Moe Talaat
8:00AM - 6:00PM
Monday to Saturday
hello@moetalaat.com
Email me directly
+1 (707) 706-0501
Let's talk
HomeServicesPricingBlogAboutSupport

← Back to Dockit

Privacy Policy

Last updated: July 5, 2026

1. Introduction

Dockit ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we handle your information when you use the Dockit mobile application ("the App"). Dockit is designed with a privacy-first architecture: your Docker data stays between your phone and your host.

2. Our Architecture: How Your Data Flows

Dockit is an SSH client that communicates directly with your Docker host. Understanding this architecture is the clearest way to understand our privacy model:

  • Phone ↔ your host (direct): All container data, logs, stats, and Docker commands travel directly between your phone and your host over SSH. Dockit never proxies, relays, or intercepts this traffic.
  • Phone ↔ RevenueCat (subscriptions): When you subscribe to Dockit Pro, RevenueCat manages your subscription. It receives purchase receipts and device metadata for validation purposes only.

Dockit does not include any analytics or tracking SDK. We do not collect usage data, product events, or crash reports.

3. Information We Collect

Subscription data

When you subscribe to Dockit Pro, RevenueCat receives purchase receipts from the App Store, along with your device model, OS version, app version, and country/region for purchase validation. RevenueCat does not receive any of your host data or SSH credentials.

What we do NOT collect

We want to be explicit about data we never collect, store, or have access to:

  • Your SSH credentials (stored only in your device's native Keychain)
  • Your host address, hostname, or IP (stored only on your device)
  • Your container names, images, configurations, or logs
  • Container stats from your host (CPU, memory, network)
  • Your images, volumes, or networks
  • Location data, contacts, photos, or other device data

4. Tracking & Cross-App Data

Dockit does nottrack you across other companies' apps or websites. We do not participate in ad networks, retargeting, or cross-app tracking of any kind. We do not use Apple's IDFA or any equivalent advertising identifier. Accordingly, the App does not present an App Tracking Transparency (ATT) prompt because no cross-app or cross-site tracking occurs.

5. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data on the following legal bases:

  • Contractual necessity (Art. 6(1)(b) GDPR): subscription management via RevenueCat is necessary to fulfill your purchase and provide access to paid features.

6. SSH Credential Storage & Security

Your SSH credentials are the most sensitive data the App handles. Here is exactly how we protect them:

  • Stored exclusively in your device's native encrypted Keychain via Expo Secure Store (iOS Keychain), using the AFTER_FIRST_UNLOCK_THIS_DEVICE_ONLY accessibility class. Credentials become readable after the first unlock following a reboot and are never migrated to a new device.
  • Used only at the time of each SSH connection to authenticate
  • Never written to plain-text storage, logs, crash reports, or any unencrypted location
  • Never transmitted to Dockit servers, RevenueCat, or any third-party service
  • Never synced across devices via iCloud Keychain. You must re-enter credentials on each device.
  • Immediately deleted from secure storage when you remove the host

Dockit supports both password and SSH key (private key + optional passphrase) authentication. Where a private key is too large for a single Keychain entry, it is split into chunks that are each stored in the Keychain; it is never written anywhere outside secure storage.

7. Host Data

Your host information (name, address, port, username) is stored entirely on your phone. Addresses and display names are kept in local device storage (AsyncStorage). SSH credentials are stored in encrypted device storage (iOS Keychain). None of this data is sent to Dockit servers or any third party.

8. Third-Party Services

The App integrates with the following third-party services:

  • RevenueCat: subscription and in-app purchase management. Receives purchase receipts and device metadata for purchase validation. RevenueCat processes data in the United States.
  • Apple App Store: app distribution and payment processing.

9. Data Sharing

We do not sell, trade, or rent your personal information to third parties. Your data is shared only with the third-party services listed above, solely to provide the App's functionality. We may disclose your information if required by law or to protect our legal rights.

10. Data Retention & Deletion

All host data displayed in the App is fetched on demand and cached locally on your phone only. We do not retain any of your host data on our servers.

When you remove a host or clear app data, the following is immediately removed from your phone:

  • All SSH credentials from device secure storage (Keychain)
  • The PIN hash and biometric authentication flags
  • All host configuration from device storage
  • All cached container data and logs

11. App Lock & Biometrics

The App offers optional PIN and biometric (Face ID / Touch ID) authentication for additional security. Your PIN is stored as a salted hash in device secure storage, never in plain text. Biometric data is handled entirely by your device's operating system and never touches the App.

12. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Delete all your data at any time by removing hosts from the App

Additional rights for EEA/UK residents (GDPR): you also have the right to data portability, the right to restrict or object to processing, and the right to lodge a complaint with your local data protection authority.

Additional rights for California residents (CCPA/CPRA): you have the right to know what personal information we collect, the right to delete your data, and the right to opt out of the sale or sharing of personal information. We do not sell or share your personal information as defined under the CCPA.

13. Children's Privacy

The App is not intended for use by children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children.

14. International Data Transfers

RevenueCat processes subscription data in the United States. Your host data travels directly between your phone and your host and is not subject to transfer through our infrastructure. For data transferred outside the EEA, appropriate safeguards (such as Standard Contractual Clauses) are in place in accordance with applicable data protection laws.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy within the App or on this page.

16. Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise any of your rights, contact us at support@moetalaat.com.

17. Summary

In short: Dockit is an SSH client for your Docker hosts. Your SSH credentials never leave your device's Keychain. Your host address stays on your device. Your containers, logs, and stats never touch our servers. We use RevenueCat for subscriptions, and no analytics or tracking SDK at all. We do not track you across apps or websites. When you remove your data, everything is gone.

Got an app idea?

Let’s ship it.

I take on a couple of client projects at a time alongside my own apps. Tappable prototype in about a week, App Store in weeks not months.

Get in touchSee what I do
MOE TALAAT

Solo builder. iOS, Android, and the small backends that hold them up. Each app gets its own page, real legal copy, and a support inbox that goes to me.

Site

  • Home
  • Services
  • Pricing
  • About
  • Blog
  • Contact
  • Support

Contact

  • hello@moetalaat.com
  • support@moetalaat.com

© 2026 Mohamed Talaat. All rights reserved.

Built solo. Hosted on Vercel.