Privacy Policy

MUD (“Managed UR Device”) is a remote-control and device-management service operated by FurtherGrow Technologies. This policy covers the MUD website (mud.furthergrow.com), the MUD desktop apps, and the MUD Android app. The data controller is FurtherGrow Technologies; contact mud.furthergrow@gmail.com.

• Account data — email, full name, organization name (if provided), country, hashed password.
• Billing data — handled by PayU. We store a payment/order reference, plan, amount, currency and status. We never see or store your card, UPI or bank credentials.
• Device data — for devices you register or share: hostname, OS, CPU architecture, app/agent version, last public IP, last tunnel domain, and last-seen timestamp.
• Usage data — session start/stop times and counts, to enforce plan limits.
• Audit logs — signups, logins, license activations, device registrations, plan changes, tunnel changes, account deletions and admin actions.
• Support data — anything you include when you email us.

Your remote sessions run directly between your devices over each host’s own end-to-end encrypted tunnel. Screen frames, keystrokes, mouse input, typed text, file contents and clipboard data are never sent to or stored on our servers. The central service only stores the host’s public address and the encrypted credentials a client needs to connect — it never sees what’s on your screen.

The MUD Android app requests these permissions only for the feature noted, only while you use it, and only after you grant them:

• Screen capture (MediaProjection) — to share this device’s screen when you turn on Host Mode. Frames go only to the people you’ve authorized, over the tunnel.
• Accessibility service — to inject the remote taps/swipes/keystrokes a viewer sends, so they can actually control the device. Input is one-way and not recorded.
• Notifications — to show the persistent “Remote access is on” notice while sharing (required and user-visible — no hidden background control).
• Foreground service — to keep the secure tunnel alive while the screen is off.

To provide and secure the service, authenticate you, enforce plan and device limits, process payments, deliver transactional email, detect and prevent abuse, and respond to support requests. We do not use your data for advertising and we do not sell it.

Paid plans are processed by PayU, our payment gateway. When you pay, you’re redirected to PayU and your card/UPI/netbanking details are entered on PayU’s systems — FurtherGrow never receives them. PayU shares back only a transaction reference and status, which we use to activate your plan and keep billing records. PayU processes your payment data under its own privacy policy.

• PayU — payment processing for paid plans.
• Cloudflare — managed tunnels that carry the encrypted connection to your shared devices.
• Google (Gmail API) — delivery of verification, password-reset and account emails.
• Cloud hosting provider — application and database hosting.

Passwords are hashed with Argon2. Sessions use signed JWTs. Connections are TLS-encrypted and remote sessions are end-to-end encrypted through per-host tunnels. Stored host credentials are encrypted at rest. Access to production systems is restricted and audited.

Account and device data are retained while your account is active. When you delete your account (Section 10), your personal data is erased promptly; security/billing audit records are retained in anonymized form (no personal data) for the period required by law.

You can access, correct, export or delete your data. You can permanently delete your account and all associated data yourself — no email required — at:

Deleting removes your profile, devices, hosts, licenses, managed tunnels, subscription and payment records. You can also email mud.furthergrow@gmail.com for any data request; we respond within 30 days.

MUD is not directed to children under 16 and we do not knowingly collect their data. If you believe a child has provided us data, contact us and we’ll delete it.

We and our sub-processors may process data in countries other than yours. Where required, transfers are protected by appropriate safeguards.

We use first-party cookies / sessionStorage only for authentication. We do not use third-party advertising or tracking cookies.

We’ll post any changes to this policy here and update the effective date. Questions or privacy requests: mud.furthergrow@gmail.com.