Short version: Lightsail Mobile collects no data about you. Your AWS credentials stay in the iOS Keychain. All communication goes directly to AWS APIs over HTTPS. No analytics, no tracking, no third-party services.
Who we are
Lightsail Mobile is an iOS app developed by Karl Wallbom. Open an issue at github.com/wallbomk/lightsail-mobile/issues.
What data we collect
We collect nothing. Lightsail Mobile does not collect, transmit, store, or share any personal data with us or any third party.
What happens on your device
The app stores the following data locally on your device only:
| Data | Where stored | Purpose |
|---|---|---|
| AWS access key & secret key | iOS Keychain (kSecAttrAccessibleWhenUnlockedThisDeviceOnly, no iCloud sync) | Authenticates API calls to AWS Lightsail |
| SSH keys (temporary) | Encrypted temp files, deleted immediately after use | Obtained from Lightsail API for SSH sessions |
| Region preference | UserDefaults (on-device) | Remembers your selected AWS region |
| Fleet command templates | UserDefaults (on-device) | Saved command presets for quick execution |
| App preferences | UserDefaults (on-device) | Theme, terminal settings, biometric lock preference |
None of this data is backed up to iCloud, shared with us, or transmitted anywhere except to AWS APIs over HTTPS.
Network connections
Lightsail Mobile makes one type of outbound connection:
- HTTPS to AWS API endpoints — e.g.
lightsail.us-east-1.amazonaws.com. These carry all Lightsail API requests (list instances, start/stop, metrics, etc.).
No connections are made to any non-AWS servers. No proxy servers, no analytics endpoints, no third-party SDKs.
SSH sessions
When you open an SSH session, the app requests a temporary SSH key pair from the Lightsail API. The private key is written to an encrypted temporary file, used for the connection, and deleted immediately when the session ends. Keys are never persisted to disk.
Biometric authentication
If enabled, Face ID or Touch ID is used to unlock the app. Biometric data is handled entirely by iOS — the app never accesses or stores biometric information.
Clipboard handling
When you copy sensitive data (such as IP addresses or connection strings), the clipboard is automatically cleared after 60 seconds.
Analytics and crash reporting
There are none. Lightsail Mobile contains no analytics SDK, no crash reporter, and no telemetry of any kind.
Third-party SDKs
The only third-party dependency is the official AWS SDK for Swift (AWSLightsail module), which communicates directly with AWS APIs. No other third-party code is included.
Children's privacy
Lightsail Mobile is a server management tool not directed at children under 13. We do not knowingly collect any information from anyone.
Changes to this policy
If this policy changes, we will update the date at the top of this page. Because we collect no data, changes are unlikely.
Contact
Open an issue on GitHub.