GhostDesk

Privacy Policy

Effective 2026-05-29 · Last updated 2026-05-29

GhostDesk is a bring-your-own-storage desktop app. We operate authentication and encrypted credential sync. We do not host, scan, or sell your file contents.

This policy describes GhostDesk Phase 1 (desktop + share-link guest page). It is provided for transparency and pre-launch review — not legal advice.

1. Who we are

GhostDesk ("we", "us") provides a desktop application and related services that let you connect your own S3-compatible storage bucket and manage files through our user interface.

Contact: hello@ghostdeskapp.com

2. Plain-language summary

We never see your files. Your objects stay in your bucket. We only store what is needed to sign you in and reconnect your storage on each device.

  • Files and folders live in your S3-compatible bucket — not on GhostDesk servers.
  • S3 credentials are encrypted with your encryption password before they leave your device.
  • Share links use time-limited presigned URLs from your storage; guests download directly from your provider.

3. Information we collect

We collect the minimum data required to operate the service:

  • Account data: email address and authentication identifiers from Supabase Auth (including OAuth provider metadata when you use Google or Sign in with Apple).
  • Encrypted storage configuration: provider type, bucket name, endpoint URL, and S3 access credentials — stored encrypted in our database. We cannot decrypt without your encryption password.
  • Share-link metadata: opaque tokens, object keys, expiry, optional folder manifest references — so the public guest page can resolve downloads. No file bytes are stored by GhostDesk.
  • Local device preferences: theme, sidebar state, starred/recents references, and similar UI settings stored on your device.
  • Support communications if you email us voluntarily.

4. Information we do not collect

GhostDesk is not a file host. We do not intentionally collect or store:

  • Contents of files in your bucket.
  • Your encryption password or decrypted S3 secret keys on our servers.
  • Storage usage quotas from your provider (BYOS — you pay your provider directly).
  • Browsing history inside your bucket beyond what is needed for in-app features you use (e.g. recents stored locally).

5. How we use information

We use collected information only to:

  • Authenticate you and maintain your session.
  • Sync encrypted storage configuration across your signed-in devices.
  • Create and revoke share links you request.
  • Operate, secure, and improve the application.
  • Respond to support requests and legal obligations.

6. Encryption and security

S3 credentials are encrypted client-side using PBKDF2-HMAC-SHA256 (100,000 iterations) and AES-256-GCM before transmission to Supabase. Your encryption password is not stored on our servers.

We use industry-standard transport security (TLS) for network communication. The sidecar process holds decrypted credentials only in memory during an unlocked session and wipes them on Ghost Close or auto-lock.

7. Third-party services

GhostDesk relies on subprocessors you should be aware of:

  • Supabase — authentication and Postgres database (encrypted credential records, share-link rows).
  • Your S3-compatible provider (e.g. Cloudflare R2, AWS S3) — where your files and presigned downloads are served from.
  • Vercel — hosts the public share-link guest page (`/s/:token`) when deployed.
  • Microsoft / Apple — app distribution via their stores when published.

8. Data retention

Account and encrypted configuration data remain until you delete your account or disconnect storage.

Share-link rows remain until expiry or revocation.

Trash in your bucket follows your configured retention (GhostDesk moves deleted objects under `_trash/` for 7 days before permanent deletion in the bucket).

We may retain minimal logs without file names or object keys for security and abuse prevention.

9. Your choices and rights

Depending on your jurisdiction, you may have rights to access, correct, export, or delete personal data we hold about you.

  • Disconnect storage or delete your account from Settings.
  • Revoke share links at any time.
  • Contact hello@ghostdeskapp.com for data requests.

10. Children

GhostDesk is not directed at children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect data from children.

11. Changes to this policy

We may update this policy before or after store launch. We will post the revised version at this URL with an updated "Last updated" date. Material changes may be communicated in-app or by email where required.

12. Contact

Questions about privacy: hello@ghostdeskapp.com