Privacy Policy

1. What NxtCode is

NxtCode is published by Nxtranet Inc. ("we", "us"). It consists of two pieces: a macOS menu-bar app that runs alongside your Claude Code session, and an iOS app that mirrors that session to your iPhone over the internet. NxtCode is not a hosted AI service — it does not generate any text on our servers. Claude itself runs on your own Mac via Anthropic's Claude Code CLI, under your own Anthropic / Claude account.

2. Data we collect

2.1 We do not collect

• The text you type to Claude.
• Claude's responses, including any code, file paths, or output.
• Names, contents, or paths of files on your Mac.
• Browsing history, analytics events, advertising identifiers, or third-party tracking data.

2.2 We do handle (briefly, in transit, not stored)

• Encrypted relay frames — opaque bytes forwarded between your iPhone and your Mac. The relay holds them only long enough to route, never on disk, and cannot decrypt them.
• APNs device tokens — when you enable push notifications, your iPhone gives Apple a token, which your Mac stores locally so it can wake your phone when Claude needs your input. The token never leaves your Mac.
• Apple subscription receipts — when you start the NxtCode Pro subscription, Apple's StoreKit gives the app a signed receipt so we can verify entitlement. The receipt is anonymous; we receive no personal information from Apple.

2.3 Permissions the iOS app requests

• Camera — only used to scan the pairing QR code shown by your Mac. The camera stream is never recorded or transmitted.
• Notifications — used to alert you when Claude is waiting for your input on your Mac.

3. How data moves

When you pair your iPhone with your Mac:

• Both devices derive a shared encryption key via X25519 Diffie-Hellman. Neither side reveals its private key.
• Every message (your keystrokes, Claude's output, voice transcripts) is encrypted with ChaCha20-Poly1305 before leaving the originating device.
• The forwarding relay (currently hosted on Cloudflare's edge via a cloudflared tunnel) passes the encrypted frames through. It can see envelope metadata (size, timing) but not the contents.

4. Third parties

• Apple — App Store distribution, push notification delivery (APNs), in-app subscription billing. Governed by Apple's privacy policy.
• Cloudflare — operates the trycloudflare tunnel that forwards encrypted frames between your iPhone and your Mac. Cloudflare sees encrypted bytes, not plaintext.
• Anthropic — Claude runs on your Mac via the Claude Code CLI, which sends prompts directly from your Mac to Anthropic under your Anthropic account. NxtCode does not relay anything to Anthropic; we don't have access to your Anthropic API key.

5. Data retention

We do not retain conversation contents at all. Encrypted relay frames are forwarded in real time and discarded; they are never written to disk on our infrastructure. Subscription state (active vs. expired) is checked against Apple's StoreKit and is not stored on our servers.

6. Children

NxtCode is a developer tool. It is not directed to children under 13 (or 16 in regions where that is the applicable age). We do not knowingly collect information from children.

7. Your choices

• Forget pairing — at any time, tap the gear icon → Session → Forget pairing on your iPhone. This wipes the local pairing token and disconnects your phone from your Mac.
• Revoke camera / mic / notifications — iOS Settings → Privacy & Security → toggle off for NxtCode.
• Cancel your subscription — iOS Settings → Apple ID → Subscriptions → NxtCode → Cancel.
• Uninstall — removing the iOS app deletes the pairing token. Removing the Mac app stops the local relay; your existing Claude Code session continues independently.

8. Security

All NxtCode messages between your iPhone and your Mac are end-to-end encrypted using ChaCha20-Poly1305 with keys derived per-session via X25519. The Mac app is code-signed and notarized by Apple. The iOS app is signed and distributed only through the App Store. We do not maintain access to your encryption keys; loss of both devices means loss of access to a paired session (just re-pair from a new device).

9. International use

NxtCode is available wherever Apple's App Store distributes it. The forwarding relay routes data through Cloudflare's global network using whichever edge node is geographically closest to your phone and your Mac. Encrypted frames may transit servers in jurisdictions outside your home country; their content remains encrypted in transit.

10. Changes to this policy

If we materially change this policy, we'll bump the "Last updated" date at the top and, for changes that affect your data, surface a notice in the app before the change takes effect.

11. Contact