Privacy Policy

Privacy Commitment

Last Updated: March 24, 2026

Introduction

Deck (“the Software”) is committed to protecting your privacy. This Privacy Policy explains how Deck handles information when you use the Software. Deck is designed with a local-first architecture — your clipboard data stays on your device by default, and we do not operate servers that collect or store your personal data.

Information We Do Not Collect

Deck does not collect, transmit, or store personal information on external servers by default. Specifically:

  • We do not require account registration or sign-in;
  • We do not collect names, email addresses, or demographic information through the Software;
  • We do not track your usage patterns, browsing habits, or clipboard contents;
  • We do not use advertising SDKs, third-party analytics frameworks, or tracking pixels;
  • We do not sell, share, or monetize your data in any form.

Local Data Storage

All clipboard data processed by Deck is stored locally on your Mac. This includes:

  • Clipboard history entries stored in a local SQLite database;
  • Images, files, and rich content stored in local application data directories;
  • Search indexes generated and maintained locally;
  • User preferences and settings saved in macOS UserDefaults.

Data Encryption

Deck provides encryption capabilities to protect sensitive clipboard entries:

  • Protected entries are encrypted using AES‑GCM (Advanced Encryption Standard — Galois/Counter Mode);
  • Encryption keys are securely stored in the macOS Keychain;
  • You may encrypt specific clipboard entries on demand;
  • LAN sharing transmissions are protected with end-to-end encryption.

Biometric Security

Deck integrates with macOS biometric authentication:

  • Optional Touch ID or Face ID may be used to unlock the application or access protected content;
  • Biometric data is processed exclusively by the macOS Secure Enclave and LocalAuthentication framework;
  • Deck does not access, store, or transmit biometric data. Authentication is handled entirely by the operating system.

Sensitive Content Protection

Deck includes features designed to automatically avoid capturing sensitive content:

  • Password manager clipboard entries are recognized and excluded;
  • Windows with titles containing sensitive keywords may be skipped;
  • You may manually designate applications as ignored so their clipboard activity is never recorded;
  • Configurable Smart Rules allow automatic filtering based on app, content type, or keywords.

Network Access

Deck’s network access is minimal, feature-driven, and transparent:

  • LAN Sharing — Peer-to-peer connections within your local network. No external servers are involved.
  • Link Previews — When enabled, Deck may fetch webpage metadata (title, description, favicon) to generate previews. This feature is optional and can be disabled.
  • iCloud Sync (Optional) — When enabled by you, encrypted clipboard records sync through your private iCloud database (CloudKit). Apple’s iCloud terms apply to this data.
  • Diagnostics (Optional) — Off by default. When enabled, limited non-personal diagnostics data may be uploaded to help improve software stability. No clipboard content is included.
  • AI Features — See “AI Features and Third-Party Models” below.
  • No advertising SDKs or third-party tracking of any kind.

AI Features and Third-Party Models

When you enable or use AI-related features in the Software, you represent that you have read and agree to the privacy policies, terms of use, and terms of service of the AI model provider you configure (and of any proxy or relay service you use, if applicable).

If personal or other data is disclosed, misused, or lost in connection with your use of these features, the Software and its rights holders disclaim responsibility to the fullest extent permitted by applicable law. Principal reasons include:

  • The primary processing party is your chosen AI provider and/or relay: you direct the Software to send content to third parties you specify; we do not control how those parties or their infrastructure handle data, and incidents typically arise from those services.
  • Clipboard-related sensitivity: AI features may access text or other content from your clipboard, which may include passwords, tokens, or personal information. We encourage you to prefer vendors that offer zero data retention (or equivalent) and to send only what is necessary.
  • Relay, logging, and training risks: if you use public or third-party gateways that log prompts, use content to improve models, or reshare data, your information may be retained, analyzed, or passed on. Those outcomes are governed by the service you choose, not by the Software.

Because you choose which AI provider or relay to use, and by using these features you accept those parties’ policies and how they allocate risk, the Software is not responsible for third-party conduct in this process, except where mandatory law provides otherwise.

Third-Party Services

Deck may interact with the following categories of third-party services at your direction: AI model providers for AI-assisted clipboard processing; Apple iCloud (CloudKit) for optional cloud synchronization; and macOS system services for Shortcuts integration, accessibility, and notifications.

Your use of third-party services is subject to those services’ own terms and privacy policies. The Developer is not responsible for the privacy practices of third-party services.

Data Retention and Deletion

You have full control over your data:

  • Delete individual clipboard entries at any time;
  • Clear all clipboard history with a single action;
  • Export your data before deletion if you need a backup;
  • Uninstalling Deck may not automatically remove all local data. For complete removal, manually delete ~/Library/Application Support/Deck.

Children’s Privacy

Deck is not directed at children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect information from children. Since Deck does not collect personal information by default, no special mechanisms for parental consent are required.

International Users

Deck processes and stores data locally on your device. No data is transferred across borders by the Software unless you choose to enable features that communicate with third-party services (such as AI providers or iCloud), in which case the data handling practices of those services apply.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected by updating the last-updated date at the top of this page. Your continued use of the Software after changes become effective constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

Transparency

Deck’s source code is publicly viewable to allow independent verification of its privacy practices. Public visibility of the source code is provided for transparency and does not constitute a license to copy, redistribute, or create derivative works. All source code and documentation remain subject to the project’s copyright notice.

Contact Us

If you have questions or concerns about this Privacy Policy, you may reach us at hi@deckclip.app or through GitHub Issues at https://github.com/yuzeguitarist/Deck/issues.

Information contained on this website is subject to change without notice.

Copyright © 2024–2026 Yuze Pan. All Rights Reserved.