Privacy Policy

1. Introduction

This Privacy Policy explains how Broski, operated by Muzammil ("we," "us," or "our"), collects, uses, stores, and protects information when you use the Broski mobile application ("App") and related services. By using the App, you agree to the practices described in this Privacy Policy.

Broski is a mobile application that allows you to remotely control AI coding agents running on your personal computer from your mobile device. The App connects to a bridge server you run on your own machine and to our cloud services for authentication and subscription management.

2. Information We Collect

2.1 Account Information

When you create an account via Google Sign-In or Apple Sign-In, we collect:

• •Email address — Account identification, subscription management, support communications
• •Display name — From sign-in provider (if provided)
• •Auth tokens — Verifying your identity (we do not store your Google or Apple passwords)

2.2 Subscription & Payment Information

We use RevenueCat for subscription management and Apple's App Store (or Google Play) for payment processing. We collect subscription status, product identifiers, and purchase receipt validation data.

2.3 Device & Machine Information

• •Device ID — Random UUID generated by us (not a hardware identifier)
• •Machine ID (hash only) — Irreversible hash for license enforcement
• •Platform type & device name — e.g., "iOS", "iPhone"

2.4 Data Stored Locally Only

The following is stored only on your device using encrypted storage and is never sent to our servers:

• •Bridge connection credentials (IP, port, auth token) — iOS Keychain / Android EncryptedSharedPreferences
• •Cached chat sessions and messages (max 50 per session)
• •App settings and preferences
• •TLS certificate fingerprints

3. What We Do NOT Collect

4. How Data Flows

Your code, conversations, and AI interactions flow directly between your devices and the AI providers you configure — they do not pass through our servers.

5. Third-Party Services

• RevenueCat — Subscription management (Privacy Policy)
• Convex — Cloud backend for auth and licensing (Privacy Policy)
• Google / Apple (Sign-In) — Authentication
• AI Providers (user-configured) — Anthropic, OpenAI
• Tailscale (optional) — Privacy Policy

We do not use any analytics, advertising, crash reporting, or user tracking SDKs.

6. Your Rights

• •Access your data — View account information in Settings > Account
• •Delete your account — Settings > Account > Delete Account (permanently removes all data from our servers)
• •Revoke machines — Remove registered machines from your account
• •Clear local data — Clear cached data via Settings > Clear Cache
• •Uninstall — Removes all app data from your device

GDPR (EU/EEA): You have rights to access, rectification, erasure, portability, restriction, and objection. Our legal bases are performance of contract and legitimate interest.

CCPA (California): You have rights to know, delete, and opt-out of sale. We do not sell your personal information.

7. Children's Privacy

Broski is rated 17+ and is not intended for children under 17. We do not knowingly collect information from children under 13. If we learn we have collected such information, we will delete it promptly.

8. Data Security & Retention

Device data is encrypted via iOS Keychain or Android EncryptedSharedPreferences (AES-256). Server data is encrypted in transit (TLS 1.2+) and at rest. Account data is retained until you delete your account. Locally cached data is retained until you clear it or uninstall.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the date above and providing notice in the App. Your continued use after changes constitutes acceptance.

10. Contact Us

If you have questions about this Privacy Policy or your data:

broskiappp@gmail.com

We will acknowledge requests within 48 hours and respond within 30 days.

App Store Privacy Label Summary