Privacy

What Xtend does and doesn't collect.

Sign in with Apple to pair your devices; everything else stays between your iPhone and your Mac.

Data we collect

To sign you in and pair your iPhone with your Mac, our authentication server stores a small record per account:

• Apple user identifier (sub) — a stable opaque ID Apple gives us when you sign in. Not your Apple ID email, not your name.
• Email address — your real email if you allowed it during Sign in with Apple, or Apple's hide-my-email proxy otherwise. Used only to identify your account; we don't send marketing.
• Display name — only the name you choose to share at first sign-in. Apple discloses the name once; we keep it so the app can greet you.
• Apple refresh token — issued by Apple. Used to revoke your session if you delete your account, and never sent anywhere except Apple.
• Mac registration info — a Mac identifier (a UUID) and the Mac's display name (e.g. "Mendy's MacBook Air"), so the iPhone knows which Mac to pair with. One Mac per account.
• IP address (transient) — your IP is visible to the signaling and TURN servers during a connection. We do not store full IPs; server logs record only a masked prefix (the first 4 IPv6 groups), retained for a short rolling window for operational diagnostics.

We do not collect: contacts, photos, location, advertising identifiers (IDFA), keystrokes, terminal output, simulator frames, or browsing history. The signaling server never sees the contents of your WebRTC session — that traffic is end-to-end encrypted.

Anonymous analytics and crash reporting

To fix bugs and understand which features people use, Xtend sends anonymous diagnostic and usage events to two third-party services. Both are tied to an install-scoped UUID we generate on first launch and store in the app's local preferences — never to your Apple ID, email, name, or any identifier that follows you across apps. Reinstalling the app resets the UUID.

• Firebase Crashlytics (Google) — receives unhandled exceptions, native crashes, app hangs, app version, OS version, and device model. Each report includes a short rolling log of the most recent app events leading up to the crash (e.g. "WebRTC connected via host", "paywall shown"). No personal data, no message contents, no terminal output.
• Mixpanel — receives anonymous product events such as "app opened", "tab changed", "build started", "paywall shown", "subscription succeeded", "Claude Remote sign-in tapped", plus periodic WebRTC quality samples (bitrate, framerate, round-trip time, packets lost, ICE path type). Used to understand feature adoption and diagnose connection quality. Events never include credentials, terminal contents, file paths, or simulator frame data.

You can disable analytics at any time: Settings → Send Anonymous Analytics. When disabled, no Mixpanel events are sent and Mixpanel's SDK is opted out. Crashlytics continues to receive crash reports — those are necessary for us to identify and fix bugs and contain no personal data.

Neither service is used to track you across other companies' apps or websites. We do not pass any data we hold to advertising networks. See Firebase Privacy & Security and Mixpanel's Privacy Policy for their own handling commitments.

How Xtend connects your iPhone and your Mac

Xtend establishes a direct peer-to-peer WebRTC connection between your devices. There are two reachability scenarios:

• Same Wi-Fi (LAN): the iPhone discovers the Mac via Bonjour/mDNS on your local network. Once discovered, the iPhone and Mac exchange ICE candidates through our signaling server and then establish a direct host-to-host UDP path. Media never leaves your local network.
• Different network (e.g. cellular): ICE selects a NAT-traversal path. When direct UDP is not possible, the WebRTC stack falls back to a TURN relay. We use Cloudflare TURN with ephemeral credentials. The TURN relay forwards encrypted bytes only — it cannot decrypt your media, touches, or terminal data.

In both cases, the media (video, touches, terminal, build commands) is protected by DTLS-SRTP. The encryption keys are negotiated directly between your iPhone and your Mac — nothing in the middle (signaling server, TURN relay) holds them.

Permissions Xtend asks for

• Local Network (iOS): required to discover your Mac via Bonjour and confirm both devices are on the same Wi-Fi. If you deny this permission Xtend cannot verify same-LAN status, so the Premium gate will engage even at home — Premium subscribers can still connect via the relayed path, but free LAN use will not work until you grant permission.
• Sign in with Apple (iOS & macOS): required to identify your account so the iPhone and Mac can pair.
• Screen Recording (macOS): required so the Mac companion can capture the iOS Simulator window for streaming. Granted via System Settings → Privacy & Security; revocable at any time.
• Accessibility (macOS): required to forward touch and keyboard events from your iPhone into the Simulator.

