We strongly support your right to privacy when using our apps.
To the extent that our apps and websites can provide their functionality without doing so, we prefer to avoid collecting data from you.
In the cases where we do collect data, we try to be clear about why we're collecting it, tell you how long we keep it, delete it when we no longer need it, and give you the ability to opt out of collection whenever possible.
We use modern security measures to protect collected data, and limit access to only those employees who require access to perform their jobs. We may be legally required to disclose collected data to law enforcement or government agencies in some situations.
If you purchase a product directly from our website, we collect your:
- full name
- company name (optionally)
- email address
The purpose of collecting this information is to identify you in the future as a license owner of one of our applications. We may need to verify you are a license owner if, for example:
- you contact us for support
- you request a receipt or invoice
- you request a refund
- you request that we re-send your serial number
- you wish to receive discounted upgrade pricing on an app you've previously purchased
Because addresses, both real-world and electronic, tend to change over time, having more than one piece of identifying information helps ensure we can find a record of your purchase should you need help down the road.
We do not sell or otherwise disclose this information to third-parties, except as required to complete your transaction. For example, we send it to our credit card processor once at the time of purchase in order to authorize the transaction.
We do not collect or store your credit card number, expiration date, or CVV code. When you purchase from our website, your credit card details are routed directly from your browser to our credit card processor, and are not stored on any Panic-owned server even temporarily.
You may update your personal information with us at any time by emailing firstname.lastname@example.org.
We retain the personal information related to your purchase indefinitely to facilitate support interactions, unless you ask us to remove it. To request removal of your personal information related to a purchase, contact email@example.com. If you do this, be sure to keep a copy of your purchased serial numbers, as we will no longer be able to look them up once we have removed your identifying information from our system.
When handling support requests from you, we collect:
- your email address (or Twitter handle, if you contact us via Twitter)
- any information you provide voluntarily (such as crash logs or other diagnostic info)
This information is collected solely to help resolve your support inquiry. We retain support emails indefinitely in order to:
- have context from previous interactions which may help us answer your future questions more quickly
- identify broad trends in support requests, which may help us identify and solve problems with our products
If you would like to remove support emails you have sent, contact firstname.lastname@example.org.
Application Usage Analytics
Some of our apps may, by default, collect information about the way you use them. This data is anonymized before it is sent to us, and cannot be used to personally identify you.
You may opt out of usage analytics if you wish.
We look only for broad patterns in the aggregated usage data, such as whether or not a particular feature is frequently used, or whether users in general prefer one setting over another. This helps us make informed decisions about the future development of our apps.
To be clear, we do not track individual user behavior in our apps. We do not receive information from your device's displays, cameras, or microphones.
We retain usage analytics data for 30 days.
By default, if one of our apps crashes while you're using it, anonymized data about the crash will be collected to help us identify the cause of the crash and hopefully fix it in a future update. These "crash logs" contain information such as the state of the app, operating system, and device at the time of the crash, but not your private data.
You may opt out of crash log reporting if you wish.
In our direct download Mac apps, you may have the option to provide your name, email address, and additional comments when submitting a crash report, but this information is not required. If you do not voluntarily provide your name or email address, nothing else in the crash log can be used to personally identify you. Whenever possible, the app will allow you to review the entire contents of the crash log before you decide whether or not to send it.
Your crash log may be sent to a third-party vendor for collection and aggregation. Please refer to our list of third-party vendors.
We retain crash logs for 30 days.
Apple may also collect crash logs if the privacy settings of your device allow it.
By default, our Mac apps periodically check to see if a newer version of the app is available, so that you can be given the choice to update if you wish.
For iOS apps or apps acquired from the Mac App Store, update checking behavior is managed by the operating system, and the relevant information is processed by Apple.
For apps acquired via direct download from Panic's website, an update check request will be occasionally sent to a Panic-owned server. This request contains the name and current version of the app you are using, and a small amount of metadata about your device (such as which operating system version it is running, and your preferred language) which may be necessary to guide you to the correct update version.
You may turn off update checking from the app's preferences window.
Similarly, some of our apps also check with a Panic-owned server when opened to see if there is news about the app to show you. We call this the "soapbox". We might use the soapbox infrequently to, for example, alert you to a significant app update or advise you on how to work around a serious bug. Soapbox requests send only similar metadata to an update check, and no private data is sent.
We retain metadata from update checking and soapbox requests for one week.
You may be given a one-time opportunity to sign up for our email newsletter the first time you open one of our apps. If you decline, no data will be sent. If you accept, the email address you provide will be added to our email list.
Our email list is low volume (only a few messages per year is typical) and is generally limited to announcements of important new versions of our apps or significant new product releases.
We do not sell or otherwise disclose any portion of our email list to third-parties, with the exception of the vendor that provides our mailing list services as necessary to distribute the emails.
If you join our email list, we retain your email address until you ask to be removed. Instructions on how to unsubscribe are contained in all messages sent to the email list. For your convenience, you can also unsubscribe directly, below.
