Privacy policy

Last updated: June 5, 2026

Short version

  • Rustty does not collect personal data and does not send telemetry.
  • Rustty has no account system, requires no registration and does not contact Rustty-owned servers.
  • Your profiles, passwords and files remain on your machine, on the remote servers you connect to, or in the sync provider you explicitly configure.
  • Cloud sync is optional and E2E-encrypted: Google Drive, WebDAV, iCloud Drive or a local/NAS folder receive only an encrypted blob (rustty-sync.bin).
  • The network connections Rustty initiates are: your configured remote servers; your sync backend if enabled; the Tauri updater if enabled; and operating-system signature validation services.
  • In other words: this program will not transfer any information to other networked systems unless specifically requested by the user or the person installing or operating it.

Controller

Rustty is an open source project developed by Alejandro Soriano. The application is local-first: it runs on your computer and has no associated cloud service.

For questions about this policy, open an issue in the repository: github.com/Aleixenandros/Rustty/issues.

Data processed on your machine

Rustty creates and reads the following local data:

  • Connection profiles (profiles.json): name, host, port, user, authentication type, key path, folder/workspace ids and profile options. No passwords.
  • Preferences: theme, typography, keyboard shortcuts, language, window size and position.
  • Passwords (optional): if you save them, they go to the operating-system keyring under the rustty service.
  • KeePass databases (optional): referenced .kdbx files are decrypted only in memory while unlocked.
  • Backup and sync configuration (optional): sync_config.json and sync_state.json store backend choice, local state and sync metadata. Sync passphrase, WebDAV password and Google Drive token are stored in the keyring.
  • Encrypted backups (optional): .rustty-sync.bin files contain encrypted profiles, preferences, themes and other selected data.
  • Local logs and WebKit cache: used by Tauri/WebView for diagnostics. They are not transmitted to third parties by Rustty.

Data directories:

  • Linux: ~/.local/share/com.rustty.app/
  • macOS: ~/Library/Application Support/com.rustty.app/
  • Windows: %APPDATA%\com.rustty.app\

Network connections initiated by Rustty

Rustty connects only to these destinations, always through your action or consent:

  • Your SSH / SFTP / RDP servers, when you press Connect.
  • Local host-key verification against your own known_hosts. No third party is involved.
  • Google Drive (optional): OAuth in the browser, local callback, upload/download of encrypted rustty-sync.bin in appDataFolder.
  • WebDAV (optional): GET, PUT and MKCOL against the URL you configure.
  • iCloud Drive or local/NAS folder (optional): Rustty writes the encrypted blob to a local folder; any further sync is performed by that external software.
  • Tauri updater (optional): on Windows, macOS and Linux AppImage, Rustty can query the GitHub update endpoint, download the new version and verify its signature.
  • Operating-system signature checks: macOS and Windows may contact their own services such as Gatekeeper, Notary or SmartScreen.

There is no analytics, telemetry, automatic crash reporting or Rustty-owned backend.

Data sent to third parties

When you connect to an SSH/SFTP/RDP server, the data involved in that session is processed by that remote server. Rustty acts as the client and does not analyze that traffic outside the session.

If sync is enabled, the selected provider stores only the encrypted blob. Rustty does not send providers your keyring passwords, unlocked KeePass database or decrypted profile content.

rustty.es website

This website is static. It uses no cookies, no tracking SDKs and no analytics pixels. It loads fonts from Google Fonts; if you block them, the site remains readable with system fonts.

The website queries GitHub's public API at most once per browser session to show the latest release and build download links.

The Apache server hosting rustty.es keeps standard access logs (IP, user-agent, requested resource and response code) for up to 30 days for operations and diagnostics. They are not combined with other sources and are not shared with third parties.

Your rights

Since Rustty does not store personal data on a server controlled by the project, access, portability, rectification and deletion are exercised on your own machine:

  • Access / portability: export profiles, preferences and encrypted backups from Preferences -> Backups.
  • Rectification: edit profiles in the app.
  • Deletion: delete the data directory and/or uninstall the app. Delete saved credentials from the keyring entries under the rustty service.

Children

Rustty is not directed to children. The app does not collect information from any user.

Changes to this policy

If this policy changes, this page and the GitHub release notes will be updated. The date above always reflects the latest revision.

License and auditability

Rustty is distributed under the Apache-2.0 license. The source code is public and auditable at github.com/Aleixenandros/Rustty.

How the binaries are signed and how to check that a download is authentic is covered in the code signing policy.

Found something that does not match the app behavior? Open an issue. This policy is reviewed when legitimate reports arrive.