Subscriptions and payments

Xtend Premium is a subscription managed entirely by Apple via the App Store. We never see your credit card, billing address, or payment details — Apple handles all of that. Subscription status is checked on-device by Apple's StoreKit framework; the App Store transaction receipt is not sent to our servers. The app simply asks the operating system whether you have an active subscription, and unlocks premium features accordingly. Subscription billing, renewals, refunds, and cancellation are governed by Apple's Media Services Terms. To cancel auto-renewal, open Settings → your Apple ID → Subscriptions on your iPhone.

Third-party services

We use the following external services, each scoped to a specific function:

• Apple Sign in with Apple — authenticates your account. Governed by Apple's Privacy Policy.
• Apple StoreKit / App Store — handles subscription billing.
• Fly.io — hosts our signaling server (matches your iPhone with your Mac and shuttles WebRTC handshake messages between them). Logs include masked IPs and operational metadata only; never WebRTC payload.
• Cloudflare — provides the TURN relay used as a fallback for WebRTC when direct P2P is not possible. Relay packets are encrypted with DTLS-SRTP — Cloudflare cannot decrypt them.
• Firebase Crashlytics (Google) — anonymous crash reports, hangs, and diagnostics tied to an install UUID. See the "Anonymous analytics and crash reporting" section above.
• Mixpanel — anonymous product analytics tied to an install UUID. Opt-out via Settings → Send Anonymous Analytics.

No advertising networks. No social-login providers other than Apple. No IDFA.

Data retention & deletion

Account records (Apple user ID, name, email, Mac registration) are retained for as long as your Xtend account exists. WebRTC media and terminal traffic is never stored — it flows live between your devices and is gone when the connection closes.

You can delete your Xtend account at any time from inside the iOS app: Settings → Account → Delete Account. Deletion permanently removes your account record from our authentication server, evicts any paired Mac, and revokes your Sign in with Apple grant with Apple. Active subscriptions are managed separately by Apple — to also stop subscription billing, cancel auto-renewal in Settings → your Apple ID → Subscriptions.

Your privacy rights (GDPR, CCPA & others)

If you're in the EU, UK, or California, you have rights under the GDPR and CCPA to access, correct, port, restrict, or delete the personal data we hold about you, and to object to certain processing.

How to exercise your rights: the fastest path for deletion is the in-app Delete Account button. For access, correction, portability, or other requests, email Maouizerat@gmail.com with the subject "Data Rights Request" and a description of what you want. We will respond within 30 days. Because we only store the minimal account record described above, most requests result in a copy of that record or a confirmation of deletion.

Legal basis (GDPR Art. 6): performance of the contract with you (account creation and the paired-device service you signed up for), and our legitimate interest in preventing fraud and abuse of the service.

"Do Not Track": Xtend does not use tracking technologies regardless of DNT signal. This website uses no analytics or tracking either.

International transfers: our signaling server runs on Fly.io in the Frankfurt region (EU). Cloudflare TURN routes via Cloudflare's global edge. Apple services (Sign in with Apple, StoreKit) are operated by Apple under their own terms and may transit to Apple-controlled regions, including under EU Standard Contractual Clauses where applicable.

Security

All client-to-server traffic uses TLS 1.2+ (HTTPS for auth and management endpoints, WSS for signaling). All WebRTC media uses DTLS-SRTP — the encryption keys are negotiated end-to-end between your iPhone and your Mac, not held by any intermediary. Session tokens are stored on-device in the iOS Keychain with kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly (survives reboot, never syncs, never leaves the device). The Apple refresh token is held server-side, used only to revoke your session on account deletion, and never exposed to the client.

Cookies & tracking technologies

Xtend's iOS and macOS apps do not use cookies, web beacons, fingerprinting, or any tracking technology. This website uses no analytics or tracking either.

Children's privacy

Xtend is a developer tool intended for users 17 and older, matching its App Store age rating. We do not knowingly collect data from children.

Changes to this policy

If this policy changes, the new version will be posted on this page with a revised effective date. Material changes will be flagged in the iOS app's release notes.

Contact

Privacy questions: Maouizerat@gmail.com.

Effective date: 2026-05-19.

← Back to Xtend