Router Console — Privacy Policy

Last updated: 2026-05-13

Router Console is built around a single principle: your router data never leaves your device. Everything below explains exactly what that means in practice.

If you read only one paragraph, read this:

Router Console talks directly to your router over your local Wi-Fi network. Your router password is stored in the operating system's hardware-backed secure storage (macOS Keychain, Android EncryptedSharedPreferences via Android Keystore, iOS Keychain). It is never sent to us, never written to logs, never synced to any cloud, and never visible to anyone but you on your device. We do not run any backend server that could receive this data even if we wanted to.

1. What data the app handles

There is no user account. You don't sign up. There is no email collected, no analytics token, no profile.

2. Data we do NOT collect

• We do not collect your router password.
• We do not collect your Wi-Fi password.
• We do not collect your IP address.
• We do not collect your MAC address.
• We do not collect a list of devices on your network.
• We do not collect your location.
• We do not collect crash reports automatically.
• We do not use analytics (Google Analytics, Mixpanel, etc.).
• We do not use advertising IDs.
• We do not use third-party SDKs that collect data.

3. Data we MAY receive — only if you explicitly send it

Three places in the app open your email client with a pre-filled mailto. Nothing is sent until you press the Send button in your email app. What gets pre-filled:

3a. "Report problem with this adapter" (Settings)

• Adapter ID (e.g. huawei-hg6xx)
• Vendor + model (e.g. Huawei HG633)
• App version (e.g. 1.0.0)
• Operating system user-agent string
• A blank "what happened" section for you to fill in

Not included: your router IP, your router password, any Wi-Fi SSIDs or passwords, any MAC addresses, any device names.

3b. "Share a capture to speed this up" (ScaffoldRecognizedScreen)

• Adapter ID, vendor, model
• Your router host (e.g. 192.168.1.1) — used so we can map captures to the right router family
• App version + OS
• A short (first ~500 chars) snippet of the un-authenticated router index page HTML — used to identify the router model

Not included: anything from inside the router admin (no login, no Wi-Fi info, no device list). The snippet is the same HTML anyone on your local network sees when they visit the router IP in a browser.

3c. "Request support for your router" (UnsupportedRouterScreen)

Same fields as 3b. Used when the app couldn't identify your router automatically.

In all three cases, your email client decides whether to send. You can edit the message, redact anything, or cancel.

4. Local storage

The app uses your device's localStorage for non-sensitive UI state:

• Last router IP (numeric address only)
• Last username (for auto-fill on next login screen)
• Theme + language preference
• Sidebar collapsed state
• App audit log of your local actions (which sections you visited, configuration changes you made on your router)
• Adapter pick per router host
• Network-gateway scan cache (which IPs responded on your network)

You can wipe all of this from Settings → Data management → Reset.

5. Secure storage (router password)

The router admin password you enter on the login screen is written to the operating system's secure store:

• macOS (Tauri build): macOS Keychain via Tauri's keychain plugin
• iOS (Capacitor build): iOS Keychain via Aparajita SecureStorage
• Android (Capacitor build): EncryptedSharedPreferences backed by the Android Keystore via Aparajita SecureStorage

These stores are hardware-backed where the device supports it (Secure Enclave on Apple Silicon Macs + iOS devices; StrongBox / Trusted Execution Environment on Android). The OS prevents other apps from reading them.

6. Network connections

The app makes HTTP/HTTPS connections to two destinations:

• Your router (e.g. 192.168.1.1, 192.168.8.1, etc.) — over your local Wi-Fi network. No internet path.
• Common-gateway probes during onboarding — TCP reachability probes to a list of candidate router IPs on your local network (192.168.0.1, 192.168.1.1, 192.168.8.1, …). No data is sent or received beyond a TCP handshake.

The app makes NO connections to any server we operate. There is no backend.

7. Self-signed certificates

Routers use self-signed TLS certificates. Browsers reject them by default. The app accepts them for your router IP only, scoped to a single host. This is necessary to communicate with the router and is the same trust decision you'd make in a browser by clicking "Advanced → Proceed".

A future release (Phase 5+) will pin the router certificate's hash on first use and warn you if it changes — a defense against attacker-on-LAN MITM. Until then, you trust your own LAN.

8. Children's privacy

Router Console is not directed at children under 13. We don't collect data from anyone, so there's nothing collected from children either.

9. Changes to this policy

We will update this document if anything material changes. The "Last updated" date at the top reflects the most recent revision. If substantial changes are made, the app will surface a one-time in-product notice on launch.

10. Contact

Questions? Use Settings → Report problem with this adapter, or email the address that opens. We don't have a separate support team or ticket system.