Remote connection and device control are free to use with no time limit. We may introduce optional features in the future, but the core functionality you rely on today will remain available at no charge.
✅
Commercial Use Permitted
You may use AirCtrl's core features for commercial purposes — including in business workflows, customer support, or as part of a paid service — without requiring a separate license.
Overview
AirCtrl ("the Service") allows you to remotely control an Android device from a web browser via a relay server. This policy explains what data is processed and how it is handled.
What We Do Not Do
We do not view or analyze screen content. Screen frames are relayed as opaque bytes and immediately discarded. No human or automated system inspects them.
We do not analyze UI data for commercial purposes. Accessibility tree data is relayed directly to your browser and never retained or processed beyond the active session.
We do not train machine learning models. None of your data — screens, commands, files, or usage patterns — is used to train AI or any other model.
We do not track user behavior. No analytics, telemetry, advertising identifiers, or behavioral profiling of any kind.
Data Transmitted
When you use AirCtrl, the following data passes through the relay server in real time:
Screen content — JPEG frames captured from the device display.
Input commands — taps, swipes, key presses, and text you send to the device.
File transfers — files you upload to or download from the device.
UI tree data — accessibility node information when you use the UI inspection feature.
App list — installed application names and package identifiers.
Data Retention
The relay server is a pass-through only. The following data is never stored:
Screen frames and video stream content
Input commands (taps, swipes, key presses, text)
Uploaded or downloaded file contents
UI tree and accessibility node data
Uploaded files are held in a temporary server buffer only for the duration of the transfer, then deleted immediately.
Connection logs (device ID, timestamp, and command type — no payload content) are retained for up to 30 days for debugging and abuse prevention, then automatically purged.
Security
Encryption in transit — All communication is encrypted via HTTPS/WSS (TLS 1.2+). Data between the Android app, the relay server, and your browser is protected at the transport layer.
Session isolation — Each device connection is assigned an isolated session. Commands from one session cannot reach or affect any other device.
One-time pairing code — The 12-digit pairing code displayed on the device is single-use. After a session is established it cannot be reused to open a new session.
Local token storage — Session tokens are stored in your browser's local storage (or session storage if you disable "Remember this connection"). Tokens are hashed before being stored server-side. You can invalidate a session at any time by disconnecting.
User Responsibilities
AirCtrl is a tool for legitimate remote device management. By using it you agree to the following:
You must have the legal right and explicit permission to control any device you connect to.
You must not use AirCtrl for unauthorized access, covert surveillance, or any form of illegal monitoring.
You must not use AirCtrl in a manner that violates any person's privacy rights.
Users are solely responsible for ensuring that their use of AirCtrl — and the devices and data accessed through it — complies with all applicable laws and regulations, particularly in commercial deployment scenarios.
Third Parties
No screen content, files, or personal data are shared with third parties. The relay server is operated solely to facilitate the device-to-browser connection.
On-Device Permissions
The Android app requires the following permissions to operate:
Accessibility Service — to simulate touch input and read UI elements.
Screen Capture (Media Projection) — to capture and stream the display.
Storage Access — to browse, upload, and download files.
These permissions are used exclusively for remote control functionality and are never used to collect data for any other purpose.
Your Control
You can stop all data transmission at any time by closing the app on the device or clicking "Close App" in the browser. Revoking the Accessibility or Screen Capture permission in Android system settings immediately terminates those data streams.
Contact
If you have questions about this policy, please open an issue in the project repository.