MuffinTerm • Privacy Policy

Basic privacy information

The MuffinTerm app (whether on iOS, iPadOS, or macOS) does not collect any information for purposes of advertising, user tracking, or other such things. As the developer, I’m only able to see a certain amount of anonymized download data from the App Store; I’m not given anything personally identifying you. In particular, I can’t see the BBSes or servers to which you connect, nor any accounts or data on your device.

MuffinTerm does not use or include any third-party libraries, “middleware” frameworks, or the like; the code is 100% written from scratch, using only the standard system-provided libraries and APIs, to ensure that it’s not doing anything peculiar behind the scenes.

If you’ve enabled Developer Crash Reports in System Preferences on your device, then in the unfortunate event that MuffinTerm somehow crashes, your system may send an anonymized crash report to Apple, which will be visible to me through Apple’s developer system. You can disable this for all applications via the global System Preferences.

Your dialing directory and related data

If you save details about a BBS or connect to a BBS or other server using MuffinTerm, then the application will store certain details for your private use, referred to collectively as the “Dialing Directory.” Only you have access to these details. All of these items are visible in the user interface, so you can check at any time what information is being saved.

For a given BBS, these details include: The BBS’s name as it appears in your dialing directory; the server and protocol information for connecting to the BBS; your preferred video mode, terminal emulation, and related display and protocol configuration for that BBS; the total number of bytes uploaded to or downloaded from the BBS as file transfers; the total number of calls and cumulative time spent connected to the BBS; the time and duration of the most recent call that you made to the BBS; the text and color to use for the “sticky note” associated with that BBS; the timestamp when you first added the BBS to your directory; the timestamp when you last made a change to its entry; and a randomly generated key (UUID) for indexing the BBS in your dialing directory.

For each connection in your BBS call history: Which BBS you called; when you called it; how long you were connected; and the total number of bytes uploaded and downloaded in file transfers during the call.

Other details that are stored as part of the Dialing Directory: The list of BBSes that you’ve marked as favorites; your custom sorting order for the BBSes in the main list and the favorites list; and the text of the global sticky note (the one that’s visible regardless of which BBS you’re connected to).

MuffinTerm will store these Dialing Directory details on your local device, in a generally plain-text format (specifically, as compressed JSON data). You can also export a human-readable (uncompressed) JSON archive of this data, if you want to save a backup or just to look over it to see what’s being stored.

If you’re logged in on your device with an iCloud account, you can optionally choose to synchronize your Dialing Directory data through iCloud, so that changes on one device will automatically be reflected on your other devices where you use MuffinTerm (as long as you’re logged in with the same iCloud account on all devices). Synchronization data is stored on Apple’s iCloud servers, and is private to your account; I do not have access to your data, nor is it shared to any other user accounts.

At any time, you can disable the iCloud synchronizing feature, either through MuffinTerm’s preferences, or through the iCloud section in the device’s System Preferences (or by logging out of iCloud entirely). If you disable iCloud syncing in MuffinTerm, then the device’s sync data will be removed from iCloud and no further changes will be saved to the servers from that device.

You can also manually delete any given BBS or call records through the standard interface in MuffinTerm. If you’re using iCloud to sync, then these changes will also be sent to the server and will be reflected on any other devices where you’re using MuffinTerm with iCloud Sync enabled.

Other saved data

In addition to the Dialing Directory, MuffinTerm saves your application-wide preferences (for example, your default file transfer protocol, the color to use for the global sticky note, etc.). These are only saved locally; they aren’t synchronized between devices.

You can also optionally save a “session log” of a given connection. If you enable this feature, then it will save a text file containing all of the text received from the remote BBS to your system disk or device. You can optionally enable “raw” logs as well; this creates an additional file each time you save a session log, containing the raw data received, without any text processing. These session logs are saved only to your local system; they aren’t stored online (unless as part of your standard system backups, if you back up your device online). You can review, save, or delete log files as you wish.

Finally, if you upload or download files to or from a BBS, then these will be sent from or stored to your device, as you would expect.

Other personal data

If you send me an email, I’ll of course have access to that message, including whatever name and email address you use. I might use your address to send replies to you regarding your email, but I won’t share them with any third parties (unless required by law), nor will I send any advertisements or other “junk” emails.

Network servers and traffic

MuffinTerm will connect to servers that you direct it to. If you have iCloud Sync enabled (see above), then the OS will also connect to Apple’s servers periodically on the application’s behalf to keep data synchronized between your devices. MuffinTerm does not connect to any other systems, and contains no trackers or other such code. Depending on your OS version, you may be able to enable system auditing of network connections for MuffinTerm (or for any other application), to verify what servers it’s connecting to, and when. Other than the call history list that you can see in the Dialing Directory interface, MuffinTerm does not keep track of any other traffic or connections that you make.

Be aware that online BBSes traditionally use the TELNET protocol, which does not encrypt data in transit. It’s possible that some intermediary host on the Internet could see some or all of the data that you send to or from a given BBS. Additionally, the sysop (administrator) of a BBS that you connect to will be able to see your IP address and your communications while you’re using their BBS. (You can use a VPN to conceal your IP address and to encrypt traffic at certain stages along the network route, but ultimately when you use a BBS, you’re using a service on someone else’s computer, so they’ll be able to see whatever you’re doing there, regardless.)

BBSes are run by individuals, and standards of privacy and interaction can vary from system to system.

Application safety and authentication

MuffinTerm is built as a “sandboxed” application: By design, the system will prevent it from accessing areas of your system outside of its private file area. The exceptions are when you upload files to a BBS, at which time you can manually select files that you wish to upload, and the system will temporarily allow MuffinTerm to read them at that time; and on macOS, when selecting locations for downloading files and saving log files, MuffinTerm will have access to the folders that you choose.

Finally, as with all App Store applications, MuffinTerm is a “signed” application (cryptographically authenticated by Apple), so you can feel confident that it hasn’t been tampered with or corrupted during download.

Contact information

If you have any questions or concerns about the privacy or storage of your data, or other items discussed here, you can email me at: support@muffinterm.app

Thank you for using MuffinTerm! :)