~/shelltab — privacy-policy

Privacy Policy

Effective date: April 3, 2026

ShellTab ("we", "us", "our") operates the shelltab.dev platform. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

1. Information We Collect

Account Information

  • Email address
  • Display name
  • GitHub profile information (username, avatar, OAuth tokens)

Usage Data

  • Terminal session metadata (creation time, duration, participants)
  • Terminal session content (commands, output) stored on your persistent drives
  • Feature usage and interaction patterns
  • IP addresses and approximate geolocation
  • Browser type, operating system, and device information

Billing Information

  • Payment details are collected and processed by Stripe. We do not store full credit card numbers on our servers.
  • Billing address and invoice history

2. How We Use Your Data

  • Authentication: To verify your identity and manage account access via GitHub OAuth.
  • Service delivery: To provision terminal sessions, persistent storage, and multiplayer collaboration features.
  • Billing: To process payments, track compute hours, and manage subscriptions.
  • Support: To respond to your inquiries and troubleshoot issues.
  • Product improvement: To understand usage patterns and improve the platform.
  • Security: To detect abuse, prevent unauthorized access, and maintain platform integrity.

3. Third-Party Services

We use the following third-party services to operate ShellTab:

  • Cloudflare: API hosting (Workers), web hosting (Pages), DNS, DDoS protection, and database (D1).
  • Fly.io: Terminal server infrastructure and NVMe persistent drive hosting.
  • Stripe: Payment processing and subscription management.
  • GitHub: OAuth authentication and identity provider.
  • SendGrid: Transactional email delivery (account notifications, invitations).

Each of these services has its own privacy policy governing their handling of your data. We encourage you to review them.

4. Data Storage

  • Account and metadata: Stored in Cloudflare D1 (SQLite), replicated across Cloudflare's global network.
  • Terminal session data and files: Stored on NVMe persistent drives attached to Fly.io machines in the region you select.
  • Backups: Periodic snapshots of persistent drives are maintained for disaster recovery.

5. Cookies and Local Storage

ShellTab uses minimal client-side storage:

  • JWT authentication tokens: Stored in localStorage to maintain your session.
  • Theme and UI preferences: Stored in localStorage for a consistent experience.
  • Organization context: Stored in localStorage to remember your last active workspace.

We do not use third-party tracking cookies or advertising pixels.

6. Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Deletion: Request deletion of your account and associated data. Terminal session data on persistent drives will be permanently erased.
  • Export: Download your files and data from your persistent drives at any time via the terminal or SFTP.
  • Correction: Update your account information through your profile settings or by contacting us.

To exercise any of these rights, contact us at [email protected].

7. Data Retention

  • Active accounts: Data is retained as long as your account is active.
  • Deleted accounts: Personal data is purged within 30 days of account deletion. Backups containing your data are rotated out within 90 days.
  • Billing records: Retained as required by applicable tax and financial regulations.
  • Server logs: IP addresses and access logs are retained for up to 90 days for security purposes.

8. Security

We implement industry-standard security measures including encrypted connections (TLS), isolated terminal environments, and access controls. However, no system is perfectly secure. If you discover a security vulnerability, please report it to [email protected].

9. Children's Privacy

ShellTab is not directed to children under the age of 13. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a notice on the platform. Continued use of ShellTab after changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related inquiries, contact us at:

[email protected]