Privacy Policy.

1. Overview

WyseDesk ("we," "us," or "our") is a free remote desktop application developed and distributed by DataroxIT. This Privacy Policy describes how we handle information in connection with the WyseDesk software application, our website at wyseworks.org, and any related services.

We are committed to privacy by design. WyseDesk is architected so that the content of your remote desktop sessions is never accessible to us — it travels end-to-end encrypted between the devices you control.

2. What We Collect

Connection Metadata

When your WyseDesk client connects to the relay or signaling server, the server may log minimal connection metadata for operational purposes, including:

• Your machine's WyseDesk ID (a randomly generated identifier, not linked to your identity)
• IP address and port used during connection establishment (used for NAT traversal)
• Session timestamps (connection start and end times)
• Connection type (direct P2P or relay-assisted)

This metadata is used solely for operating and troubleshooting the relay infrastructure. It is not used to build user profiles.

Website Analytics

Our website (wyseworks.org) may collect standard web server logs, including page visits, referrer URLs, browser type, and general geographic region (country level). We do not use third-party analytics platforms such as Google Analytics.

Contact Form Submissions

When you use our contact form, we collect your name, email address, selected subject, platform, and message content. See Section 7 for details.

3. What We Don't Collect

We want to be explicit about what WyseDesk does not collect:

• Session content — We cannot see, record, or access the screen, keyboard input, mouse activity, clipboard contents, files transferred, or audio streamed during your remote sessions.
• Personal identity — WyseDesk IDs are randomly generated and are not linked to your name, email, or any personal identifier.
• Behavioral tracking — No usage analytics, heatmaps, session recordings, or behavioral profiling.
• Advertising data — We do not sell, rent, or share data with advertising networks.
• Device fingerprinting — We do not fingerprint your hardware for tracking purposes.
• Location data — We do not access your precise GPS or device location.

4. How Connections Work

Understanding WyseDesk's connection architecture helps clarify our privacy properties:

Direct P2P (Preferred)

Where network conditions allow, WyseDesk establishes a direct peer-to-peer connection between the two devices using NAT traversal. In this mode, no session data passes through any server — it travels directly from device to device, encrypted end-to-end.

Relay Fallback

When a direct connection isn't possible (due to strict firewalls or NAT types), WyseDesk falls back to a relay server. In your case, this relay is your own homelab server at rustdesk.wyseworks.org, which you control. Session data relayed through this server remains end-to-end encrypted — the relay server cannot decrypt the session content.

Signaling Server

The signaling server facilitates the initial handshake that establishes connections. It handles only connection setup metadata (IDs, IP negotiation) — not session content.

5. Encryption

All WyseDesk sessions are protected by end-to-end encryption using NaCl (libsodium), a well-audited, modern cryptographic library.

• Encryption is established between the two endpoints before any screen, input, audio, or file data is transmitted.
• Neither DataroxIT, nor your relay server operator, can decrypt session traffic.
• Server public keys are baked into WyseDesk packages to prevent man-in-the-middle attacks during connection setup.
• Optional two-factor authentication (TOTP) is supported for additional access control.

6. Server & Relay Data

WyseDesk packages distributed by DataroxIT are pre-configured to use the relay and signaling server at rustdesk.wyseworks.org. This server is operated by DataroxIT.

Data handled by this server:

• Connection handshake negotiation (encrypted, ephemeral)
• Relay of encrypted session packets (when P2P is not possible)
• Basic server-side logs for uptime and abuse prevention

This server does not store session content, does not log session payloads, and does not retain persistent records of which IDs connected to which IDs beyond what is operationally necessary for the active session.

Self-Hosted Deployments

If you deploy your own RustDesk-compatible server, the privacy characteristics of that deployment are governed by your own policies and configurations. DataroxIT has no access to data on self-hosted infrastructure you operate.

7. Contact Form Data

When you submit our contact form at contact page, we collect:

• Your name and email address
• The subject category you selected
• Your selected platform
• The message content you wrote

This information is used solely to respond to your inquiry. We do not add contact form submissions to marketing lists without your explicit consent. We retain contact form records for up to 24 months for reference in ongoing support relationships, after which they are deleted.

8. Third Parties

WyseDesk does not integrate with, or send data to, any third-party advertising networks, analytics platforms, or data brokers.

We may use the following limited third-party services in connection with operating our website:

• Web hosting provider — Standard hosting infrastructure. Subject to their own privacy terms. Does not receive WyseDesk session data.
• Email provider — Used to receive and respond to contact form submissions. Handles email only, not session data.

We do not sell, rent, license, or otherwise disclose your personal information to third parties for their commercial purposes.

9. Data Retention

We retain different categories of data for different periods:

• Connection metadata logs — Retained for up to 30 days for operational troubleshooting, then deleted on a rolling basis.
• Web server logs — Retained for up to 90 days, then purged.
• Contact form submissions — Retained for up to 24 months, or until you request deletion.

We do not retain session content because we never have access to it.

10. Your Rights

Depending on your location, you may have certain rights regarding personal data we hold about you, including:

• Access — Request a copy of personal data we hold about you.
• Correction — Request correction of inaccurate personal data.
• Deletion — Request deletion of your personal data (subject to operational requirements).
• Portability — Request a machine-readable copy of data you provided to us.
• Objection — Object to certain uses of your data.

To exercise any of these rights, contact us at privacy@wyseworks.org. We will respond within 30 days.

Note that because WyseDesk session content is end-to-end encrypted and never accessible to us, we cannot fulfill requests related to session data — we genuinely don't have it.

11. Children's Privacy

WyseDesk is not directed at children under the age of 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us at privacy@wyseworks.org and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically.

Continued use of WyseDesk following notice of changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• General privacy inquiries: privacy@wyseworks.org
• Security disclosures: security@wyseworks.org
• Contact form: wyseworks.org/contact

DataroxIT
WyseDesk Remote Desktop Software
rustdesk.wyseworks.org