Privacy Policy

Last updated: February 1, 2026

Overview

JumpTerm is built on a zero-knowledge architecture. Your vault data is encrypted on your device before it reaches our servers, and we do not have access to your encryption keys. This privacy policy explains what data we do collect, why, and how we handle it.

1. Data We Collect

Account Information

When you create an account, we collect your email address and, if applicable, your name. This is used for account authentication, billing, and support communications.

Encrypted Vault Data

We store your encrypted vault blobs on our servers to enable sync between your devices. This data is end-to-end encrypted and we cannot read its contents. We can see the size and number of vault items, but not their contents.

Device Information

We store device names, platform identifiers, and public keys for each authorized device. This information is used for device management and key exchange.

Usage Analytics

We collect anonymous, aggregated usage analytics such as app opens, feature usage counts, and crash reports. These do not include any vault content or connection details. You can opt out of analytics in the application settings.

2. How We Use Your Data

  • Providing and maintaining the sync service
  • Processing payments and managing subscriptions
  • Sending transactional emails (password resets, security alerts)
  • Improving the application through anonymous analytics
  • Providing customer support when you contact us

3. Data We Do Not Collect

We never collect, access, or store: your vault passphrase, your encryption keys, the plaintext contents of your vault (hostnames, usernames, passwords, private keys, snippets), your SSH session content, or your browsing activity outside of our website.

4. Data Sharing

We do not sell your personal data. We share data only with: (a) infrastructure providers necessary to operate the Service (cloud hosting, payment processing); (b) when required by law, such as in response to a valid legal process. Because your vault data is end-to-end encrypted, even if compelled to hand over data, we can only provide ciphertext.

5. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data and encrypted vault data from our servers within 30 days. Anonymous analytics data may be retained indefinitely.

6. Security

We use industry-standard security practices to protect our infrastructure, including TLS for all data in transit, encrypted storage for data at rest on our servers, access controls, and regular security audits. Your vault data has an additional layer of protection through client-side end-to-end encryption.

7. Cookies

Our website uses essential cookies for authentication and session management. We use a privacy-friendly analytics service that does not use cookies. We do not use third-party advertising cookies.

8. Your Rights

You have the right to: access your personal data, correct inaccurate data, delete your account and associated data, export your data, and opt out of analytics. To exercise these rights, contact us at privacy@jumpterm.com.

9. Children

JumpTerm is not intended for use by children under the age of 13. We do not knowingly collect personal data from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email at least 30 days before they take effect. The current version is always available at this URL.

11. Contact

For privacy-related inquiries, contact us at privacy@jumpterm.com.