← Back

Privacy Policy

CtrlFreak • Effective March 2026

CtrlFreak is a homelab management app that provides a mobile interface for monitoring and controlling self-hosted infrastructure including Proxmox virtual machines, Docker containers, and network services. This policy explains how the app handles your data.

Data We Collect

We do not collect, store, or transmit any personal information to our servers. The developer has no access to your data.

All data stored by the app remains on your device, including:

• Server hostnames and IP addresses you configure
• API tokens and credentials for your self-hosted services

Credential Storage

All server credentials (API tokens, hostnames) are stored exclusively on your device using the operating system's secure enclave (iOS Keychain / Android Keystore) via expo-secure-store. Credentials are encrypted at rest and never transmitted to any server operated by the developer.

Biometric Authentication

If you enable Biometric Lock in Settings, the app uses your device's biometric authentication (Face ID, Touch ID, or fingerprint) to require identity verification on launch. Biometric data is processed entirely by your device's operating system (iOS Secure Enclave or Android BiometricPrompt API). The app never receives, stores, or transmits your biometric data. This feature is entirely optional and can be disabled in Settings at any time.

Third-Party Services

CtrlFreak communicates only with servers you configure. The app connects directly to your self-hosted infrastructure using the credentials you provide. No data is routed through the developer's servers. The services the app can connect to include:

• Proxmox VE - your self-hosted Proxmox server
• Proxmox Backup Server - your self-hosted PBS instance
• Portainer - your self-hosted Portainer instance
• Dockge - your self-hosted Dockge instance
• Uptime Kuma - your self-hosted Uptime Kuma instance
• Beszel - your self-hosted Beszel instance
• Dell iDRAC - your server's out-of-band management interface
• HP iLO - your server's out-of-band management interface
• Pi-hole - your self-hosted Pi-hole instance
• AdGuard Home - your self-hosted AdGuard Home instance
• Tailscale - the Tailscale API at api.tailscale.com, using an API key you provide, to retrieve your device list
• OPNsense - your self-hosted OPNsense firewall
• Unraid - your self-hosted Unraid NAS instance
• TrueNAS - your self-hosted TrueNAS instance
• Synology DSM - your self-hosted Synology NAS
• Nginx Proxy Manager - your self-hosted Nginx Proxy Manager instance
• SSH - direct shell access to servers you configure
• Wake on LAN relay - an optional HTTP endpoint you configure on your own network

The app also includes network diagnostic tools that, when used, may contact third-party services outside your own infrastructure:

• WHOIS / ASN Lookup - when you look up an IP address, the app queries ipapi.co to retrieve ASN, organization, and geolocation data. When you look up a domain name, the app queries rdap.org to retrieve registration information via the RDAP protocol. These lookups are user-initiated and only occur when you actively use the WHOIS tool. The IP or domain you look up is sent to these services.

With the exception of Tailscale (which uses Tailscale's own cloud API) and the optional WHOIS lookup tool described above, all communication is between your device and your own self-hosted servers. The developer receives no data from any of these connections.

Push Notifications

If you enable notifications, the app polls your configured servers directly from your device to check service status. No polling is performed through the developer's servers. Notification content is generated on-device based on the status of your infrastructure.

App Updates

CtrlFreak uses Expo's over-the-air update system to deliver app improvements without requiring a full App Store or Google Play update. When the app launches, it may contact u.expo.dev (operated by Expo / Vercel) to check for available updates. No personal information or credentials are included in this request. Only your app's identifier and current version are transmitted. This is standard behavior for apps built with the Expo framework.

Data Retention and Deletion

All app data is stored locally on your device. Uninstalling the app permanently removes all stored credentials and settings. The developer retains no data associated with your use of the app.

Children

CtrlFreak is not directed at children under 13 and we do not knowingly collect any data from children.

Changes to This Policy

This policy may be updated as the app evolves. Changes will be reflected on this page with an updated effective date.

Contact

For privacy questions, contact: support@gowstudios.com