PocketForge Privacy Policy

Last updated: May 6, 2026

See also: PocketForge Terms of Service

This policy covers both PocketForge (iOS) and PocketStack (Android), which are sibling products of WeaveHub Technologies LLC. Differences between the two platforms are called out inline below.

What Are PocketForge and PocketStack?

PocketForge (iOS) and PocketStack (Android, package app.weavehub.pocketstack) are mobile applications for IT administrators to monitor and manage VMware vSphere, Nutanix Prism, and Proxmox VE hypervisor environments. They are functionally equivalent sibling products of WeaveHub Technologies LLC, differing only in platform and brand name. Both apps connect directly from your device to your servers. WeaveHub does not host your infrastructure and does not receive your infrastructure data.

1. Information We Collect

1.1 Authentication Identifiers

iOS (PocketForge): Uses Sign in with Apple to obtain a pseudonymous, app-scoped identifier (the Apple User ID). This identifier is sent to the WeaveHub licensing server at licensing.weavehub.app to determine trial eligibility. We do not receive your name or email address through Sign in with Apple.

Android (PocketStack): Uses Firebase Authentication (operated by Google) for sign-in. You may sign in with email and password or with Google Sign-In via the Android Credential Manager. Firebase stores your email address, a hashed password (for email/password sign-in), and a stable Firebase user identifier (UID) under the Firebase project pocketforge-7ccf6. WeaveHub receives the Firebase UID for the purpose of binding your subscription state to your account; we do not receive raw passwords. Email verification, password reset, and Google Sign-In flows are handled directly by Firebase. See Firebase’s privacy commitments.

1.2 Subscription Verification

iOS (PocketForge): Subscription transactions are processed by Apple through the App Store. WeaveHub receives a cryptographically signed transaction record (JSON Web Signature) from Apple’s StoreKit framework, which we verify through our licensing service.

Android (PocketStack): Subscription transactions are processed by Google through Google Play Billing. Subscription state is managed by RevenueCat, Inc. on our behalf (RevenueCat project projaf8a265e); RevenueCat receives the Google Play purchase token and your Firebase UID and reports your entitlement status to the app. See RevenueCat’s privacy policy.

In both cases the verification record contains:

  • An anonymous transaction identifier assigned by Apple or Google
  • The product identifier of your subscription (e.g. pocketforge_pro_monthly, pocketstack_pro_monthly)
  • Transaction timestamps, trial state, and expiration dates

We do not receive your name (beyond what you optionally supply during sign-up), payment method, billing address, or financial account details. Apple and Google handle payment processing entirely on their respective platforms.

2. Information Stored Locally on Your Device

The following data is stored exclusively on your device and is never sent to WeaveHub:

  • Connection profiles (hostname, port, username) — stored in SwiftData (iOS) or Room (Android) on your device
  • Server credentials (passwords) — stored in the iOS Keychain (PocketForge) or Android Keystore-backed EncryptedSharedPreferences (PocketStack); both use hardware-backed encryption where the device supports it
  • App lock PIN — PBKDF2 hashed and stored in the iOS Keychain (PocketForge) or EncryptedSharedPreferences (PocketStack)
  • Biometric authentication — managed entirely by iOS LAContext (PocketForge) or AndroidX BiometricPrompt (PocketStack); no biometric data is stored by the app
  • Cached infrastructure data (VMs, hosts, alerts, metrics) — held in memory only and discarded when the app is closed

3. Information We Do NOT Collect

PocketForge does not include any analytics, telemetry, crash reporting, or advertising SDKs. We do not collect:

  • Usage analytics, behavioral data, or app interaction history
  • Location data
  • Contacts, health data, photos, or browsing history
  • Advertising identifiers
  • Crash reports or device diagnostics

4. Infrastructure Data

When you use PocketForge to monitor or manage your hypervisor environments, your device communicates directly with your servers over HTTPS. Infrastructure data (VM lists, host metrics, alerts, power actions) travels directly between your device and your servers. WeaveHub does not proxy, intercept, log, or have any access to this traffic.

