Privacy Policy

Effective June 3, 2026

Mirage ("we", "our", "the app") is a window and desktop streaming application developed by Ethan Lipnik in the United States. This policy describes what information Mirage processes, how it is used, the services we rely on, and the choices you have. For privacy requests, contact mirage@elipnik.com.

Streaming Data

Screen content, audio, and input events are streamed directly between your devices over your local network, a peer-to-peer link, or your own VPN. Mirage does not route streaming media through external servers, and no screen content is stored or recorded by Mirage.

Remote sessions keep media payload encryption enabled. Mirage Pro also includes local media encryption controls. Free-tier local sessions may run without encrypted media payloads. When media encryption is enabled, video, audio, and supported clipboard payloads use per-session key derivation with AES-256-GCM.

iCloud

Mirage uses Apple's CloudKit to enable automatic device discovery and trust between devices signed in to the same iCloud account. The following data may be stored in your private iCloud container:

This data is stored in your personal iCloud account and is governed by Apple's iCloud privacy policies. You can remove it at any time from within the app or through iCloud settings.

Subscriptions

Mirage client uses RevenueCat and Apple's StoreKit infrastructure to evaluate Mirage Pro subscription state and offering metadata. Purchases, billing, cancellation, and refunds are handled by Apple under App Store terms. Mirage does not receive or store your payment details.

Mirage stores a local RevenueCat app user identifier and local entitlement cache on your device so subscription state can be restored across launches and continue during App Store or RevenueCat connectivity failures until subscription state can be verified again.

Support Requests

If you contact support, we process the email address and message content you provide so we can respond and troubleshoot the issue. Avoid sending screen content, credentials, or other sensitive information unless requested for a specific support case.

Error Reporting

Mirage uses Sentry for crash and error reporting. The level of diagnostic data sent is configurable:

Client and host apps default to "Errors." When enabled, crash reports may include device model, OS version, app version, crash stack traces, curated breadcrumbs, and technical context. Client diagnostics may include the same pseudonymous correlation identifier used by analytics and subscriptions. Raw iCloud record identifiers, raw stream media, message bodies, credentials, and payment details are not forwarded.

Analytics

Anonymous Analytics is off by default in App Store builds and only starts after you enable it in Settings or onboarding. App Store builds do not fetch PostHog-backed remote configuration until Anonymous Analytics is enabled. TestFlight beta builds keep Anonymous Analytics on automatically for beta testing. When Anonymous Analytics is enabled, Mirage uses PostHog US Cloud to send feature usage events such as app launch metadata, connection attempts/outcomes, stream start/stop outcomes, and session-duration signals, using a pseudonymous correlation identifier as PostHog's distinct ID. PostHog screen capture, screen view capture, and lifecycle event capture are disabled. Analytics data is used to understand adoption, identify stuck points, and prioritize development.

Legal Bases for EU and UK Users

Where EU or UK data protection law applies, Mirage relies on contract necessity for core app functionality and subscriptions, legitimate interests for security, diagnostics, and TestFlight beta analytics, consent for App Store build Anonymous Analytics, and legal obligation where required by law. You can withdraw consent-based choices in Settings.

Retention

Local settings, host preferences, trust/cache metadata, the local RevenueCat app user identifier, and local subscription cache entries remain on your device until you reset them or remove the app and its container data. Active subscription cache entries may be used during App Store or RevenueCat connectivity failures until subscription state can be verified again. iCloud discovery records remain until you remove them from Mirage or iCloud. Diagnostics and analytics records are retained only as needed for reliability, security, product analytics, and support.

International Transfers

Mirage is operated from the United States and uses Apple, RevenueCat, Cloudflare, Sentry, and PostHog infrastructure that may process data outside your country. Where transfer safeguards are required, Mirage relies on the safeguards offered by those providers, including their data processing terms and transfer mechanisms.

Data We Do Not Collect

Third-Party Services

Mirage integrates the following third-party services, each with their own privacy policies:

Your Choices

You can control diagnostics and Anonymous Analytics in Settings. You can remove your iCloud discovery data from within the app or by managing your iCloud storage through System Settings. Subscription management is available through the App Store.

Your Privacy Rights

Depending on where you live, you may have rights to request access, correction, deletion, restriction, portability, objection, and withdrawal of consent for personal data that Mirage controls. EU and UK users may also lodge a complaint with their local data protection authority, including the UK Information Commissioner's Office for UK users. To make a request, contact mirage@elipnik.com.

Children's Privacy

Mirage is not directed at children under the age of 13. We do not knowingly collect information from children.

Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated through the app or this page.

Contact

If you have questions about this privacy policy, please contact mirage@elipnik.com.