Privacy Policy

Overview

INFINIACT CO., LIMITED (hereinafter referred to as "we", "the Company", or "Infiniact") is a technology company registered in Hong Kong SAR. This Privacy Policy explains how we handle your personal information.

IATerm is a terminal emulator application running on macOS, providing SSH/SFTP connections, serial communication, port forwarding, and other features. This policy applies to IATerm obtained through:

• Apple App Store (hereinafter referred to as "App Store Version")
• Direct download from IATerm website (www.iaterm.ai) (hereinafter referred to as "Website Version")

Effective Date: April 18, 2026

Data Collection Statement: We use your data to provide and improve IATerm services. This policy explains what information we collect, how we use it, and your choices regarding this data.

1. Data Storage

IATerm follows a local-first architecture. Your data is primarily stored on your device, and we do not collect and store this data unless you manually activate sync.

1.1 Local Storage (Primary Mode)

Locally stored data:

• SSH server addresses, ports, usernames, passwords, or login keys
• Connection groups and tags
• Port forwarding configurations
• Terminal appearance settings (themes, fonts)
• Serial port connection parameters (baud rate, data bits, etc.)
• Recent server connection lists (for quick reconnection)
• Connection timestamps

Encryption: Local database encrypted with SQLCipher (AES-256-GCM), with encryption keys stored in the system keychain.

1.2 Command Execution History (Requires Manual Activation)

When you manually activate command execution history saving in Settings:

• Command execution content will be recorded
• Terminal session input/output content will be recorded
• History data is stored only in your local encrypted database
• You can disable this feature or clear history at any time
• After disabling, no new commands or session content will be recorded

1.3 Configuration Sync (Requires Manual Activation)

Only applies if you manually activate sync in Settings:

Synced Data (if activated)

• Connection profiles (SSH hosts, ports, usernames, passwords)
• SSH login keys
• Workspace layouts and preferences
• Theme and font settings
• Port forwarding configurations

Sync Security Model

• Encryption Mechanism: Synced data is encrypted using a device-derived Data Encryption Key (DEK)
• Key Derivation:
  • Data Encryption Key (DEK): Local database encryption key used to encrypt your configuration data
  • Sync Master Key: Derived from your sync password using Argon2id algorithm
  • The DEK is encrypted with the Sync Master Key and stored on servers; data is transmitted encrypted with the local DEK
• Version Differences: Different versions may provide additional security measures. See version-specific sections below for details.
• Security Note: Your sync password is the key protecting your synced data. Use a strong password and keep it secure; do not share it with others.

2. Data Storage and Security

2.1 Local Storage Security

• Primary Storage: Your sensitive data (SSH keys, server passwords, connection configurations) is stored on your local device using SQLCipher encryption
• Encryption Standard: AES-256-GCM (military-grade encryption)
• Key Management: Encryption keys stored in the system keychain

2.2 Sync Security (If Activated)

• End-to-End Encryption: Data encrypted on your device before upload
• Double Layer Protection:
  • Layer 1: System keychain-stored device key
  • Layer 2: User-provided sync password (derived via Argon2id)
• Zero-Knowledge Proof: We cannot decrypt your data even if we wanted to
• Breach Protection: Even if our servers are compromised or your account is hijacked, your synced data remains secure

2.3 Network Security

• Transmission Encryption: All network communications use HTTPS/TLS encryption
• SSH Connections: Use industry-standard SSH protocol encryption

3. Data Sharing

• No Ad Tracking: We will not sell your personal information to third-party advertisers, nor will we integrate SDKs for ad tracking within the application.
• Legal Compliance: In order to comply with legal and regulatory requirements, we may provide necessary information to relevant regulatory authorities.

4. Data Retention

• Local Data: Fully under your control, can be deleted at any time
• Crash Reports: Retained for no more than 90 days, used solely to improve product stability and security

Account data, sync data, and transaction retention periods are specified in each platform's section.

5. Cookies and Tracking Technologies

• No Ad Tracking: We do not use cookies or similar technologies for ad tracking or cross-site tracking
• Third-Party Websites: Our website may contain links to third-party websites, which have their own privacy policies that we recommend reviewing

Essential Cookies usage is specified in each platform's section.

6. Children's Privacy

This service is a tool software and does not restrict users by age, but we do not knowingly collect personally identifiable information from children under 18. If you are a parent or guardian and discover that your child has provided us with personal information, please contact privacy@infiniact.com and we will take steps to delete that information.

