Inspect is a certificate inspection app for iPhone, iPad, and Mac. This policy explains what information the app handles and how that information is used.

Information Inspect Processes

When you use Inspect, the app may process:

  • Host names or HTTPS URLs that you enter manually or send from the share sheet.
  • Certificate chain data returned by the server you choose to inspect.
  • TLS handshake metadata (SNI, certificate chains) passively observed by Live Monitor when enabled.
  • Recent lookup entries and Live Monitor observations stored locally on your device.
  • Certificate files you choose to export or share.

How Inspect Uses This Information

  • To open a TLS connection to the host you selected and capture the presented certificate chain.
  • To passively observe TLS handshakes when Live Monitor is enabled, without intercepting or modifying traffic.
  • To evaluate server trust and display certificate details and security findings in the app.
  • To keep a small recent-history list and Live Monitor observations on your device for convenience.
  • To generate a temporary certificate file only when you choose to export or share a certificate.

Data Storage

Inspect stores recent lookups locally on your device using Apple's system storage APIs. Exported certificates are written to a temporary file on-device only when you ask the app to export or share one.

Network Requests

Inspect connects to the HTTPS endpoint that you choose to inspect. Those requests go directly from your device to that endpoint so the app can capture the certificate chain and trust result.

When Live Monitor is enabled, a local packet tunnel observes TLS handshakes from your device's traffic. The tunnel only reads handshake metadata and does not intercept, decrypt, or modify any traffic. All observations stay on your device.

To show favicons next to recent items, the app may request an icon from Google's favicon service using the host name of the recent item. If you do not use recent items, that request is not needed.

Data Collection and Tracking

Inspect does not require user accounts and does not include advertising SDKs, analytics SDKs, or third-party tracking code operated by the developer.

Data Sharing

The developer does not receive your inspection history, certificate contents, or exported files through a developer-operated backend service. Information is only sent to third parties as part of the network behavior you initiate in the app, such as connecting to a host you entered or loading a favicon for a recent item.

Your Choices

  • You can clear recent lookups and Live Monitor history inside the app.
  • You can enable or disable Live Monitor at any time.
  • You can choose not to export or share certificates.
  • You can stop using the app at any time and remove it from your device.

Contact

If you have privacy questions, contact hi@hewig.dev.