Privacy Policy

Short version: Tessera collects nothing. There are no accounts, no servers we operate, and no analytics or tracking of any kind. Your data stays on your device.

What Tessera stores

Your two-factor accounts (issuer, label, and secret keys) are stored in an encrypted vault on your Mac. The vault is encrypted with a key derived from your passphrase (argon2id) and sealed with XChaCha20-Poly1305. On devices with a Secure Enclave, the vault key can be additionally protected by Touch ID.

What Tessera transmits

Nothing. Tessera generates codes entirely offline. It does not connect to any Tessera-operated server, and it contains no analytics, advertising, or crash-reporting SDKs.

Permissions

Tessera runs in the macOS App Sandbox. If you use on-screen QR scanning, macOS asks for Screen Recording permission, used only to read a QR code at the moment you trigger a scan. If you import a file, macOS asks you to pick that file. Tessera requests no other access.

Data collection

Tessera does not collect any data, as defined by Apple's App Privacy guidelines. We cannot see your accounts or codes.

Open source

Tessera is open source under the Apache-2.0 license. You can read exactly what it does and build it yourself: github.com/ibrahemid/tessera.

Contact

Questions about privacy: thetechyhub@gmail.com.