7. Permissions Usage

IATerm requires the following system permissions to provide services:

8.1 Network Access Permissions

• Purpose: Connect to SSH/SFTP servers and establish remote terminal sessions
• Local Network: Access SSH servers and network devices on the LAN
• Port Forwarding: Support SSH -L/-R/-D port forwarding
• Data Transmission: All network connections use HTTPS/TLS encryption

8.2 USB Device Access

• Purpose: Access USB-to-serial adapters to connect to embedded devices and microcontrollers
• Data Content: Only read serial data streams, no access to other USB device content
• User Control: Only used when user actively initiates a serial connection

8.3 System Keychain Access

• Purpose: Securely store SSH keys, server passwords, and sync passwords
• Encryption: Uses the system keychain's encryption mechanism
• Data Isolation: Only IATerm can access its own keychain entries

8.4 File System Access

• Purpose: Read and write user-selected files (SSH key files, configuration files)
• Access Scope: Limited to files explicitly selected by the user
• Background Access: No background file scanning or access

8. Different Platforms and Versions

The general principles in this policy apply to all platforms and versions of IATerm. For platform or version-specific information (such as Apple App Store version or website direct version), please refer to the corresponding sections below.

9. Apple App Store Version Specifics

This section applies only to the IATerm version downloaded from the Apple App Store.

10.1 iCloud Sync Feature

If you activate iCloud Sync, see Section 1.3 for synced data content.

iCloud Sync Security

• Multi-Layer Security:
  1. Apple ID Protection: Access to iCloud data requires your Apple ID credentials
  2. Device Trust: Apple's two-factor authentication and trusted device mechanisms
  3. iCloud Private Database: Data is stored in your personal iCloud private space, inaccessible to others
  4. Sync Password Encryption: All data is end-to-end encrypted with AES-256-GCM before upload using a key derived from your sync password via Argon2id
• Zero-Knowledge Architecture: Neither Infiniact nor Apple can decrypt your data; the encryption key exists only in your device's memory
• Password Security: Your sync password is never transmitted or stored on any Infiniact server
• Password Recovery: If you forget your sync password, synced data cannot be recovered; you can only reset the sync

You can disable sync or reset sync data at any time in Settings. Disabling sync does not affect data on your local device.

9.2 Data Collection & Usage

Information We Collect:

• Application crash reports and performance data

Data Usage: We use the collected information to:

• Provide, maintain, and improve our services
• Send you service-related notifications and updates
• Analyze service usage to optimize the user experience

Payment and account-related data for the App Store version is handled by Apple. Please refer to Apple's privacy policy for details.

9.3 Essential Cookies

This version uses essential cookies to maintain basic functionality:

• Login State: Maintains your login status when visiting the website
• Preferences: Remembers your language and interface preferences

These cookies are used only when you visit the IATerm website and are not used for tracking or advertising purposes.

9.4 Data Retention

• Sync Data: Encrypted sync data stored in iCloud will be deleted when you reset sync or delete iCloud data
• Crash Reports: Retained for no more than 90 days, used solely to improve product stability and security

Transaction records and other data are managed by Apple. Please refer to Apple's privacy policy.

9.5 Device Identifier

To distinguish sync data sources across your multiple Apple devices, the App Store version of IATerm generates a random device identifier (UUID) on each device. This identifier:

• Is completely random and contains no hardware, account, or personally identifiable information
• Is stored only in your device's Keychain and your own iCloud private database
• Is never transmitted to Infiniact or any third party
• Is not used for advertising or cross-app tracking
• Cannot be used to identify you personally

You can remove this identifier by uninstalling the app or clearing IATerm's iCloud data from System Settings.

10.3 Data Storage Location

All sync data for the App Store version is stored on Apple iCloud servers:

• Storage Location: Apple's iCloud servers, with specific locations determined by Apple based on your account region
• Data Control: Your synced data is stored only in your personal iCloud private space
• Zero-Knowledge Architecture: Neither Infiniact nor Apple can decrypt your synced data
• Legal Protection: Apple's data centers comply with local laws and regulations, providing legal protection for your data
• Data Management: You can manage your iCloud data through your Apple ID, including deleting synced data

10.4 14-Day Free Trial

• Local trial status stored in Keychain
• Trial start time is first launch date
• Trial status is not reported to any server
• Full functionality during trial period

10.5 Payment Information

• License verification completed through Apple StoreKit framework
• No payment information collected (all payments handled by Apple)

10.6 License Authorization

• Usage authorization verified through Apple's official authorization mechanism
• Authorization status managed by Apple App Store
• We do not collect your device identification information for authorization

10.7 Data Isolation

• App Store version does not share data with the direct download version from our website
• iCloud synced data only syncs within the same version family (App Store versions)
• Uninstalling the App Store version does not affect the website version's data

10.8 Your Rights

User rights for the App Store version are governed by Apple's privacy policy:

• Apple Privacy Policy: Please refer to Apple's Privacy Policy (https://www.apple.com/privacy/)
• Data Management: You can manage data related to the App Store version through your Apple ID
• Data Deletion: Delete IATerm's iCloud data through the iCloud management interface in System Settings
• Account Management: Manage your Apple ID and related data through Apple's official channels

To learn how Apple handles your data, please contact Apple directly or visit Apple's Privacy Policy page.

