We strongly believe you have the right to privacy when using our apps.
So, here's some detail about what our apps do, and why.
Some of our apps may collect information about the way you use them by default. This data is always anonymized before it is sent to us, and cannot be used to personally identify you. You can always opt out of usage analytics if you wish.
We look only for broad patterns in the aggregated usage data, such as whether or not a particular feature is frequently used, or whether users in general prefer one setting over another. This helps us make informed decisions about the future development of our apps.
To be clear, we cannot track an individual user's behavior. We also cannot receive information from your device's displays, cameras, or microphones.
If one of our apps crashes while you are using it, data about the crash will be collected and sent to us to help identify the cause of the crash so that we can try to fix it in a future update. These "crash logs" contain information about the state of the app, operating system, and device at the time of the crash. Nothing in the crash log can be used to personally identify you, and crash logs do not contain any of your private data.
By default, our Mac apps periodically check to see if a newer version of the app is available, so that you can be given the choice to update if you wish.
For apps acquired from the App Store or Mac App Store, update checking behavior is controlled by the operating system.
For apps acquired via direct download from Panic's web site, an update check request will be occasionally sent to a Panic-owned server. This request contains the name and current version of the app you are using, and a small amount of metadata about your device (such as which operating system version it is running, and your preferred language) which may be necessary to guide you to the correct update version. You may turn off update checking from the app's preferences window.
Similarly, some of our apps also check with a Panic-owned server, on launch, to see if there is a news screen (we call it a "soapbox") to show you. We might use this news screen to, say, alert you to a major update. No private data is sent to perform this check.
In some of our apps, you will be given a one-time opportunity to sign up for our email newsletter the first time you open the app. If you decline, no data will be sent. If you accept, the email address you provide will be added to our email list.
Our email list is low volume (usually no more than a few messages a year), and is generally limited to announcements of important new versions of our apps, or significant new product releases.
We do not sell or otherwise provide any of our email list to third-parties, with the exception of the company that provides the mailing list services.
For apps acquired from the App Store or Mac App Store, no activation request is sent to Panic-owned servers.
For apps acquired via direct download from Panic's web site, an activation request is performed when you enter a serial number to unlock the app, and may be repeated from time to time by already activated products.
The activation request consists of a single message sent to a Panic-owned server, containing encrypted information about the serial number you entered into the app. The server verifies whether the serial number is valid, and replies with a digitally signed confirmation if so. Otherwise, an error message is sent back for the app to display to you.
When you interact with our servers using a web browser, or indirectly by network requests sent on your behalf by our apps, some metadata about the request may be logged by us. This metadata may include your IP address, the name of the resource requested, and the name and version number of the software making the request.
We generally don't look at these logs unless a server appears to be being maliciously used or attacked in some way. We may look at the information in aggregate to see statistics such as how many times our apps have been downloaded, or from what sources network traffic is arriving.
- Collection and aggregation of usage analytics and crash logs is provided by Hockey, Crashlytics and Fabric.
- Update checking in direct download apps is provided by the Sparkle framework.
- Email list services in direct download apps are provided by Campaign Monitor.
- Web analytics services are provided by Google Analytics and GoSquared.
- Activation services are developed internally by Panic.
Data Not Collected
Panic apps do not send out any private information. This includes:
- Your keyboard or screen input
- Network traffic
- SSH / Encryption keys
- Contents of files you are working with
- Your IP address
Apps like Transmit, whose core purpose is to send and receive your documents over a network, will, of course, send and receive your documents as requested, but not to Panic or any other third party. Documents in transit will be encrypted only if you use a protocol which supports encryption, such as SFTP, HTTPS, etc. It is your responsibility to be aware of the security implications of the file transfer protocols you choose to use.
Some of our apps provide an optional feature called Panic Sync, which replicates app configuration data across multiple devices you own. If you choose to use Panic Sync, we will collect and store the data necessary to provide the syncing feature. This data will be encrypted before transmission and stored in a way that is unreadable, even by Panic employees.
Refer to the Panic Sync page for specific details on its implementation.
To see your options for opting out of data collection, refer to the Privacy section in the app's Settings screen.
Questions and Feedback
Please contact us if you have any questions about our data collection or privacy policies. We'll be more than happy to discuss them with you.