xInfra Privacy Policy

Last Updated: December 20, 2025

Introduction

Welcome to xInfra ("we", "our", or "us"). We are committed to protecting your privacy and securing your sensitive data. This privacy policy explains how we handle your personal data when you use our application.

xInfra is designed with a privacy-first architecture. Unlike many cloud-based management applications, xInfra operates as a direct client to your network infrastructure. Your credentials and confidential information never leave your device except when transmitted directly to your own network devices.

Data We Collect

Information You Provide to Us

xInfra adheres to strict data minimization principles. We collect only the absolute minimum information necessary to provide our service:

  • Device Credentials: When you add a network device to xInfra, you provide connection details including hostname, port, username, password, and SSH keys. These credentials are stored exclusively on your device using iOS Keychain encryption.

  • Device Configuration Data: Information about your network device configurationsnand other infrastructure details. This data is stored locally on your device and optionally in your personal iCloud account (if you enable iCloud synchronization).

Information Collected Automatically

  • App Usage Analytics: We may collect basic, anonymized, and aggregated analytics about feature usage patterns within the app. This data is completely anonymized and cannot be linked back to you, your devices, or your infrastructure. This helps us understand which features are most valuable and guide future development priorities.

  • Performance and Diagnostic Data: Anonymous crash reports and performance metrics to help us identify technical issues, bugs, and performance bottlenecks. These reports do not contain your credentials, IP addresses, or any confidential information about your infrastructure.

How We Use Your Data

We use the information we collect strictly for the following legitimate purposes:

  • Providing Core Services: Your device credentials and configuration data are used exclusively on your device to establish direct, encrypted connections to your network devices, retrieve information, and execute management commands as you request.

  • Authentication: Your device credentials are used solely for authenticating your device to your own network infrastructure.

  • Improving Our App: We analyze anonymized usage patterns and performance data to enhance the app's functionality, prioritize feature development, fix bugs, and optimize performance. This analysis is performed on aggregated, anonymized data that cannot be traced back to individual users or their infrastructure.

  • Technical Support: When you contact us for support, we may use information you voluntarily provide to diagnose issues and provide assistance. We will never ask for your passwords or private keys.

Data Storage and Security

Local Storage on Your Device

  • Device Credentials: Your network device credentials are stored with encryption on your device using iOS Keychain Services. You can optionally enable biometric authentication (Face ID or Touch ID) for additional protection.

  • Configuration and Infrastructure Data: All settings, device configurations and other infrastructure information are stored exclusively on your device. This data is encrypted and protected by iOS security mechanisms.

  • Optional iCloud Synchronization: If you enable iCloud synchronization, your device configurations and credentials are synchronized to your personal iCloud account using Apple's end-to-end encrypted iCloud Keychain.

Direct Server Communication

  • Direct Connection: xInfra establishes direct connections from your device to your network infrastructure. We do not operate proxy servers or route your traffic through intermediary servers.

  • End-to-End Encryption: All communication between xInfra and your network devices is encrypted using industry-standard secure protocols (when properly configured). This ensures that your data is protected in transit from eavesdropping or tampering.

Data Sharing and Third-Party Access

We do not sell, rent, trade, or otherwise transfer your personal information to any outside parties.

The limited data we may share is restricted to the following specific circumstances:

  • Apple Services: We use Apple's infrastructure services including the App Store (for distribution), and optionally iCloud (for synchronization). These services are governed by Apple's privacy policies.

  • Payment Processing: In-app purchases and subscriptions are processed through Apple's App Store and RevenueCat for subscription management. These services receive only payment-related information necessary to process transactions.

  • Legal Requirements: We may disclose information if required by law, court order, subpoena, or governmental regulation.

  • Safety and Legal Rights: We may disclose information when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request.

Your Privacy Rights

We respect your privacy rights and provide you with control over your data. Depending on your location, you may have the following rights regarding your personal data:

  • Right to Access: You have the right to request copies of the personal data we hold about you. Given our privacy-first architecture, the data we hold is extremely limited and mostly anonymized.

  • Right to Deletion: You have the right to request deletion of your personal data. You can delete your locally stored data at any time by removing devices from the app or uninstalling the app.

  • Right to Withdraw Consent: Where we rely on your consent to process data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the details provided in the "Contact Us" section below. We will respond to your request within the timeframes required by applicable law.

Children's Privacy

xInfra is a professional infrastructure management application not intended for use by children. We do not knowingly collect personal information from children.

Changes to This Privacy Policy

We may update this privacy policy periodically to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this policy.

We encourage you to review this privacy policy periodically to stay informed about how we protect your data. Your continued use of xInfra after changes are posted constitutes your acceptance of the updated policy.

Data Retention

We retain data only for as long as necessary to fulfill the purposes for which it was collected, and we apply different retention periods based on the type of data:

  • Device Credentials and Configuration Data: Stored on your device until you explicitly remove a device from the app or uninstall the app. If you enable iCloud synchronization, this data is retained in your personal iCloud account according to Apple's policies until you disable synchronization or delete the data.

  • Anonymized Analytics Data: Aggregated and anonymized analytics may be retained indefinitely for statistical analysis and product improvement purposes. This data cannot be linked back to you or your infrastructure.

Third-Party Services

xInfra integrates with the following third-party services, each with limited and specific purposes:

  • RevenueCat: Used for managing subscription status and in-app purchase validation.

  • Apple iCloud (Optional): If you enable iCloud synchronization, your device configurations and credentials are synchronized to your personal iCloud account using Apple's end-to-end encrypted iCloud Keychain.

International Data Transfers

xInfra's privacy-first architecture minimizes international data transfers:

  • Credentials and Confidential Data: Your network device credentials and confidential infrastructure data are never transferred outside your device except when transmitted directly to your own network devices (which you control and may be located anywhere in the world).

  • iCloud Synchronization: If you enable iCloud synchronization, your data is transferred to and stored in Apple's iCloud infrastructure according to Apple's data residency policies for your region.

  • Anonymized Analytics: Anonymized, aggregated analytics data may be processed in various locations, including the United States. This data cannot be linked back to you or your infrastructure.

GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) provides you with specific rights:

  • Legal Basis for Processing: We process your personal data based on: (1) your consent, (2) contractual necessity (to provide the app's core functionality), and (3) legitimate interests (for anonymized analytics and app improvement).

  • Data Controller: For the limited personal data we collect, xInfra acts as the data controller.

  • Data Protection Officer: For privacy inquiries from European users, please contact us at the email address provided below.

  • Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.

Security Measures

We implement comprehensive security measures to protect your data:

  • Device-Level Security: Your credentials are protected by iOS Keychain encryption, which uses hardware-backed encryption on supported devices.

  • Biometric Authentication: Optional Face ID or Touch ID protection for accessing your stored credentials.

  • Encrypted Transmission: All communications between xInfra and your network devices use encryption (if properly configured).

  • Minimal Data Collection: By collecting only the minimum necessary data, we minimize the potential impact of any security incident.

  • Regular Security Reviews: We regularly review and update our security practices to address emerging threats and vulnerabilities.

Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

Email: xinfra@routecore.io

Response Time: We aim to respond to all privacy inquiries within 30 days.

When contacting us, please provide sufficient detail about your inquiry or request so we can assist you effectively. xInfra Support or Routecore LLC will never ask you for your device credentials or keys.

Consent and Acceptance

By downloading, installing, or using xInfra, you acknowledge that you have read, understood, and agree to be bound by this privacy policy. If you do not agree with this privacy policy, please do not use xInfra.

Your continued use of xInfra following the posting of changes to this privacy policy will be deemed your acceptance of those changes.