Privacy Policy

1. Who we are

SSHED is a service operated by GTAI, a company registered in the United Arab Emirates (National Bank of Abu Dhabi, Abu Dhabi). In this policy, "SSHED", "we", "us" and "our" refer to GTAI in its capacity as the operator of SSHED. For data protection purposes, GTAI is the controller of personal data processed in connection with SSHED.

If you are in the European Economic Area (EEA), the United Kingdom, or another jurisdiction whose data protection law applies to our processing of your personal data, this policy is intended to meet our obligations to you under that law (including the EU/UK General Data Protection Regulation).

2. Scope of this policy

This policy applies to:

• The SSHED marketing website at sshed.net
• The SSHED application at app.sshed.net
• Any related APIs, documentation, support channels, and email communications

It does not apply to third-party websites or services we link to, or to the servers you operate and connect to SSHED. Those servers are under your control; what runs on them, and the data they hold, is your responsibility.

3. Information we collect

3.1 Account information

When you sign up, we collect your email address and display name from your identity provider (Auth0). We do not receive or store your password — authentication is handled entirely by Auth0.

3.2 Billing information

If you subscribe to a paid plan, billing is processed by Stripe. We receive a customer ID, subscription status, plan tier, and invoice metadata from Stripe — we never see or store your card details. Stripe's own privacy policy governs how they handle that information.

3.3 Server and mesh metadata

When you link a Tailscale or Headscale account, SSHED reads the hostnames, IP addresses, and online status of the nodes on your tailnet so we can display them in your dashboard. This metadata is stored in our database to power features like saved connections and the audit log.

3.4 SSH keys

When you generate an SSH keypair in SSHED, we store the private key encrypted at rest using a per-deployment encryption key managed via Docker Swarm secrets. The plaintext key never leaves the server it is generated on, except as a public key installed to your server's authorized_keys file. You may also choose to bring your own keys; in that case, the same at-rest encryption applies.

3.5 Usage telemetry

We use PostHog (hosted in the EU) to understand how SSHED is used — which features get opened, where the funnel breaks, which errors users hit. PostHog events are associated with your account ID and email so we can support you when you contact us. You can opt out of analytics in your account settings; we will then send PostHog only what is necessary to deliver the service.

3.6 Audit log

SSHED keeps an audit log of session events (who connected to which server, when, from where) and key events (generated, installed, rotated, deleted). Retention is 30 days on Free and Pro plans, and custom on Enterprise. Audit logs are visible only to you (and, on Enterprise, to your team admins).

3.7 Support communications

If you email us at privacy@sshed.net, abuse@sshed.net, or any other SSHED address, we retain the message and any context you provide so we can respond and improve the service.

4. What we do not collect

• Terminal session contents. We do not log keystrokes, command output, file contents, or anything you type or read inside a terminal session. Sessions are end-to-end encrypted between your browser and your server; we only record metadata for the audit log.
• Payment card details. Stripe handles cards. We never see card numbers, CVCs, or full bank details.
• Files on your servers. SSHED does not index, mirror, or back up the contents of your servers' filesystems.
• Sensitive categories. We do not knowingly process special categories of personal data (e.g. health, biometric, political views) and ask that you not enter such data into SSHED.

5. How we use information

• To provide the SSHED service: showing your servers, serving terminals, managing keys, billing your subscription.
• To secure the service: detect abuse, enforce rate limits, investigate incidents.
• To improve the service: aggregate, anonymized analytics on feature usage and error rates.
• To communicate with you: account, billing, security, and (only with consent) marketing emails.
• To comply with law: respond to lawful requests and meet our legal obligations.

6. Legal bases (GDPR)

For users protected by EU/UK data protection law, our legal bases are:

• Contract (Art. 6(1)(b)) — to provide the service you signed up for, including authentication, key storage, billing, and audit logs.
• Legitimate interests (Art. 6(1)(f)) — to secure the service, prevent abuse, and improve product reliability. We balance these interests against your rights.
• Consent (Art. 6(1)(a)) — for non-essential analytics and marketing emails. You may withdraw consent at any time.
• Legal obligation (Art. 6(1)(c)) — to comply with tax, accounting, and lawful disclosure requirements.

