← attach.sh

App Privacy Policy

Last updated: May 4, 2026

1. Scope of This Policy

This policy covers the Attach iOS app and the optional attach-notify helper script described on attach.sh. It does not cover the attach.sh marketing website itself; the website has a separate Website Privacy Notice.

The data controller is Arbiter Technologies Ltd. (UIC 207164164), Prof. Krastyo Mirski Str., Bl. 10, Ent. A, Apt. 8, Sofia 1407, Bulgaria.

2. What We Do Not Collect on Our Servers

Attach does not send your SSH credentials, server details, tmux session content, keystrokes, terminal output, connection history, or microphone audio to Attach-operated servers. We do not use analytics, advertising SDKs, tracking pixels, or third-party crash reporting in the app.

If you use optional voice input or AI refinement, audio capture, transcription, and refinement run locally on your device. If you enable push notifications, the relay server processes an Apple Push Notification device token and a pairing identifier to route notifications. Notification content is end-to-end encrypted before it reaches the relay — we cannot read it. See Section 5 for details.

3. What the App Stores On Your Device

Attach processes data locally on your device to provide the app.

• Passwords and private keys are stored in the iOS Keychain.
• Connection names, hosts, ports, usernames, SSH key metadata, default forwards, settings, and certain session state are stored in app storage on your device.
• If you enable optional voice features, downloaded speech and AI refinement model files, related preferences, and transient local processing state may be stored on your device.
• Last-session state and crash-recovery data may be stored locally so the app can restore UI or tmux state after reconnecting.

4. Push Notifications

Attach offers optional push notifications to alert you when tools like Claude Code, Pi, or Codex need attention. Push notifications use a relay server operated by Arbiter Technologies Ltd., hosted in the EU (Hetzner, Germany).

How it works:

• When you pair your device, the relay stores a pairing token (a random UUID) and an Apple Push Notification service (APNs) device token to route notifications to your phone.
• When a notification is triggered on your server, the attach-notify script encrypts the notification content with AES-256 on your server before sending it to the relay.
• The relay forwards the encrypted payload to Apple's push notification service. The relay cannot decrypt or read notification content.
• Your phone decrypts the notification locally using a key set up during pairing. During QR-code setup, the relay may receive the key transiently to render the QR code, but it does not store encryption keys.

What the relay stores:

• A pairing token (random UUID) and an APNs device token (an opaque identifier generated by Apple for push routing).
• No notification content, project names, message text, server addresses, or encryption keys are stored on the relay.

Data lifecycle:

• Pairing records are deleted when you unpair in the app, when Apple invalidates the device token, or if the pairing is unused for an extended period.
• You can unpair at any time from Settings → Push Notifications in the app.

5. Voice Input, SSH Connections, Uploads, and Web Preview

SSH connections are established directly between your device and the servers you configure. Attach does not proxy or relay those sessions through our servers.

• If you enable voice input, the app requests microphone access and captures audio locally on your device while you record.
• Voice transcription and optional AI refinement run on-device using downloaded models. We do not send microphone audio, transcriptions, or refined output to Attach-operated servers as part of this feature.
• Any resulting terminal input is sent only through your SSH session to the remote server you are connected to, the same way typed input is.
• Downloading optional voice models may cause your device to connect directly to model-hosting infrastructure used by the underlying libraries to fetch those files.
• Image paste and other file transfers are uploaded directly to your own remote environment over SFTP.
• Web preview uses a local port forward and an in-app browser view pointed at 127.0.0.1 on your device.

6. Optional Helper Script

If you choose to install attach-notify, it runs on your own machine. It may add a script to your local path, generate and store a local encryption key, and update Claude Code notification hooks on the machine you control.

Those changes happen on your infrastructure. The encryption key used for end-to-end encryption is generated and stored locally on your server. During QR-code setup, the relay may receive the key transiently to render the QR code, but it does not store encryption keys.

7. Purchases and Apple

Attach is sold through Apple's App Store. Apple processes payment, billing, and account information under Apple's own terms and privacy policies. We do not receive your full payment card details.

8. Third-Party Services

The app does not integrate third-party analytics, advertising, tracking, or crash-reporting services. Core third-party services include Apple platform services such as the App Store, iOS Keychain, and Apple Push Notification service (APNs). If you choose to download optional on-device voice models, your device may also connect directly to model-hosting infrastructure used by the underlying libraries to fetch those files.

9. Retention and Control

Because Attach is local-first, most data remains under your control on your device or your own servers. You can remove app-stored data by deleting connections, clearing settings, unpairing push notifications, or deleting the app. Unpairing deletes your device token from the relay server.

10. Children's Privacy

Attach is not directed at children under 13, and we do not knowingly collect personal information from children on Attach-operated servers.

11. Changes to This Policy

We may update this App Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of Attach after changes take effect constitutes acceptance of the revised policy.

12. Your Rights Under EU Law

Arbiter Technologies Ltd. is the data controller for any personal data processed through the Attach app. The relay server processes a minimal device identifier (APNs token) for push notification routing under GDPR Art. 6(1)(b) (performance of a contract / service you requested). You can request deletion of this data by unpairing in the app or by contacting us.

If you have questions about how your data is handled, contact support@arbt.tech.

You have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection (CPDP) or with the supervisory authority in your country of residence.