Legal

Privacy Policy

Last updated: July 2, 2026

Short version: we collect what we need to run your account, we don't sell it, and we don't train AI models on your data. Long version below.

What we collect

How we use it

What we don't do

Your rights

You can export your data from /account (coming soon — for now, just email us). You can delete your account anytime; we wipe everything within 30 days. If you're in the EU, UK, or California, you have the usual access/delete/portability rights — email us and we'll help.

Cookies

We use one cookie: sg_session, which is how we know you're logged in. It's httpOnly, sameSite=Lax, and goes away when you log out. We don't use third-party analytics cookies. We don't use tracking pixels.

Security

Passwords are bcrypt-hashed. Sessions are signed. SSH keys are stored encrypted at rest. We run on hardened Ubuntu LTS with automatic security updates. We don't claim to be unhackable — if you find a vulnerability, please email hello@sshgrid.com with "SECURITY" in the subject.

Contact

Privacy questions: hello@sshgrid.com.