7. Subprocessors

We rely on a small set of subprocessors to deliver SSHED. Each has been chosen for security posture and contractual privacy commitments:

• Auth0 (Okta, Inc.) — identity and authentication. Data: email, display name, login events.
• Stripe, Inc. — payments and subscription billing. Data: name, email, billing address, payment method (held by Stripe), transaction history.
• Cloudflare, Inc. — CDN, DNS, WAF, Pages hosting, Tunnel, Access. Data: request metadata.
• Akamai Technologies / Linode — application hosting and managed Postgres, in Frankfurt, Germany. Data: all account, key vault, audit log, and server metadata.
• PostHog, Inc. (EU instance) — product analytics. Data: account ID, email, events.
• Resend, Inc. — transactional email delivery. Data: email address, message contents.

We will update this list when subprocessors change. Material additions are announced at least 14 days in advance for users on annual Pro plans and on Enterprise.

8. Data retention

• Account data — kept while your account is active and for 30 days after deletion (grace period), after which it is purged from primary systems within 30 days and from backups within 90 days.
• Audit logs — 30 days on Free and Pro plans; custom retention on Enterprise (as set in your contract).
• SSH keys — retained until you delete them or your account is purged; encrypted at rest at all times.
• Billing records — retained for the period required by applicable tax law (typically 7 years).
• Support communications — kept for 24 months unless you ask us to delete them sooner.

9. International transfers

GTAI is established in the UAE. Our application infrastructure runs in Frankfurt, Germany (Akamai/Linode). Some of our subprocessors (notably Auth0 and Stripe) may process limited data in the United States or other jurisdictions.

Where your data is transferred outside the EEA or UK to a country without an adequacy decision, we rely on appropriate safeguards — typically the European Commission's Standard Contractual Clauses (2021/914) with the relevant subprocessor, supplemented by technical measures (encryption in transit and at rest). You can request a copy of the safeguards in place for a specific transfer by emailing privacy@sshed.net.

10. Your rights

Depending on where you live, you may have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectification — ask us to correct inaccurate or incomplete data.
• Erasure — ask us to delete your data ("right to be forgotten"), subject to overriding obligations.
• Restriction — ask us to pause processing while a concern is investigated.
• Portability — receive your data in a machine-readable format, or have us transmit it to another controller.
• Objection — object to processing based on legitimate interests, including direct marketing.
• Withdraw consent — where processing relies on consent, you can withdraw it at any time.
• Lodge a complaint — with your local data protection authority (in the EEA, your national DPA; in the UK, the ICO).

To exercise any of these rights, email privacy@sshed.net. We will respond within 30 days, extendable by up to 60 days for complex requests, in which case we will notify you within the initial period.

11. Cookies & analytics

SSHED uses cookies and similar technologies for a small set of purposes:

• Authentication — session cookies set by Auth0 to keep you signed in. Essential.
• Preferences — local storage for theme choice, layout, and saved connections. Essential.
• Analytics — PostHog cookies recording feature usage. Non-essential. Opt-out available in account settings.
• Anti-abuse — Cloudflare's bot protection sets short-lived cookies to distinguish humans from automated traffic. Essential.

We do not use third-party advertising cookies or sell data to advertisers.

12. Security

We take engineering measures appropriate to the sensitivity of the data we hold. These include:

• TLS 1.2+ for all data in transit (HSTS enforced).
• Fernet-encrypted SSH private keys at rest, with the encryption key held only in Docker Swarm secrets — never written to disk in plaintext.
• Per-deployment secrets and least-privilege internal networking (Docker Swarm overlay with attachable scoping).
• Identity managed entirely by Auth0 with JWKS-verified tokens; we never see or store passwords.
• Daily managed Postgres backups; documented quarterly restore drills.
• Audit log of every privileged event.

No system is perfectly secure. If you believe you have found a vulnerability, please report it to security@sshed.net — we operate a good-faith disclosure policy and will not pursue legal action against researchers who report responsibly.

13. Children

SSHED is a tool for software professionals. It is not directed at children under 16, and we do not knowingly collect data from them. If you believe a child has provided us with personal data, contact privacy@sshed.net and we will delete it.

14. Changes to this policy

We may update this policy from time to time. If we make material changes, we will notify registered users by email at least 14 days before the change takes effect, and update the "Last updated" date at the top of this page. Continued use of SSHED after the effective date constitutes acceptance of the updated policy.

15. Contact us

For any privacy question, request, or complaint:

• Privacy & data requests: privacy@sshed.net
• Abuse reports: abuse@sshed.net
• Security disclosures: security@sshed.net
• Postal: GTAI, National Bank of Abu Dhabi, Abu Dhabi, United Arab Emirates

This document is a plain-language summary of how we handle data. It is not a substitute for legal advice. If you operate SSHED in a regulated industry or have specific compliance requirements, please contact us so we can address them.