Privacy Policy

Clipboard Push ("we", "our", or "us") is a clipboard synchronization tool. This Privacy Policy explains what data is involved when you use our service, how it is handled, and what controls you have over it.

1 What Data We Handle

Clipboard Push handles the following types of data solely for the purpose of synchronization between your devices:

• •Clipboard text — plain text you choose to sync between your devices.
• •Files and images — files you send via the app, temporarily stored for transfer.
• •Device metadata — device name and local IP address, used only for peer discovery within your room.

We do not collect your name, email address, phone number, or any account credentials. No user account is required to use Clipboard Push.

2 End-to-End Encryption

All clipboard text is encrypted on your device using AES-256-GCM before being transmitted. The encryption key is generated from your pairing QR code and never leaves your devices. Our relay server only sees ciphertext — it cannot read your clipboard content.

Files are also encrypted in transit. Temporary file storage (Cloudflare R2 or server-side local storage, depending on deployment) holds encrypted data only. As an additional safeguard, the relay server runs a scheduled job that purges all temporary files every 60 minutes, ensuring no file lingers beyond the transfer window even if a transfer was interrupted.

3 How Data Flows

When you sync clipboard content, the data path is:

1. 1 Your device encrypts the content locally using your room key.
2. 2 Encrypted data is sent to our relay server over a secure WebSocket (WSS) connection.
3. 3 The relay server forwards the ciphertext to your other paired device(s) in the same room.
4. 4 The receiving device decrypts the content locally. The relay server never stores decrypted content.

For LAN transfers, content may flow directly between your devices without touching our servers at all.

4 Data Retention

• •Clipboard text — relayed in real time and not stored on our servers.
• •Files — stored temporarily on cloud or local storage (encrypted) for transfer. A scheduled cleanup job purges all temporary files every 60 minutes, so files are never retained beyond the transfer window.
• •Device metadata — held in server memory for the duration of your session only; cleared on disconnect.
• •Server logs — standard connection logs (IP address, timestamps) are retained for up to 30 days for security and debugging purposes.

5 Third-Party Services

We use the following third-party infrastructure:

• •Cloudflare R2 — temporary encrypted file storage (used by our hosted server). Subject to Cloudflare's Privacy Policy. Self-hosted deployments may use local disk storage instead.
• •Cloudflare Pages — hosts this website. Subject to Cloudflare's Privacy Policy.

We do not sell, rent, or share your data with any other third parties.

6 Self-Hosting Option

Clipboard Push is open source and can be self-hosted. If you run your own relay server, your data never passes through our infrastructure. We have no visibility into self-hosted deployments.

7 Your Rights

Since we do not collect personal accounts or persistent user data, most data rights are satisfied by design. Specifically:

• •You can stop using the service at any time — your session data is cleared on disconnect.
• •No account means no personal data profile to delete.
• •To request deletion of any server logs associated with your IP address, contact us at the email below.

8 Children's Privacy

Clipboard Push is not directed at children under 13. We do not knowingly collect any data from children.

9 Changes to This Policy

We may update this policy from time to time. Material changes will be noted by updating the "Last updated" date at the top of this page. Continued use of the service after changes constitutes acceptance of the updated policy.

10 Contact

If you have any questions about this Privacy Policy, please contact us at: privacy@clipboardpush.com