Privacy Policy for nasSSH
Effective Date: February 3, 2026
Developer: nasSSH
Contact: nashit93@gmail.com
Overview
nasSSH is a paid SSH and SFTP client for Android. This app is designed with privacy in mind. We do not collect, transmit, or share any personal data with anyone.
Data Stored on Your Device
All data is stored locally on your device only and is never sent to our servers or any third party. The app stores:
- Connection details — server hostnames, ports, usernames, and connection preferences you configure
- Credentials — SSH passwords, private keys, and passphrases, all encrypted using AES-256-GCM via Google Tink with hardware-backed Android Keystore
- Known host keys — SSH server fingerprints for host verification
- Command snippets — saved commands you create
- App preferences — theme, font size, and other settings
Data Transmitted Over the Network
The app connects only to SSH/SFTP servers that you manually configure. No other network connections are made. Specifically:
- No data is sent to the developer
- No analytics or telemetry is collected
- No crash reports are transmitted
- No advertising networks are contacted
- No third-party services receive your data
All SSH/SFTP connections are direct between your device and the servers you configure.
Third-Party Services
This app does not use any third-party services such as Firebase, Google Analytics, advertising SDKs, or crash reporting tools.
Permissions
The app requests the following permissions, all necessary for core SSH functionality:
| Permission | Why It's Needed |
|----------------------|------------------------------------------------------------|
| Internet | To connect to your SSH/SFTP servers |
| Network State | To detect connectivity changes for auto-reconnect |
| Foreground Service | To keep SSH sessions alive in the background |
| Notifications | To show active session and command completion alerts |
| Wake Lock | To prevent the device from sleeping during active sessions |
| Battery Optimization | To allow persistent background connections |
Data Security
- Sensitive credentials are encrypted with AES-256-GCM using Google Tink
- Encryption keys are stored in the Android Keystore (hardware-backed when available)
- Cloud backup is disabled — your data is not included in Android backups
- All data is deleted when the app is uninstalled
Data Retention
All data remains on your device until you manually delete it or uninstall the app. There is no cloud sync, no remote storage, and no data retention on external servers.
Children's Privacy
This app is not directed at children under 13 and does not knowingly collect data from children.
Changes to This Policy
If this policy is updated, the revised version will be posted on this page with an updated effective date.
Contact
If you have questions about this privacy policy, contact us at:
nashit93@gmail.com