Privacy

Last updated: 6 May 2026.

This policy explains what data Tiller collects, how it's stored, and what you can do about it. Plain English first; legal terms second.

What Tiller collects

Account information

When you sign up, we store your email and a bcrypt hash of your password. We never see or store the plaintext password.

Server credentials

When you add a server, we store: hostname, port, username, and your authentication secret (private key or password). The secret is encrypted at rest with AES-256-GCM using a key kept on the Tiller server, outside the database. Decryption only happens in-memory when you actively use the server.

Session cookies

Login sessions are stored as HttpOnly Secure cookies, sameSite=strict, scoped to your Tiller domain. They never leave your browser to anything except Tiller.

Server-side logs

Caddy keeps standard HTTP access logs for 7 days, rotating at 50 MB. These contain IP, path, status code, user-agent. We do not retain log content beyond the rotation window.

What Tiller does NOT do

• No third-party analytics — no Google, no Plausible, no anything
• No tracking pixels, no fingerprinting
• No telemetry — Tiller does not phone home about your usage
• No reading or piping the contents of your terminal sessions to anyone
• No reading the contents of your AI conversations (Claude / Aider / etc. talk to their respective vendors directly; Tiller is just the keyboard and screen)

Data retention

Account and server records persist until you delete them. Once deleted, they're removed from the database immediately. Encrypted backups (rotation: 30 days) include the deleted record but are pruned at the rotation window.

Your rights

If you're in the EU/EEA, GDPR applies; in the UK, UK-GDPR; in California, CCPA. You can:

• Access a copy of all data we hold on you
• Correct anything inaccurate
• Delete your account and all associated data
• Export your server list and configuration

Email hello@tiller.run to exercise any of these rights. We respond within 30 days.

Sub-processors

Tiller's hosting infrastructure is provided by Contabo (Germany) and Cloudflare (USA). Both have published data processing addenda. We use no other sub-processors today.

Changes to this policy

If we change this policy, we'll update the "Last updated" date at the top. Material changes will also trigger an in-app notification.

Contact

Email: hello@tiller.run