termic.dev
Documentation menu

Privacy

Termic is a local desktop app with no backend. Your prompts and code go from the terminal to the CLI to the vendor, and nowhere through Termic. Here's exactly what that means.


Termic is a local-first desktop app. It has no server, no account, and no telemetry in the app itself. This page lays out precisely what happens to your prompts, your code, and your data, so you don’t have to take “we respect your privacy” on faith.

There is no Termic backend

Termic is a Tauri app: a Rust binary with a web frontend, running entirely on your machine. There is no Termic-hosted service in the loop. When you talk to an agent, the path is:

your keystrokes → terminal (xterm) → PTY → the CLI → wherever that CLI sends them

Termic spawns the CLI and shuttles bytes to and from the terminal. It doesn’t read your prompts, doesn’t parse your code, and doesn’t forward either anywhere. Whatever the claude / codex / gemini CLI would send to its vendor when you run it in iTerm, it sends the same way under Termic, because it’s the same binary with the same auth. Whatever it wouldn’t send, Termic doesn’t add.

What this means concretely

  • Your code stays where it is. Termic operates on your local git repositories and worktrees. It doesn’t upload them.
  • Your prompts go only to the agent’s vendor, exactly as they would from a plain terminal. Termic isn’t a middleman.
  • Your credentials aren’t touched. Agents authenticate with their own stored credentials (your ~/.claude login, etc.). Termic doesn’t manage, store or proxy your API keys or subscription auth.

The local debug log

For troubleshooting, Termic writes a debug log to your system temp directory (termic-debug.log). It’s local, it never leaves your machine, and you can watch it yourself:

tail -f "$(python3 -c 'import tempfile; print(tempfile.gettempdir() + "/termic-debug.log")')"

That’s the extent of what Termic records, and it’s on your disk, for your eyes.

The sandbox makes this enforceable

Privacy by architecture is good; privacy you can enforce is better. With the sandbox enabled on a task, the agent physically cannot read your secrets (~/.ssh, ~/.aws, Keychains, browser profiles, your personal folders) and physically cannot reach a network host you didn’t allow. So even a misbehaving or prompt-injected agent is contained at the OS level, not just asked nicely.

The website vs the app

One clarification, because it’s a fair question: the website at termic.dev uses privacy-respecting analytics (Umami, self-hosted, no cookies) to count page views. The app does not. There is no analytics, tracking or phone-home in Termic itself.

Open source, so you can check

Termic is AGPL-3.0 on GitHub. Everything described here is verifiable in the source. If you find a discrepancy between this page and the code, that’s a bug worth reporting.

Last reviewed: June 5, 2026