Privacy Policy

Last updated June 25, 2026

Arris is a local-first, privacy-first Mac desktop application. It runs entirely on your machine, and we do not collect telemetry, analytics, or usage tracking of any kind.

Scope

Arris is open-source software licensed under the AGPL-3.0. This policy applies to the official Arris binaries we distribute and the arrisdb.app website and services. Builds you compile yourself, or obtain from a third party, are outside our control and are not covered by this policy; a modified version could behave differently, so review its own terms.

Summary

Your databases, queries, and results stay on your Mac.
We collect no telemetry, analytics, or usage data.
Credentials are stored in the macOS Keychain, encrypted at rest.
None of your data is ever sent to us.

No telemetry

Arris collects nothing about how you use it. There are no analytics, no usage metrics, no event tracking, no fingerprinting, and no phone-home of any kind. We do not know which features you open, which databases you connect to, or even that you launched the app. The app ships with no telemetry SDK, and we run no endpoint that would receive such data.

Data processed on your device

Arris connects to the databases you configure and processes everything locally. The following stays on your Mac and is never transmitted to us:

Connection settings: hosts, ports, database names, and options you enter.
Query results and previews: rows returned from your databases, including federated joins computed in-memory by the embedded engine.
Workspace state: open tabs, pinned queries, notebooks, editor history, and app preferences.
dbt & SQLMesh project data: model lineage, compiled SQL, and plans read from your local project files.

Credential storage

Database passwords, SSH key passphrases, and access tokens are stored in the macOS Keychain through the system Security framework. They are encrypted at rest by the operating system and are never written to disk in plain text or sent to us. Non-secret connection settings are saved locally in the app's configuration directory.

Network connections

Arris makes outbound network connections only to: (1) the database servers you configure; and (2) optional update or download endpoints to deliver new versions of the app. There is no telemetry, analytics, or crash-reporting endpoint. Connections to your databases are governed by the credentials and TLS/SSH settings you provide.

Third-party services

We do not sell or share your data, because we do not collect it. The app binary is distributed through a content-delivery network, which may process standard request metadata (such as your IP address) when you download the app, as is typical for any file download. We do not link that metadata to your use of Arris.

Changes to this policy

We may update this policy as the app evolves. Material changes will be reflected on this page with a revised "last updated" date. Continued use of Arris after an update constitutes acceptance of the revised policy.

Contact

Questions about this policy? Reach us at support@arrisdb.app.