Privacy Policy

Tusk is built with privacy as a core principle. Your files never leave your machine. We collect minimal data, we are transparent about what we collect and why, and we do not sell or share your personal information with third parties.

This policy covers both the Tusk macOS App and the Tusk website.

License verification

When you activate a license, the App sends a hashed machine identifier to our servers to verify your license key. This hash is a one-way fingerprint — it cannot be used to identify you or your device beyond license management. This data is stored securely in Supabase.

Product usage (App)

During beta, the App sends pseudonymous usage summaries to help us understand how Tusk is used and improve the product. This includes a hashed device identifier (the same one used for license verification), your app version, and aggregate feature usage — for example, how many projects you have created, whether backups have been run, and file-count ranges. No file names, project names, folder paths, or file content are ever transmitted. You can opt out at any time in Tusk → Preferences → Privacy. Raw usage events are retained for 90 days.

Beta feedback (App)

If you submit feedback during beta, we store your message and any screenshots you attach, linked to your beta code. This is optional and only sent when you choose to submit feedback.

Error reporting (App)

The App uses Sentry for crash and error reporting. If the App encounters an error, anonymised diagnostic information — including macOS version, device type, and a stack trace — may be sent to Sentry. No file content, file names, or personal data are included in error reports. You can opt out of error reporting at any time in Tusk → Preferences → Privacy.

Website analytics

The Tusk website uses Plausible Analytics, a cookieless, privacy-first analytics tool. Plausible does not use cookies, does not collect personal data, and is fully GDPR compliant. We collect anonymised data about page visits, referral sources, and interaction events to understand how people find and use our website. No personal identifiers are stored.

Payment processing

Payments are handled by Stripe. Your payment information is processed directly by Stripe and is never stored on Tusk's servers. Stripe's own privacy policy applies to data collected during payment.

Google Drive integration

If you choose to connect Google Drive as a backup destination, Tusk requests access only to files it creates (drive.file scope). Tusk does not access, read, or transmit any other files in your Google Drive. Your Google account credentials are never stored by Tusk — authentication is handled entirely by Google's OAuth system. You can revoke this access at any time via your Google account settings at myaccount.google.com/permissions.

We do not collect your files, file names, or folder structure. We do not collect your project names or any content from your machine. We do not use cookies or tracking identifiers on our website. Product usage summaries contain only aggregate counts and feature flags — never identifying content from your projects. We do not collect any personal information beyond what is described in section 2.

The Tusk website does not use cookies for tracking or analytics. Strictly necessary cookies may be used for basic website functionality only. No cookie consent banner is required.

Tusk uses the following third-party services:

• Stripe — Payment processing (stripe.com/privacy)

• Plausible Analytics — Website analytics (plausible.io/privacy)

• Sentry — App error reporting (sentry.io/privacy)

• Supabase — License verification and usage analytics backend (supabase.com/privacy)

• Google OAuth — Drive integration (policies.google.com/privacy)

License activation records are retained for as long as your license is active. Anonymised error reports and raw usage events are retained for 90 days. Usage snapshots may be retained longer in aggregated form. You may request deletion of your data at any time by contacting us.

Depending on your location, you may have rights under GDPR, CCPA, or other applicable privacy laws to access, correct, or delete data we hold about you. To exercise any of these rights, contact us at privacy@tuskbackup.comand we will respond within 30 days.

Tusk is not directed at children under 13. We do not knowingly collect data from children under 13.

We may update this policy from time to time. We will note the date of the most recent update at the top of this page. For significant changes, we will notify users via the website or the App.

For any privacy-related questions or data requests, contact us at niklas@tuskbackup.com.