Privacy Policy

Last updated: April 3, 2026

Push collects zero user data. Your OAuth token lives in iOS Keychain. Your repositories, commits, and source code never touch our servers. We cannot access, log, or track your development activity — not because we promise not to, but because we architected it to be impossible.

What We Don't Collect

• Your code. All GitHub API calls go directly from your device to api.github.com. No Push server sits in between.
• Your token. Your GitHub OAuth token is stored in the iOS Keychain with hardware-backed encryption. It is never transmitted to SI Labs Mobile.
• Analytics or telemetry. No Mixpanel, Amplitude, Firebase, or any analytics SDK. We don't track screens viewed, buttons tapped, or features used.
• Crash reports. No crash reporting SDK. No device information collected.
• Device identifiers. No IDFA, no fingerprinting, no IP logging.
• Ads. No advertising SDK. Ever.

How Push Talks to GitHub

Your iPhone → HTTPS → api.github.com

That's it. Push is a native client for the GitHub REST API. Every request goes directly from your device to GitHub with your token in the Authorization header. SI Labs Mobile never sees these requests.

OAuth Sign-In

When you sign in, Push uses GitHub's standard OAuth 2.0 flow. A lightweight exchange service converts the authorization code to an access token. This service runs statelessly — it does not log, store, or retain the code or token, and has no database. After the exchange, the token goes into iOS Keychain and never leaves your device again.

Purchases

Push Pro and tip jar purchases are processed entirely by Apple. We receive a purchase confirmation (product ID and transaction ID) from StoreKit. We do not receive your name, email, payment method, or billing address. Purchase state is stored locally on your device.

Community Templates

The optional community template library serves template metadata through a lightweight API. This service does not require authentication, does not track which templates are browsed or applied, and does not log device identifiers or IP addresses.

This Website

The trypush.io landing page does not use cookies, analytics, or tracking scripts. We do not collect visitor data, IP addresses, or browsing behavior on this website. There is no cookie banner because there are no cookies.

Security

• In transit: All communication uses HTTPS.
• At rest: OAuth token in iOS Keychain with Secure Enclave backing. App data in the encrypted sandbox container.
• What we cannot do: SI Labs Mobile has no master keys, no server-side user database, and no ability to decrypt your local data. We cannot comply with data requests because the data doesn't exist on our end.

Your Rights

Because we collect no personal data, GDPR rights (access, deletion, portability) and CCPA rights (disclosure, opt-out of sale) are satisfied by default — there is nothing to access, delete, port, or opt out of.

For EU/UK users: nothing in this policy affects your statutory rights under local consumer protection laws.

Account Deletion

Uninstall Push. All local data is removed. If you've published community templates, request removal at legal@trypush.io (processed within 30 days). Apple maintains purchase history independently.

Apple App Store Privacy Label

"Data Not Collected." Accurate and complete.

Children

Push is not directed at children under 13. We do not knowingly collect information from children.

Changes

We may update this policy. Changes are reflected in the "Last Updated" date. Continued use after changes constitutes acceptance.

Contact

legal@trypush.io

SI Labs Mobile, Inc.