App Privacy Policy
macOS, iOS & Android Companion Clients. Last updated: May 29, 2026
This policy explains the specific privacy controls and data security practices applied to our native companion applications when utilizing Google OAuth and Apple Sign-In services.
Core Privacy Commitment
Our native companion apps are built to serve strictly as secure visual consoles for your uWAN tunnels. They communicate directly with your self-hosted or cloud BoreasTUN controller.
✓We only store the minimum necessary encrypted access credentials required to manage your active tunnels. We never gather device profiles or sell your data.
- Encrypted OAuth Tokens: Authenticate securely via system-sandboxed cookies.
- Zero Device Profile Gathering: No telemetry of hardware status.
- Sandboxed Storage: Settings reside exclusively inside secure Keychain or Android Keystore containers.
OAuth Identity & Sign-In
To enable seamless authentication across devices, uWAN companion apps integrate with official Google OAuth and Apple Sign-In APIs. The login flow runs in system-secured web views, completely isolating your passwords from the app.
Granted Scopes
openid, email, profile
Usage & Purpose
Authenticates your identity and maps your account. We only access your basic email address and account ID.
Granted Scopes
email, name
Usage & Purpose
Verifies your Apple ID token to generate a secure user session. Works with Apple's private email relay if requested.
No Device Telemetry Collected
We strictly enforce that uWAN companion apps **never access or transmit** any information related to your device hardware, system settings, or personal background metrics.
In compliance with Google Play Developer Policies and Apple App Store Safety Guidelines, we explicitly confirm that we do not access or collect:
- ✕Device serial numbers or hardware UDIDs
- ✕Android IMEI or Apple IDFA (Advertising Identifier)
- ✕Geographic GPS location metrics
- ✕Local address books or contacts
- ✕Files, photo libraries, or media storage
- ✕Biometric raw data (FaceID/TouchID remain sandboxed on-device)
- ✕Telemetry of other running apps on your device
Sandboxed Client Security
Any settings, connection endpoints, or session keys stored locally in the companion app reside exclusively in **encrypted, sandboxed storage containers** managed by the operating system:
- iOSApple iOS / macOS Keychain
Access tokens are written directly to your personal system Keychain, encrypted with hardware-locked AES keys that remain protected from other installed apps.
- AndAndroid Keystore System & EncryptedSharedPreferences
Credentials are encrypted using keys backed by Hardware-backed keystores (TEE/StrongBox) whenever supported, keeping token blocks safe from rooting extraction.
Compliance & Inquiries
This App Privacy Policy complies with Apple App Store Guidelines Section 5.1 (Legal - Privacy) and Google Play User Data policies.
If you have any questions about uWAN companion client security, or wish to request immediate purge of your OAuth mapping records, please contact us:
- Security Inquiry: privacy@uwan.app
- Website Portal: uwan.app