Legal

Privacy Policy

Last updated: July 13, 2026.

The short version: AethelHook has no accounts, no cookies, no analytics, and no server that AethelSt8 operates. Your phone and your PC talk directly to each other. Nothing about how you use the app or the website is collected by, or ever reaches, the developer.

Who this policy covers

AethelHook is an individual, open source project by AethelSt8 (also written aethelst8 or aethelstate), based in South Africa. There is no company, no registered business, and no team behind it, just one developer. "We," "us," and "the developer" in this policy all refer to that one person. "The Service" means the AethelHook Windows service and tray app, the AethelHook Android app, and the aethelst8.com website.

What we collect

Nothing, in the sense this question usually means. AethelHook does not have user accounts, does not use cookies or any tracking or analytics technology, and does not run a server that receives data from your phone or PC. There is no sign-up, no email address collected, no usage statistics sent anywhere.

The app and service do handle a small amount of data, but it never leaves your own devices:

  • A device pairing token and your PC's local network address. When you pair your phone with your PC, the AethelHook service generates a token and stores it, along with your PC's LAN and (if you use it) Tailscale IP address, in a file on your own PC. Your phone stores its copy of that same token locally too. Neither ever gets sent to AethelSt8. It only ever travels between your phone and your own PC.
  • Camera access, for QR scanning only. The Android app asks for camera permission to scan the pairing QR code shown by your PC. The camera feed is read locally to decode the QR code and is never saved, stored, or transmitted anywhere, by the app or by us.
  • Biometric access, for unlocking masked values only. Your LAN IP, Tailscale IP, and API token are masked in the app by default. Your fingerprint, face, PIN, or password, verified entirely by Android's own biometric system, unmasks them on your screen. This never touches a server anywhere, including ours.

How the connection actually works

Your phone and your AethelHook service connect directly to each other, over your own Wi-Fi network or over Tailscale if you have set that up. There is no cloud relay and no AethelSt8-operated server sitting in the middle of that connection at any point. The connection itself is encrypted (TLS, with the phone pinning your PC's specific certificate fingerprint from the QR code you scanned), so even on a shared network, nothing readable passes between your devices to anyone else.

Third-party services

AethelHook relies on a couple of services it does not control:

  • GitHub Pages hosts this website, and GitHub also hosts the installer and app downloads as release assets. Like any web host, GitHub's own infrastructure may log basic access information (such as IP addresses) as a normal part of serving pages and files. That logging is GitHub's, governed by GitHub's own privacy statement, not something AethelSt8 collects or can see.
  • Tailscale is entirely optional, and only relevant if you choose to install it to keep your phone and PC connected while apart. If you use it, that is your own Tailscale account, governed by Tailscale's own privacy policy. AethelSt8 has no visibility into it at all.

Children's privacy

AethelHook is not directed at children, and since it does not collect personal information from anyone, there is nothing to knowingly or unknowingly collect from a child either.

Your control over your data

Since everything AethelHook handles lives on your own devices, you are already in full control of it, there is nothing to request from us:

  • Revoke a paired phone at any time from the tray app's device list, which immediately invalidates that device's token.
  • Uninstalling the Android app or the Windows service removes everything each one stored.
  • The full source code is public on GitHub, so you can verify any of this yourself rather than take the policy's word for it.

Security

The phone-to-PC connection uses TLS with certificate pinning, not a plain or shared connection. Sensitive values (your API token, pinned certificate fingerprint) are stored encrypted on your phone, not in plain text. That said, no software is perfectly secure, and this policy is not a guarantee against every possible flaw, only a description of what is actually implemented today.

Changes to this policy

If AethelHook's practices change, for example if a future version adds optional crash reporting or analytics, this page will be updated and the "Last updated" date at the top will change. Since there are no accounts or email addresses on file, there is no mailing list to notify, checking back here is the only way to know.

Contact

Questions about this policy or how AethelHook handles data can go to aethelst8@gmail.com.

Back to the homepage.