Privacy Policy

KoreShell collects only what is necessary to operate the licensing service: • Email address and hashed password (for account login) • License key and device fingerprint (for activation) • Payment records via Stripe (we never see your full card number) • Timestamp of license activations and deactivations We do not collect: SSH credentials, server hostnames, commands you run, file contents, terminal output, AI prompts, or any data processed by the desktop app.

All SSH credentials, server configurations, and vault contents are stored locally on your machine inside an AES-256-GCM encrypted vault. This data is backed by macOS Keychain or Windows DPAPI. KoreShell never transmits your credentials, private keys, or server data to our servers. SSH connections are made directly from your machine to your servers — there is no relay infrastructure.

If you use the AI terminal assistant, your prompts and context are sent directly to the AI provider you configure (Anthropic, OpenAI, Google). KoreShell does not proxy, log, or store these requests. Review the privacy policy of your chosen AI provider for how they handle your data. AI-assisted command execution requires your explicit approval before any command runs. KoreShell logs the approval event locally for your audit trail — this log never leaves your machine.

The KoreShell website uses minimal session cookies for authentication (httpOnly, SameSite=Strict). We do not use third-party analytics, tracking pixels, or advertising cookies.

Account data is retained while your account is active. You may delete your account at any time by emailing team@koreshell.io. License and payment records required for legal compliance are retained for 7 years per standard accounting rules.

• Stripe — payment processing (https://stripe.com/privacy) • Postmark — transactional email delivery (https://postmarkapp.com/privacy-policy) • Neon — database hosting for the license server, located in US-East The desktop app itself communicates only with the KoreShell license server (TLS 1.3) and with your own servers via SSH.

You may request a copy of your data, correction of inaccurate data, or deletion of your account by emailing team@koreshell.io. We will respond within 30 days.

KoreShell Systems team@koreshell.io Last updated: May 2026