10. Website Direct Version Specifics

This section applies only to the IATerm version downloaded directly from the IATerm website (www.iaterm.ai).

11.1 Website Services

The IATerm website provides the following services:

• Application Download: Direct download of the IATerm application
• Account Management: Create accounts, manage personal information, link third-party logins
• License Purchase: Online purchase of usage licenses
• Configuration Sync: Cross-device sync of connection configurations and preferences

When using website services, we collect necessary data such as login information and operation logs. See details in each subsection below.

11.2 Account System and Login

• You can create an Infiniact account to activate cross-device sync
• Account information includes the username and email address you provide
• Email address is used only for account verification and important notifications

Login Information Collection

When you log in to the website, we collect the following information for security verification and service improvement:

• Login time and IP address
• Browser type and version
• Device type and operating system
• Login status (success/failure)

Credential Protection

• Passwords are stored using one-way hash encryption; we cannot view your original password
• All login requests are transmitted via HTTPS/TLS encryption
• Login status is managed via JWT Token with limited validity and can be revoked

Third-Party Login

• Supports Google, GitHub, and WeChat login
• Third-party login only obtains necessary user information (username, email, avatar)
• Third-party login is subject to the respective platform's privacy policy
• You can unlink third-party accounts in account settings

11.3 Data Storage Location

All sync data for the website version is stored on www.iaterm.ai servers:

• Storage Location: Servers in Hong Kong
• Encryption Protection: All sync data is end-to-end encrypted with your sync password (AES-256-GCM) before transmission
• Zero-Knowledge Architecture: We cannot decrypt your synced data
• Legal Protection: Hong Kong has comprehensive data protection laws (Personal Data (Privacy) Ordinance - PDPO) to protect your data
• Transmission Security: All data transmissions use HTTPS/TLS encryption

11.4 Configuration Sync Service

If you activate configuration sync, see Section 1.3 for synced data content.

Sync Security

• All data is encrypted on your device with your sync password before upload
• Uses AES-256-GCM encryption with key derived via Argon2id
• We cannot decrypt your synced data (zero-knowledge architecture)
• Sync password is never transmitted or stored in plaintext
• Important Note: Your sync password is the sole key protecting all your synced data. Use a strong password, keep it secure, and change it regularly

11.5 Payment Information

• Payment processing handled by third-party payment service providers; we do not store your complete payment information

11.6 License Authorization

• Usage authorization verified through License matching with device identifier
• Device identifier is hashed to generate a unique identifier; original device information cannot be reverse-engineered
• Only the hashed identifier is transmitted during authorization verification; raw device information is not transmitted

11.7 Data Isolation

• Website version does not share data with the App Store version
• Website version sync data only syncs within the same version family
• You can install both versions simultaneously; their data are completely independent

11.8 AI Features

The website version provides AI-assisted features:

• Data Processing: This tool acts only as a channel. Intelligent programming and AI chat are transmitted by the AI tool you choose and are subject to that AI tool's privacy policy.
• Data Flow: Input and output content is stored locally; during processing, it is sent to AI service providers. Our servers do not collect or store this data.
• Privacy Responsibility: Use of AI services is subject to the respective AI provider's privacy policy.

11.9 Your Rights

Under the Hong Kong Personal Data (Privacy) Ordinance, when using the website version you have the right to:

• Access: Request access to personal data we hold about you
• Correction: Request correction of inaccurate or incomplete personal data
• Deletion: Request deletion of your personal data (we will delete within 30 days after account deletion)

To exercise these rights or for privacy inquiries, please contact: privacy@infiniact.com.

11. Policy Updates

We may update this Privacy Policy from time to time. As IATerm features evolve and the scope of data processing changes, we may adjust the sections of this policy regarding data collection, use, and storage.

The updated policy will be posted on this page, and we will notify you of significant changes through in-service notifications or the contact information you provided during registration. Your continued use of our services constitutes acceptance of the updated Privacy Policy. We recommend that you review this policy periodically to stay informed of the latest content.

12. Contact Us

For privacy-related questions, data protection requests, or inquiries, please contact:

• Email: privacy@infiniact.com
• Company: INFINIACT CO., LIMITED
• Jurisdiction: Hong Kong SAR

We will respond to your request as soon as possible and process it within the timeframe required by law.

Last updated: April 18, 2026