Privacy Policy

Last updated: June 16, 2026

Lungo lets you remote-control AI coding agents running on your own computer from your phone. This policy explains what we collect, what we don't, and why. The short version: your code, prompts, and agent output are end-to-end encrypted between your phone and your Mac, and our servers cannot read them.

What we collect

• Account info — the email address you use to sign in, so we can authenticate you and pair your devices.
• Device & pairing data — identifiers for the phone and Mac you pair, and the timestamps of pairings/sessions, so the service can route your connection to the right machine.
• Usage & diagnostics — limited, aggregate metrics (e.g. number of sessions, error reports) to operate and improve the service.
• Billing — if you subscribe, payment is processed by our payment provider; we store only the records needed for billing, not your full card details.

What we do not collect

• Your session content. Prompts, code, files, terminal output, and agent responses are encrypted on your phone and decrypted only on your paired Mac (and vice versa). Our relay connects the two ends but cannot decrypt what passes through it.
• Notification content. Push notifications are encrypted before they leave your Mac; Apple's push service and our servers see only a generic title, not the body.

How your data is protected

• End-to-end encryption. Each session derives a per-session key on your phone and your Mac (X25519 key exchange); content is encrypted with AES-GCM.
• Secrets at rest. Authentication tokens and one-time codes are stored hashed, not in plaintext.
• Least access. Capability gates (terminal, screen share) are enforced on your own machine and only when you enable them.

Third parties

• Apple — for push notifications (Apple Push Notification service), which never receive your content.
• Our infrastructure providers — the relay and API run on hosted servers that route encrypted traffic and store account/device records.
• Email delivery — to send sign-in codes and account email.

We do not sell your personal data.

Data retention & deletion

We keep account and pairing data while your account is active. You can unpair a device at any time, and you can request deletion of your account and associated data by contacting us. Session content lives only on your own devices.

Children

Lungo is not directed to children under 13 (or the equivalent minimum age in your country) and we do not knowingly collect their data.

Changes

We may update this policy as the product evolves. Material changes will be reflected here with a new "last updated" date.

Contact

Questions about privacy? Email privacy@lungo.app.