← supermux

Privacy Policy

Last updated: 24 June 2026

Supermux is a native iOS, iPadOS, and Android app that connects to a broker — a piece of software you run on your own computer. It is a remote client, much like an SSH or terminal app.

The developer of Supermux does not operate any server for the app, and does not collect, receive, or store any of your data. Everything happens between the app on your device and the broker on your own machine.

What the app accesses on your device, and why

Push notifications

To notify you when a session needs attention, the apps use the platform push service: Apple Push Notification service (APNs) on iOS/iPadOS, and Firebase Cloud Messaging (FCM, a Google service) on Android. A device push token is shared with that provider and with your broker so a notification can be routed to your device. Notification contents are end-to-end encrypted by your broker — the push provider relays only ciphertext. Google’s handling of FCM data is governed by the Google Privacy Policy.

Where your data goes

All session content, messages, code, and credentials are exchanged directly between the app and the broker on your own machine. None of it is sent to the developer or to any third party. Supermux contains no analytics, advertising, or tracking SDKs, and does not track you across apps or websites.

Data stored on your device

A pairing token for your broker is stored in your device’s secure storage (the iOS Keychain on Apple devices, encrypted storage on Android) so the app can reconnect. You can remove it at any time by unpairing within the app or by deleting the app.

Children

Supermux is a developer tool and is not directed to children.

Changes to this policy

Any changes will be posted on this page with an updated date above.

Contact

Questions about this policy or the app: support@supermux.dev · supermux.dev · GitHub