Legal

Privacy Policy

This app-specific policy explains how RemoteVibeCoding handles data across the website, iPhone app, and Mac Host.

Last updated: April 19, 2026

This page is specific to RemoteVibeCoding. For broader company-wide privacy practices, you can also review coroutine's corporate privacy policy

1. Scope

This policy applies to the RemoteVibeCoding website, the iPhone app, and the Mac Host app. It supplements coroutine's broader corporate privacy policy and focuses on how this specific product handles data.

2. Data we handle

  • Website visits: our hosting providers may process basic request metadata such as IP address, browser, referrer, and access time to deliver and secure the site.
  • Locally stored app data: saved Macs, pairing information, certificate pins, shortcuts, onboarding state, and app preferences are stored primarily on your device.
  • iCloud cross-device sync: when you are signed in to an Apple ID, some settings, saved Mac information (which may include display names, connection details, and information used to verify secure connections), shortcuts, and usage-related preferences may be synced between your devices through Apple iCloud so that the product stays consistent across devices signed in to the same Apple ID. Pairing credentials and in-session screen or input data are not synced through iCloud.
  • On-LAN discovery (Mac Host): so that your iPhone can find your Mac on the same Wi-Fi or LAN, the Mac Host app may broadcast on the local network limited information needed to connect securely, such as a display label, username, and identifiers used for connection verification. This happens only on your local network; we do not collect this information on our servers.
  • Subscription data: to deliver paid features and keep your subscription state consistent across devices, Apple and our subscription management service (RevenueCat) may provide transaction status, entitlement status, and subscription metadata. To correctly reflect subscription state across devices signed in to the same Apple ID, we may share an anonymous identifier we generate with that subscription management service.
  • Support data: when you contact us, we may receive your name, email address, and the contents of your message as needed to respond.

The remote-control features of RemoteVibeCoding do not require you to create a product account.

3. Permissions and local-network sessions

  • Camera: used to scan the Mac Host pairing QR code.
  • Local Network: used to discover and pair with your Mac on the same network.
  • Microphone and Speech Recognition: used only when you choose voice input features.

During a remote session, screen images, input events, and session state are exchanged directly between your iPhone and your Mac Host over the same local network, or over the same Tailscale tailnet for saved reconnect. We do not operate a cloud relay for those sessions.

4. How we use data

  • Provide pairing, reconnection, subscription, and remote-control features
  • Maintain security, including certificate pinning and approval flows
  • Respond to support requests and product issues
  • Meet legal obligations and prevent abuse

5. Third-party services and retention

We use third-party service providers only where needed to operate the product.

  • Apple: App Store distribution, payments, subscription processing, and iCloud cross-device sync
  • RevenueCat: subscription entitlement and purchase status management
  • Cloudflare: website and binary delivery infrastructure
  • Google: web font delivery used on the website (Google Fonts)

We do not sell personal information and we do not use advertising trackers in RemoteVibeCoding. Locally stored app data remains on your devices until you remove saved Macs, clear app data, or uninstall the app. Billing and subscription records are retained by Apple and RevenueCat under their own policies.

6. Security, updates, and contact

RemoteVibeCoding is designed around local-network communication. We use HTTPS, certificate pinning, one-time pairing codes, and explicit approval flows for sensitive actions. No method is perfectly secure, but we take reasonable technical and organizational measures to protect data.

We may update this policy when the product, legal requirements, or operating practices change. The latest version will be published on this page.

Controller: coroutine Co., Ltd. (株式会社coroutine)
Address: 5F Daini Ternen Building, 2-3-1 Tanimachi, Chuo-ku, Osaka 540-0012, Japan
Representative: Ryo Higasigawa
Email: [email protected]