Privacy Policy

Last updated June 6, 2026

Arris is a local-first, privacy-first Mac desktop application. It runs entirely on your machine. We do not operate a backend that stores your data, and we do not collect telemetry, analytics, or usage tracking.

Summary

Your databases, queries, and results stay on your Mac.
We collect no telemetry, analytics, or usage data.
Credentials are stored in the macOS Keychain, encrypted at rest.
The only data that ever leaves your machine is a crash report — and only when you choose to submit one.

Data processed on your device

Arris connects to the databases you configure and processes everything locally. The following stays on your Mac and is never transmitted to us:

Connection settings — hosts, ports, database names, and options you enter.
Query results and previews — rows returned from your databases, including federated joins computed in-memory by the embedded engine.
Workspace state — open tabs, pinned queries, notebooks, editor history, and app preferences.
dbt & SQLMesh project data — model lineage, compiled SQL, and plans read from your local project files.

Credential storage

Database passwords, SSH key passphrases, and access tokens are stored in the macOS Keychain through the system Security framework. They are encrypted at rest by the operating system and are never written to disk in plain text or sent to us. Non-secret connection settings are saved locally in the app's configuration directory.

Crash reports

Arris does not send crash reports automatically. If the app encounters an error, you may choose to submit a report. When you do, the report may include the error message, a stack trace, application version, and basic operating-system information needed to diagnose the issue. We use this solely to fix bugs. We make a reasonable effort to avoid including your database contents or credentials in these reports. If you do not submit a report, nothing is sent.

Network connections

Arris makes outbound network connections only to: (1) the database servers you configure; (2) optional update or download endpoints to deliver new versions of the app; and (3) the crash-report endpoint, only when you submit a report. Connections to your databases are governed by the credentials and TLS/SSH settings you provide.

Third-party services

We do not sell or share your data, because we do not collect it. The app binary is distributed through a content-delivery network, which may process standard request metadata (such as your IP address) when you download the app, as is typical for any file download. We do not link that metadata to your use of Arris.

Children's privacy

Arris is a professional developer tool and is not directed to children under 13. We do not knowingly collect information from children.

Changes to this policy

We may update this policy as the app evolves. Material changes will be reflected on this page with a revised "last updated" date. Continued use of Arris after an update constitutes acceptance of the revised policy.

Contact

Questions about this policy? Reach us at [email protected].