Overview
Remio is remote desktop software that lets you reach your computer from anywhere. We built it with a privacy-first philosophy: your screen, your files, and your data stay between your devices. Period.
Remio does not require an account. We do not collect your email. Your remote sessions connect your devices directly, so we never see your screen or what you are doing. We collect the bare minimum needed to keep the app working — and the table below is the complete list.
Every category of data Remio touches
This ledger is the honest, complete inventory. Each row names a category of data, what it actually is, why we touch it, and how long it sticks around. The status dot tells you the sensitivity at a glance: local only, transient on our server, persistent.
| Category | What it actually is | Why we touch it | Retention |
|---|---|---|---|
| SCREEN-PIXELS | The frames of your remote desktop — video, cursor, audio. | Rendered directly on your viewing device. Never reaches us. | Local only — never leaves the encrypted tunnel between your devices. |
| INPUT-EVENTS | Keystrokes, mouse moves, clicks, scrolls, clipboard payloads, files in transit. | Forwarded directly from your client device to your host. | Local only — never stored anywhere. |
| DEVICE-ID | An anonymous identifier each device generates when first launched. | Pairing a host with a client without asking for an email. | Until you delete the device from the app. |
| SESSION-METADATA | The introduction messages two devices exchange to find each other (connection setup details and room ID). | Establishing the direct connection between your devices. | Discarded the moment the introduction completes. |
| DEVICE-PROFILE | OS family and version, app build, screen size — for compatibility negotiation. | Picking the right codec, resolution, and feature flags for your pair. | In-memory only — never stored on our side. |
| CRASH-LOGS | Anonymized diagnostic data when the app crashes — stack trace, OS version, device model. | Fixing the bug that caused the crash. | Up to 30 days via Apple, then purged. |
| PAIRING-PIN | The short numeric code your host displays during pairing. | Confirming both devices belong to you before trust is established. | Generated fresh every pairing. Never stored. |
| PAYMENT-DATA | Card numbers, billing addresses, receipts (if you subscribe). | Apple handles payment end-to-end. We never see it. | Handled by Apple under their privacy policy. |
Almost every row above is either local-only or transient. Crash logs are the one persistent item, and they are handled by Apple — not by us. There is no centralised database of Remio users to breach, because we never built one.
What we collect
We keep data collection to the absolute minimum needed for Remio to function. The ledger above is the canonical list — this section is the prose version, for the rows that need a little more explanation.
Crash reports
When Remio crashes (nobody is perfect), Apple's built-in crash reporting may send us anonymized diagnostic data. This includes the type of crash, OS version, and device model — but never screen content, personal files, or anything you were doing at the time.
You can disable crash reporting entirely in your device's system settings.
Connection setup
Two devices need a way to find each other before they can speak directly. Our connection server relays the introduction messages required to establish that direct connection — and then it walks away. None of those messages are kept after the connection is up.
What we don't collect
This is the part we are most proud of. Remio does not collect, store, access, or transmit any of the following:
- Screen content — Your remote desktop stream goes directly between your devices.
- Keystrokes or mouse input — Your input is sent directly between your devices, never through our servers.
- Files or clipboard data — What you copy, paste, or transfer stays between your devices.
- Location data — We do not ask for it, we do not want it.
- Browsing history — We have no idea what websites you visit.
- Personal information — No name, no email, no phone number, no account needed.
- Usage analytics or tracking — No trackers, no pixels, no behavioral profiling.
- Advertising data — No ads, no ad networks, no data brokers.
We do not collect this data because we designed Remio so we never need to. Privacy is not a feature we bolted on — it is how the architecture works.
How connections work
Understanding how Remio links your devices helps explain why your data stays private.
Direct device-to-device connections
Once connected, all data — your screen, input, audio — flows directly between your devices. This means your stream does not pass through Remio servers or any third party. It is just you talking to your own computer.
Connection server
To establish a connection, your devices need to find each other. Our connection server handles the initial introduction — think of it as introducing two people at a party. Once they are talking, the introducer walks away.
The connection server:
- Relays the connection setup details so both devices can find each other.
- Does not see or relay any screen content, keystrokes, or files.
- Does not store connection history.
- Discards all setup data once the connection is established.
End-to-end encryption
All sessions are end-to-end encrypted with AES-256-GCM (DTLS-SRTP) — the same encryption standard used by modern video conferencing. Even if someone intercepted your data in transit, they could not read it. See the security whitepaper for the cryptographic details.
Third parties
We keep third-party involvement to a minimum:
- Apple App Store — Distributes Remio on iOS and macOS. Apple has its own privacy policy.
- Apple Crash Reporting — Provides anonymized crash data when the app crashes.
- Apple (payment processing) — If you purchase a subscription or in-app purchase, Apple handles the payment. We never see your payment details.
We do not use any third-party analytics, advertising, or tracking services. No Google Analytics, no Facebook Pixel, no Mixpanel, no nothing.
Data retention
Since we barely collect any data, there is not much to retain:
- Crash reports — Stored by Apple for up to 30 days, then deleted.
- Connection setup — Discarded immediately after the connection is established.
- Device identifier — Stored until you delete the device from the app.
- Everything else — There is no "everything else." We do not have it.
We cannot delete what we do not have. And that is by design.
Your rights
Regardless of where you live, we believe you have the right to privacy. Under regulations like GDPR (EU), CCPA (California), and similar laws, you have the right to:
- Access — Request a copy of any personal data we hold about you.
- Deletion — Request that we delete any personal data we hold about you. See the delete-account page for the step-by-step.
- Portability — Receive your data in a machine-readable format.
- Objection — Object to processing of your personal data.
- Correction — Request correction of inaccurate personal data.
In practice, since we do not collect personal data, there is usually nothing to access, delete, or correct. But if you would like to exercise any of these rights, reach out and we will respond within 30 days.
Children's privacy
Remio is not directed at children under 13. We do not knowingly collect any personal information from children. Since we do not collect personal data from anyone, this is more of a formality — but we want to be clear about it.
Changes to this policy
If we ever change this privacy policy, we will update the "last updated" date at the top of this page. For significant changes, we will make reasonable efforts to notify you — such as a notice in the app.
We encourage you to check this page occasionally, but honestly, we do not expect it to change much. Our philosophy is simple: collect as little as possible. That is unlikely to change.
Contact us
Questions about privacy? We are happy to explain anything in more detail.
- Email — privacy@remio.net
- Website — remio.net