Activation is the process by which our applications verify that you are a legitimately licensed owner of the Panic product you're using.
For iOS apps or apps acquired from the Mac App Store, no activation request is sent to Panic-owned servers. Verification of your purchase may occur by processes and servers managed by Apple in this case.
For apps acquired via direct download from Panic's website, an activation request is performed when you enter a serial number to unlock the app, and may be repeated from time to time by already activated products.
The activation process consists of a single request sent to a Panic-owned server, containing encrypted information about the serial number you entered into the app. The server verifies whether the serial number is valid, and replies with a digitally signed confirmation if so. Otherwise, an error message is sent back for the app to display to you.
We retain a log of activation requests for one week.
Upon connecting to an S3 server in Transmit 5, we use macOS Location Services in choosing the nearest S3 endpoint. This location data stays on your Mac, and is not used for any purpose other than to assist S3 connections.
See the Security & Privacy pane of System Preferences to prevent Transmit from accessing Location Services.
When you interact with our servers using a web browser, or indirectly by network requests sent on your behalf by our apps, some metadata about the request is logged. This metadata may include:
- your IP address (may reveal your approximate geographic location)
- the name of the resource requested
- the name and version number of the software making the request (may reveal information about your web browser, operating system, and their configuration)
- whether or not the request was successful
- current date and time
We generally don't look at these logs unless a server is malfunctioning or appears to be getting used in a malicious way. We may look at the information in aggregate to see broad statistics such as how many times our apps have been downloaded, or from which source an unusually high amount of network traffic is arriving.
We retain web server logs for two weeks.
Third-Party Vendor Services Used
- Credit card processing for purchases from our website is provided by Stripe.
- PayPal is used for purchases from our website where PayPal is selected as the payment method.
- Collection and aggregation of usage analytics and crash logs is provided by Hockey, App Center, Crashlytics and Fabric.
- Update checking in direct download apps is provided by the Sparkle framework.
- Email list services are provided by Campaign Monitor.
- Web analytics services are provided by Google Analytics, New Relic, and GoSquared.
- Payment processing, update checking, and license management of iOS apps and apps purchased from the Mac App Store is managed by Apple.
- Offsite backup services are provided by rsync.net.
- Email and Twitter support requests are managed with Front.
- Communication tools we use internally include Notion and Slack. Customer information may pass through these services as customer support processes occur.
- We use JazzHR during our hiring process.
- Activation services for direct download apps are managed internally by Panic.
- Purchases from the Untitled Goose Game Shop are processed by Shopify.
Data Not Collected
Except as described above, and as required to perform the application's core functionality at the user's request, Panic apps do not send out any private information. This includes:
- Information from device sensors
- Your keyboard input
- Screen contents
- Network traffic
- SSH / Encryption keys
- Contents of files you are working with
Apps like Transmit, whose core purpose is to send and receive your documents over a network, will, of course, send and receive your documents at your request, but not to Panic or any other third party. Documents in transit will be encrypted only if you use a protocol which supports encryption, such as SFTP, HTTPS, etc., in conjunction with a correctly configured server. It is your responsibility to be aware of the security implications of the file transfer protocols you choose to use. Plain FTP is not encrypted.
Some of our apps provide an optional feature called Panic Sync, which replicates app configuration data across multiple devices you control. If you choose to use Panic Sync, we will collect and store the data necessary to provide the syncing feature. This data will be encrypted before transmission and stored in a way that is unreadable, even by Panic employees.
Refer to the Panic Sync page for specific details on its implementation.
To manage syncing devices, view activity history, or delete your Panic Sync account, visit the account management page.
The only way to retrieve the encrypted data stored in your Panic Sync account is to log in from one of the Panic Sync client apps and allow it to sync.
Opting OutTo opt out of certain types of data collection in one of our apps:
- On iOS: refer to the Privacy section in the app's Settings screen.
- On macOS: open the app's General preferences panel and uncheck "Send Crash Reports and Statistics".
This will prevent these specific types of data from coming to us, but be aware that the operating system may still collect crash logs and other analytics and send them to Apple unless you have disabled that separately in the operating system's settings.
As you might expect, we keep backups of company data so that a catastrophic data loss event doesn't put us out of business. Although collected personal data expires from our "active" data set according to the schedules mentioned above, it may persist in backups for up to 6 months. Backups are only accessible to specially privileged employees who perform system administration tasks. We consider the backups "cold storage" and we don't pull data from them unless a significant data loss event has occurred.
Rights of EU Citizens Under GDPR
Citizens of the EU may exercise their rights under the General Data Protection Regulation, such as the rights of access and erasure, by contacting us with their request. We recommend emailing the request to email@example.com.
Questions and Feedback
Our privacy policies might change or be edited for clarity over time. Up-to-date information will always be available from this page.
Please contact us if you have any questions about our data collection or privacy policies. We'll be more than happy to discuss them with you.