Privacy Policy

Last updated: February 28, 2026

The short version

Nockset does not collect, store, or transmit any of your personal data. Everything stays on your device and your servers.

Data we collect

None.

Nockset does not collect analytics, telemetry, crash reports, usage data, or any other information about you or how you use the app. There are no third-party SDKs, trackers, or advertising frameworks in the app.

Data stored on your device

Nockset stores the following data locally on your device to function:

  • Server connection details — hostnames, ports, usernames, and connection names are stored in on-device app storage.
  • Credentials — passwords, private keys, and passphrases are stored exclusively in the iOS Keychain, encrypted by the operating system.
  • SSH host key fingerprints — stored in the iOS Keychain for verifying server identity on subsequent connections.
  • App preferences — settings like font size, layout mode, and editor preferences are stored in UserDefaults on your device.
  • API keys — if you use bring-your-own-key, your API keys are stored exclusively in the iOS Keychain.
  • AI model files — the on-device code completion model (~1 GB) is downloaded on first use and stored locally in the app's Documents directory.

This data never leaves your device. It is not backed up to any server we operate because we do not operate any servers.

Network connections

Nockset makes network connections only when you initiate them:

  • SSH servers — the servers you configure in the app.
  • AI model download — a one-time download from Hugging Face when you enable on-device code completion. No account or personal data is sent.
  • Cloud AI providers — only if you opt in to bring-your-own-key. Requests are sent directly to the provider (e.g., Anthropic) using your API key.

There are no analytics, "phone home" requests, update checks, or background network activity initiated by the app.

On-device AI

Nockset includes two on-device AI features that run entirely on your hardware:

  • Code completion — powered by llama.cpp running a local model. All inference happens on-device. Your code is never sent to any server.
  • Aim — an AI assistant powered by Apple Intelligence using Apple's on-device foundation model. Your prompts and data processed by Aim are never sent to any external server.

Cloud AI (bring your own key)

If you choose to use cloud AI by entering your own API key, data will be sent to the third-party AI provider you select. This is entirely optional — you must explicitly opt in, and the app will ask for your consent before transmitting any data.

Currently supported providers:

  • Anthropic (Claude) — requests are sent to api.anthropic.com. More providers will be added in future updates.

What data is sent to the provider:

  • Your chat messages and prompts.
  • File contents you ask the AI to read or edit.
  • Command outputs from tool execution.
  • Server context (OS version, shell, project type) to improve AI responses.

What is not sent:

  • Your SSH credentials, passwords, or private keys.
  • Files or data you have not explicitly asked the AI to access.

Additional details:

  • All data is transmitted over encrypted connections (HTTPS/TLS).
  • We do not store your prompts or responses on any server we operate. Data goes directly from your device to the provider.
  • Data handling by the provider is governed by their own privacy policy (e.g., Anthropic's privacy policy).
  • You can remove your API key and switch to on-device AI at any time.

Children's privacy

Nockset is not directed at children under 13 and does not knowingly collect information from children.

Changes to this policy

If we update this policy, we will post the revised version here with an updated date.

Contact

Questions about this privacy policy? Contact us at contact@nockset.com.