>

$ We use browser storage for essential functions only. Privacy Policy

$

privacy_policy

Last updated: February 2026

#

Introduction

Ghost-Env ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our terminal environment management service.

By using Ghost-Env, you agree to the collection and use of information in accordance with this policy.

#

Data Collection

We collect the following types of information:

Account Information

Email address, username, and password hash for authentication purposes.

Profile Data

Shell scripts, environment variables, aliases, and functions you create and store.

Device Information

Device hostname and fingerprint for authorized terminal sessions.

Usage Data

Session logs, activation timestamps, and feature usage for service improvement.

#

How We Use Your Data

Your information is used to:

  • > Provide and maintain the Ghost-Env service
  • > Authenticate your identity and authorize devices
  • > Sync your profiles across authorized terminals
  • > Detect and prevent security threats
  • > Improve our service through aggregated analytics
  • > Communicate important service updates
#

Data Storage & Security

We implement industry-standard security measures to protect your data:

  • > Passwords are hashed using Argon2id with secure parameters
  • > Scripts are signed with Ed25519 cryptographic signatures
  • > All connections use TLS encryption
  • > Access tokens expire after 15 minutes
  • > Two-factor authentication (TOTP) is supported

Zero-trace mode ensures no data persists on the client device after session end. Read-only mode prevents any disk writes during activation.

#

Third-Party Services

We use the following third-party service:

We do not use analytics or marketing tracking services. We do not sell your personal information to third parties.

#

Your Rights

You have the right to:

  • > Access and export your personal data
  • > Correct inaccurate information
  • > Delete your account and associated data
  • > Withdraw consent for optional data processing
  • > Clear browser storage data at any time

To exercise these rights, contact us or use the account settings in your dashboard.

#

Browser Storage

Ghost-Env uses browser localStorage (not traditional cookies) for essential functionality. We do not use analytics or marketing tracking. The following items are stored:

ghostenv_auth Essential localStorage

Stores authentication tokens (access and refresh tokens) required for login sessions. Default session duration is 7 days. If "Remember me" is selected during login, the session extends to 1 year. Automatically cleared on logout.

ghostenv_refresh Essential httpOnly cookie

Set when "Remember me" is selected during login. Contains an encrypted refresh token that allows your session to persist even if browser storage is cleared. HttpOnly — not accessible to JavaScript. Expires after 1 year. Cleared on logout.

ghostenv_trusted_browser Essential cookie

Set when you choose "Trust this browser" during two-factor authentication. Allows skipping the 2FA prompt on subsequent logins for 1 year. Can be revoked from the Settings page.

ghostenv-fetch-tool Preference

Remembers your preferred CLI tool (curl, wget, etc.) for displaying activation commands. Improves user experience by preserving your choice.

ghostenv-cookie-consent Essential

Records that you have acknowledged this storage notice. Prevents the banner from appearing repeatedly.

_grecaptcha Third-party

Set by Google reCAPTCHA for bot protection during authentication. Subject to Google's Privacy Policy.

All localStorage data can be cleared via your browser settings or by clicking the button below.

#

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

$ echo $CONTACT_EMAIL

privacy@ghost-env.com

#

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

Continued use of Ghost-Env after changes constitutes acceptance of the updated policy.

Home Terms of Service Documentation Contact