account and send essential account-related messages (such as password reset codes). We do not use it for marketing without your explicit consent.

Relay token. We generate a unique random token for your account. This token is stored on our servers and is used to authenticate your device to the agent running on your computer. You can rotate this token at any time in the app.

Push notification token. If you grant notification permission, your device's push token (provided by Apple via Firebase Cloud Messaging) is stored on our servers. It is used solely to deliver notifications you have opted into — such as "task complete" or "sign-in required" alerts. We never use it to send marketing messages.

Usage analytics. We collect product usage events (such as which screens you view, when you sign up, when you open a session, and which actions you take) along with crash reports and app performance data using PostHog. This data is tied to your email address so we can measure retention and diagnose where users run into problems. We never use it for advertising or share it with data brokers.

Connection logs. We retain timestamped logs of relay connection events (connect, disconnect, session registration) for up to 30 days for debugging and reliability purposes. These logs do not contain any terminal content.

Purchase status. If you make an in-app purchase, we receive a validated purchase receipt from Apple via RevenueCat. We store only a boolean flag indicating that a purchase was completed — we do not store payment card details or billing addresses.

Terminal content. Everything you type in the terminal and all output from your computer is transmitted between your device and your computer over an encrypted WebSocket connection. Terminal data is encrypted in transit via TLS.

Files on your computer. RemoteAI has no access to your file system, source code, or any data on your computer beyond what you explicitly display in the terminal.

AI conversations. Your prompts, AI responses, and any code or data shared with your AI tool (Claude, Gemini, Codex) are handled entirely by the tool running on your computer. We see none of it.

Location data. We do not request or collect your location.

Device identifiers. We do not collect advertising identifiers (IDFA) or any persistent device fingerprinting data.

We use the information we collect for the following purposes:

• Account authentication — to verify your identity when you log in and to keep your sessions secure.
• Relay connectivity — to allow your phone to discover and connect to the agent on your computer.
• Push notifications — to deliver real-time alerts about AI activity on your computer.
• Debugging and reliability — to diagnose connection issues and improve the stability of the relay service.
• Product analytics — to understand which features are used, where users encounter errors, and how to prioritize improvements.
• Purchase validation — to confirm in-app purchase status and unlock any associated features.

We do not sell, rent, or trade your personal information to third parties. We do not use your data for advertising or behavioral profiling.

We use the following third-party services to operate the app. Each has its own privacy policy.

• Firebase (Google) — push notification delivery and crash reporting. firebase.google.com/support/privacy
• PostHog — product analytics and error tracking. Events are stored in the United States. posthog.com/privacy
• RevenueCat — in-app purchase validation and receipt management. revenuecat.com/privacy
• Apple App Store — payment processing for in-app purchases. Apple's privacy policy applies to all payment transactions.
• Google Cloud Run — our relay and authentication servers run on Google Cloud infrastructure in the United States. Terminal data is encrypted in transit via TLS.

Account data (email, relay token, push token) is retained for as long as your account is active. You can delete your account at any time, which permanently removes all associated data from our servers.

Connection logs are automatically deleted after 30 days.

Analytics events are retained for up to 12 months, then automatically deleted.

Purchase records may be retained for up to 7 years as required by applicable tax and accounting regulations, even after account deletion. These records contain only purchase amount and date — no terminal or usage data.

We take reasonable technical measures to protect your information, including:

• All data transmitted between the app and our servers is encrypted via TLS.
• Passwords are hashed using a strong one-way algorithm before storage — we cannot read your password.
• Relay tokens are randomly generated and can be rotated by you at any time.
• Terminal data is encrypted in transit via TLS (WebSocket Secure).

No system is perfectly secure. If you believe your account has been compromised, rotate your relay token immediately in Settings → Account → Regenerate and contact us at support@remoteai.cloud.

Depending on your location, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you.
• Correction — request correction of inaccurate data.
• Deletion — request deletion of your account and all associated data. You can do this directly in the app via Settings → Manage → Delete Account, or by emailing us.
• Portability — request your data in a machine-readable format.
• Objection — object to certain uses of your data.
• Withdrawal of consent — withdraw consent for push notifications at any time in your device's system settings.

To exercise any of these rights, email us at support@remoteai.cloud. We will respond within 30 days. We may ask you to verify your identity before processing certain requests.

RemoteAI is not directed at children under 13 (or under 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

Our servers are located in the United States (Google Cloud, us-central1). If you are located outside the United States, your data will be transferred to and processed in the US. By using the app, you consent to this transfer. We rely on standard contractual clauses and other appropriate safeguards where required by applicable law.

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date below. If the changes are significant, we will notify you through the app or via email. Continued use of the app after changes are posted constitutes your acceptance of the updated policy.

For privacy questions, data requests, or to report a concern, contact us at:

support@remoteai.cloud