This Privacy Policy explains what XShell collects, why we use it, and how we protect it. XShell is built around end-to-end encrypted sessions, but the service still needs account, device, billing, and operational metadata to function.
XShell is designed so the relay cannot read your terminal, file, or editor payloads.
We process account, device, billing, routing, and usage metadata needed to operate the service.
Contact privacy@xshell.online for access, deletion, or correction requests.
We limit collection to information needed to provide and secure XShell, bill paid plans, and support users.
When you create an account, we process identifiers such as your user ID, email address, authentication state, plan, subscription status, and billing records. Payments are handled by Stripe. XShell does not store full payment card numbers.
To make the service work, we process device names, device IDs, enrollment state, host version, IP addresses observed during connection, relay routing data, session timestamps, sharing records, usage counters, and similar operational metadata.
Terminal I/O, file transfer chunks, editor traffic, and other session payloads are designed to be end-to-end encrypted between your browser and your device. The relay forwards encrypted frames and is not intended to read session contents.
We may process logs, error reports, rate-limit events, token state, abuse signals, and audit records so we can operate, secure, debug, and improve XShell. We avoid logging raw secrets and session payload contents.
We use information for product operation, security, support, billing, abuse prevention, and legal compliance.
We do not sell personal information. We may share information with service providers that help us run XShell, including hosting, authentication, payment processing, email, monitoring, analytics, security, and support providers. These providers may process information only for the services they provide to XShell.
We keep account, billing, device, usage, audit, and security data for as long as needed to provide the service, meet legal and tax obligations, resolve disputes, enforce agreements, and protect the service. Deleted or revoked device records may remain in backups and logs for a limited period.
You can update account details through your account provider, revoke devices from the workspace, delete local agent configuration from your machine, and request access, correction, export, or deletion of personal information by contacting us. Some information may need to be retained where required by law or for security, billing, fraud prevention, or dispute records.
XShell may process information in countries other than your own. Where required, we use appropriate safeguards for cross-border transfers and service provider processing.
We may update this Privacy Policy as XShell changes. If a change is material, we will take reasonable steps to provide notice, such as updating this page or notifying account holders.