Termic is a local-first desktop app. It has no server, no account, and no telemetry in the app itself. This page lays out precisely what happens to your prompts, your code, and your data, so you don’t have to take “we respect your privacy” on faith.
There is no Termic backend
Termic is a Tauri app: a Rust binary with a web frontend, running entirely on your machine. There is no Termic-hosted service in the loop. When you talk to an agent, the path is:
your keystrokes → terminal (xterm) → PTY → the CLI → wherever that CLI sends them
Termic spawns the CLI and shuttles bytes to and from the terminal. It doesn’t read your prompts, doesn’t parse your code, and doesn’t forward either anywhere. Whatever the claude / codex / gemini CLI would send to its vendor when you run it in iTerm, it sends the same way under Termic, because it’s the same binary with the same auth. Whatever it wouldn’t send, Termic doesn’t add.
What this means concretely
- Your code stays where it is. Termic operates on your local git repositories and worktrees. It doesn’t upload them.
- Your prompts go only to the agent’s vendor, exactly as they would from a plain terminal. Termic isn’t a middleman.
- Your credentials aren’t touched. Agents authenticate with their own stored credentials (your
~/.claudelogin, etc.). Termic doesn’t manage, store or proxy your API keys or subscription auth.
The local debug log
For troubleshooting, Termic writes a debug log to your system temp directory (termic-debug.log). It’s local, it never leaves your machine, and you can watch it yourself:
tail -f "$(python3 -c 'import tempfile; print(tempfile.gettempdir() + "/termic-debug.log")')"
That’s the extent of what Termic records, and it’s on your disk, for your eyes.
The sandbox makes this enforceable
Privacy by architecture is good; privacy you can enforce is better. With the sandbox enabled on a task, the agent physically cannot read your secrets (~/.ssh, ~/.aws, Keychains, browser profiles, your personal folders) and physically cannot reach a network host you didn’t allow. So even a misbehaving or prompt-injected agent is contained at the OS level, not just asked nicely.
The website vs the app
One clarification, because it’s a fair question: the website at termic.dev uses privacy-respecting analytics (Umami, self-hosted, no cookies) to count page views. The app does not. There is no analytics, tracking or phone-home in Termic itself.
Open source, so you can check
Termic is AGPL-3.0 on GitHub. Everything described here is verifiable in the source. If you find a discrepancy between this page and the code, that’s a bug worth reporting.
Related
- Sandbox overview: enforcing the boundary at the OS.
- Network allowlist: controlling what leaves the machine.
- Architecture & data: where Termic stores things locally.