Privacy Policy

Last updated: January 6, 2026

Our commitment to privacy

ShieldAuth is built with privacy as a core principle. We believe your authentication data belongs to you and only you. This policy explains how ShieldAuth handles your data.

Data collection

ShieldAuth does not collect any data. We do not:

  • Collect personal information
  • Track your usage or behavior
  • Use analytics or telemetry
  • Send any data to external servers
  • Access your authentication secrets outside the app

Local storage

All your data is stored locally on your device:

  • Authentication secrets: Encrypted and stored in the macOS Keychain
  • App preferences: Stored locally in the app's container
  • Account metadata: Names and icons stored locally on your device

Your data never leaves your device unless you explicitly export it.

Network access

ShieldAuth does not require an internet connection to function. The app makes no network requests. All TOTP code generation happens locally using standard cryptographic algorithms.

Third-party services

ShieldAuth does not integrate with any third-party services, advertising networks, or analytics platforms. There are no SDKs, trackers, or external dependencies that could compromise your privacy.

Open source

ShieldAuth is open source software. You can audit the source code on GitHub to verify our privacy claims. We believe transparency is essential for security software.

Data deletion

To delete all ShieldAuth data from your device:

  1. Open ShieldAuth and remove all accounts
  2. Delete the ShieldAuth app from your Applications folder
  3. Keychain entries will be removed with the app

Contact

If you have questions about this privacy policy or ShieldAuth's data practices, please open an issue on our GitHub repository.