Privacy Policy
Last updated 6 June 2026
The short version: Rook collects nothing and transmits nothing. Rook is a local, on-device secrets vault. Your data is stored, encrypted, on your own Mac. We — the makers of Rook — never receive it, never see it, and have no servers it could be sent to.
What Rook stores, and where
Everything Rook keeps lives on your device:
- Your vault items (the refs, fields, notes, and secret values you enter) are stored in an encrypted file in the app's Application Support / sandbox container, using AES-GCM.
- The encryption key is held in the macOS data-protection Keychain, this-device-only — never synced to iCloud, never exported.
- Small preferences (such as your auto-lock timeout) are stored in standard macOS user defaults on your Mac.
None of this leaves your computer.
Network & tracking
- Rook makes no network connections of its own. It has no telemetry, no analytics, no crash reporting, and no advertising or tracking SDKs.
- The direct (Developer ID) edition includes a
vault runcommand that executes a command you specify, with your secrets injected as environment variables. Any network activity there comes from the command you chose to run — not from Rook.
What we receive
Nothing. There is no account to create and no sign-in. We cannot read your vault, recover your secrets, or identify you. If you buy Rook on the Mac App Store, your purchase is handled by Apple under Apple's Privacy Policy; we receive only anonymous, aggregate sales figures from Apple — never your identity or your data.
Your data, your control
Because everything is local, you are always in control: delete items in the app, empty the Trash to remove them permanently, or delete the app and its container to erase everything. Use Rook's encrypted backup export if you want to move your vault to another Mac.
Children
Rook is a developer tool and is not directed at children under 13. It collects no data from anyone.
Changes
If this policy ever changes, the updated version will be posted here with a new date. Since Rook collects nothing, we don't anticipate material changes.
Contact
Questions about privacy? Email support@jybrd.io.