What Iris does — and doesn't — see.

• Your Vercel personal access token is stored only on your device, inside the iOS Keychain or Android Keystore.
• We never see your token, your projects, your environment variables, your deployments, your domains, or your source code.
• We do not run analytics SDKs, advertising trackers, or third-party telemetry inside the app.
• If you contact us by email or subscribe via Apple/Google for Iris Pro, the respective platform sees that subscription — we do not store payment details ourselves.

Iris is intentionally minimal in scope. We do not collect or transmit:

• Your Vercel personal access token.
• Your GitHub access token or any data fetched from GitHub (file contents, branches, commits, repository metadata).
• Project metadata, deployment status, build logs, environment variables, or domain configuration.
• Your name, email, Vercel account ID, or team membership.
• Device identifiers, IP address, advertising IDs, or precise location.
• Crash reports or analytics events of any kind.

When you connect Iris to your Vercel account, you generate a personal access token on vercel.com/account/tokens and paste it into the app. The token is written to:

• The iOS Keychain (with the kSecAttrAccessibleAfterFirstUnlock accessibility class) on iPhone and iPad.
• The Android Keystore (using EncryptedSharedPreferences) on Android.

The token never leaves your device except in HTTPS requests addressed directly to api.vercel.com (or, if you enable the git editor, api.github.com). Iris does not proxy these requests through any server we operate.

You can revoke a token at any time from your Vercel account settings. Deleting Iris from your device also removes the local copy.

Iris is a client for the Vercel and GitHub HTTP APIs. When the app makes a request on your behalf, Vercel and/or GitHub will receive the standard metadata that any HTTPS request contains (your IP address, your token, request path, headers). Those requests are governed by Vercel's Privacy Policy and GitHub's Privacy Statement, not by this policy.

To show a live preview thumbnail of each Vercel project's production deployment, Iris uses Screenshot Machine, a third-party service that captures snapshots of public webpages. When you open a project, the app requests a thumbnail of its production URL from Screenshot Machine's servers; the resulting image is retrieved and rendered in-app.

The only data sent to Screenshot Machine is the production URL of the Vercel project being previewed. Your Vercel token, GitHub token, and account details are never shared. Your use of Screenshot Machine through Iris is also governed by Screenshot Machine's privacy policy.

Iris Pro is sold as an in-app subscription via the Apple App Store (on iOS) and Google Play (on Android). Payment, billing, renewals, and refunds are handled entirely by Apple or Google under their respective terms. We receive an anonymized receipt from the store confirming that an active subscription exists for the current device, which Iris uses to unlock Pro features. We do not see your name, email address, payment method, or billing address.

If you email us for support, we will see the contents of your email, your email address, and anything you choose to include (screenshots, logs, account information). We keep support correspondence only as long as is reasonably necessary to resolve the issue and to maintain a record of previous conversations.

Iris is a developer tool not directed at children under 13. We do not knowingly collect information from children.

Because Iris does not hold personal data about you on its own servers, most of the rights granted under the GDPR, the CCPA/CPRA, and similar laws (access, deletion, portability, objection) have nothing for us to act on. You retain full control over your local data by uninstalling the app and revoking your Vercel and GitHub tokens.

If you have corresponded with us by email, you may request that we delete that correspondence by writing to mgm@pinnacleparameters.com.

If we make material changes to how Iris handles your data, we will update this page and revise the “Last updated” date above. Continued use of Iris after a change constitutes acceptance of the updated policy.

Pinnacle Parameters
mgm@pinnacleparameters.com