Supermux is a native iOS, iPadOS, and Android app that connects to a broker — a piece of software you run on your own computer. It is a remote client, much like an SSH or terminal app.
To notify you when a session needs attention, the apps use the platform push service: Apple Push Notification service (APNs) on iOS/iPadOS, and Firebase Cloud Messaging (FCM, a Google service) on Android. A device push token is shared with that provider and with your broker so a notification can be routed to your device. Notification contents are end-to-end encrypted by your broker — the push provider relays only ciphertext. Google’s handling of FCM data is governed by the Google Privacy Policy.
All session content, messages, code, and credentials are exchanged directly between the app and the broker on your own machine. None of it is sent to the developer or to any third party. Supermux contains no analytics, advertising, or tracking SDKs, and does not track you across apps or websites.
A pairing token for your broker is stored in your device’s secure storage (the iOS Keychain on Apple devices, encrypted storage on Android) so the app can reconnect. You can remove it at any time by unpairing within the app or by deleting the app.
Supermux is a developer tool and is not directed to children.
Any changes will be posted on this page with an updated date above.
Questions about this policy or the app: support@supermux.dev · supermux.dev · GitHub