Privacy Policy

This Privacy Policy explains how Termopus ("we," "us," or "our"), based in Israel, handles information when you use the Termopus mobile application, desktop bridge component, and related services (collectively, the "Service"). We are committed to protecting your privacy. Termopus is designed with a privacy-first architecture — your code is end-to-end encrypted, we do not require accounts, and we collect the absolute minimum data necessary to operate the Service.

Device Identifiers

We collect basic device identifiers for license validation:

• Device ID
• Operating system and version
• App version

This information is used solely to verify your license and ensure compatibility.

Payment Information

All payments are processed by third-party providers:

• Apple App Store — for iOS in-app purchases
• Google Play Store — for Android in-app purchases
• Paddle — for web-based purchases (Merchant of Record)

We do not receive or store payment details. When you purchase through Paddle, they may collect your email address (for receipts), billing address, and payment details. This data is processed by Paddle, not by Termopus.

Termopus is designed to minimize data collection. We do not collect:

• Source code or session content — All communication is end-to-end encrypted using AES-256-GCM.
• Personal account information — No accounts required. We do not collect your name, email, or phone number. (Paddle may collect email/billing for web purchases, held by Paddle.)
• Usage analytics or behavioral data — No tracking of feature usage or session duration.
• Location data — We do not access your geographic location.
• Contacts, photos, or other device data

The device identifiers we collect are used exclusively for:

• License validation — Verifying your device is authorized
• Compatibility — Ensuring the Service works on your device

We do not use this information for advertising, profiling, marketing, or any purpose beyond operating the Service.

We work with the following providers:

• Apple Inc. — iOS in-app purchases and App Store distribution
• Google LLC — Android in-app purchases and Google Play distribution
• Paddle — Merchant of Record for web purchases. Handles payments, billing, tax/VAT, invoices, and receipts.
• Cloudflare, Inc. — Relay infrastructure. The relay is completely stateless and stores no data.

We do not sell, rent, or share your information with any other third parties.

The Termopus website does not set any first-party cookies. Third-party services (Cloudflare and Paddle) may set cookies for security and payment processing. See our Cookie Policy for details. If we introduce basic analytics in the future, we will update this policy with notice.

• Device identifiers are retained only while your license is active and deleted upon expiration or cancellation.
• Payment records are retained by third-party providers per their own policies. We do not retain payment records.

The Service is not intended for children under 13. We do not knowingly collect information from children under 13. If we become aware of such data, we will promptly delete it.

For All Users: You may request deletion of your device identifiers or request to know what data we hold about you.

Under GDPR (EEA Users): Right of access, rectification, erasure, data portability, and right to restrict or object to processing.

Under Israeli Privacy Protection Law (5741-1981): Right to access and correct your personal data.

Contact Support@termopus.com to exercise your rights.

• End-to-end encryption — AES-256-GCM before data leaves your device
• Zero-knowledge relay — Cannot access or store session content
• Hardware-backed keys — Secure Enclave (iOS) / StrongBox (Android)
• Biometric authentication — Face ID or fingerprint
• No data at rest — No code stored on any server

We may update this Privacy Policy from time to time. We will notify you of material changes at least 14 days before they take effect via in-app notification. Continued use constitutes acceptance.

Questions or data rights requests: Support@termopus.com