5. Third-Party Services

The apps interact with the following third-party services:

iOS (PocketForge):

  • Sign in with Apple — for trial activation identity verification
  • Apple App Store / StoreKit — for subscription purchases and management
  • WeaveHub Licensing Server (licensing.weavehub.app) — for trial eligibility checks and subscription verification

Android (PocketStack):

  • Firebase Authentication (Google LLC) — for email/password and Google Sign-In account management. Firebase project pocketforge-7ccf6. Receives your email address, hashed password, and Firebase UID.
  • Google Play Billing (Google LLC) — for subscription purchases and management
  • RevenueCat (RevenueCat, Inc.) — for cross-platform subscription state, entitlement management, and billing event handling. Receives your Firebase UID and the Play Store purchase token.
  • Google Credential Manager — for Google Sign-In flow (handled entirely by Android system services)

Both platforms:

  • WeaveHub email services — product update and feature announcement email delivery. Receives your email address and first name only; does not receive credentials or app data.

Neither PocketForge nor PocketStack integrates with any analytics, advertising, or crash-reporting third-party services.

5a. Communications

When you create a PocketForge account or start a free trial, your email address may be used to send you:

  • Transactional emails: Account confirmations, security notices, and service disruption notices. These are required for the operation of the Service and cannot be opted out of.
  • Product communications: Feature announcements, product updates, and other information about PocketForge. You may opt out of these communications at any time by clicking the “unsubscribe” link included in every such email, or by contacting us.

We do not sell, rent, or share your email address with third parties for their own marketing purposes.

6. Data Retention

  • Apple User ID: Retained while your relationship with the service is active, plus 12 months after last use, then deleted.
  • Subscription verification records: Retained for the duration of your subscription plus 90 days, or as required for financial record-keeping.
  • On-device data: Deleted when you remove profiles within the app or uninstall PocketForge.

7. Your Rights

GDPR (EU/EEA/UK)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the right to access, rectify, erase, restrict processing of, and port your personal data. To exercise these rights, contact us at Contact Us.

CCPA (California)

California residents have the right to know what personal information we collect, request deletion, and opt out of any sale of personal information. WeaveHub does not sell personal information. Categories of personal information collected: identifiers (Apple User ID) and commercial information (subscription status). To exercise these rights, contact us at Contact Us.

Marketing Communications

You may opt out of product communications at any time by clicking the “unsubscribe” link in any email, or by contacting us. Opting out does not affect transactional emails required for the operation of the Service.

8. Data Security

We implement appropriate technical measures to protect the limited information we process:

  • Server credentials are stored in the iOS Keychain (PocketForge) or Android Keystore-backed EncryptedSharedPreferences (PocketStack); both use hardware-backed encryption where supported
  • All network communication uses TLS encryption
  • Subscription verification uses cryptographic signature validation of Apple’s JWS tokens (iOS) or RevenueCat-managed receipt validation against Google Play (Android)
  • Firebase authentication tokens (Android) are validated against Google’s public keys; tokens are short-lived and refreshed automatically
  • App lock PINs are hashed with PBKDF2 and a random salt before storage

9. Children’s Privacy

PocketForge is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided information to us, please contact us and we will take steps to delete such information.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the “Last Updated” date at the top of this page. Your continued use of PocketForge after changes become effective constitutes acceptance of the revised policy.

11. Trademarks & Affiliation

Nutanix, Prism, and Prism Central are trademarks of Nutanix, Inc. VMware, vSphere, and vCenter are trademarks of Broadcom Inc. Proxmox and Proxmox VE are trademarks of Proxmox Server Solutions GmbH. Apple, App Store, iOS, Sign in with Apple, and StoreKit are trademarks of Apple Inc. Google, Android, Google Play, Google Sign-In, Firebase, and Google Play Billing are trademarks of Google LLC.

PocketForge and PocketStack are independent third-party management clients. They are not affiliated with, endorsed by, or sponsored by Nutanix Inc., Broadcom Inc. (VMware), Proxmox Server Solutions GmbH, Apple Inc., or Google LLC. References to those companies’ products and trademarks within these apps and on this page are descriptive nominative use for purposes of identifying compatibility and platform integration.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

WeaveHub Technologies LLC
Email: Contact Us