Security

How Rerun protects your data

Security by design: Rerun is built with a local-first architecture. Your recordings and data never leave your Mac, eliminating entire categories of security risks associated with cloud services.

Local-First Architecture

Rerun's security model is fundamentally different from cloud-based alternatives. By keeping everything on your device, we eliminate risks like:

  • Data breaches from server compromises
  • Man-in-the-middle attacks during data transmission
  • Unauthorized access by service employees
  • Government data requests or subpoenas
  • Account hijacking or credential theft

No Cloud Storage

All screen recordings and OCR data are stored locally in your Mac's Application Support directory. We don't operate servers that could be compromised.

On-Device Processing

OCR and AI processing happen entirely on your Mac using Apple's Vision and Core ML frameworks. No data is sent to external APIs.

macOS Security

Rerun leverages macOS's built-in security features including sandboxing, App Transport Security, and the Secure Enclave where applicable.

Transparent Operation

Rerun only captures what's on your screen. It doesn't access files, keystrokes, or any data beyond what you see displayed.

Data Storage Security

Your Rerun data is stored in:

~/Library/Application Support/Rerun/

This directory contains:

  • Recordings: HEVC video files of captured screen content
  • Database: SQLite database with OCR text and metadata
  • Settings: Your application preferences

This data is protected by macOS file system permissions and is only accessible to your user account. If you enable FileVault (full-disk encryption), your Rerun data is encrypted at rest.

Network Security

Rerun makes minimal network connections:

  • Update checks: Periodic checks for new app versions (can be disabled)
  • Crash reports: Optional anonymous crash reporting to help improve stability

Recordings, OCR data, and search queries are never transmitted over the network.

Permission Model

Rerun requires explicit macOS permissions to function:

  • Screen Recording: Required for recording your screen. macOS will prompt you to grant this permission, and you can revoke it at any time in System Settings.
  • Accessibility (optional): May be requested for enhanced window detection features.

These permissions are enforced by macOS at the system level. Rerun cannot bypass them, and you have full control over granting or revoking access.

Data Deletion

You have complete control over your data:

  • Delete individual recordings from within the app
  • Clear all data using the app's settings
  • Manually delete the Application Support folder
  • Uninstall the app to remove all associated data

When data is deleted, it's removed from your local storage. Since we don't have copies of your data, deletion is permanent and complete.

Reporting Security Issues

If you discover a security vulnerability in Rerun, please report it responsibly:

  • Email us at hello@usererun.com with details of the vulnerability
  • Provide detailed information about the vulnerability and steps to reproduce
  • Allow reasonable time for us to address the issue before public disclosure

We appreciate security researchers who help keep Rerun and our users safe.

Best Practices

To maximize your security while using Rerun:

  • Enable FileVault: Encrypt your Mac's storage to protect Rerun data at rest
  • Use a strong login password: Your macOS account password protects access to Rerun data
  • Keep macOS updated: Security patches protect the system Rerun runs on
  • Review captured content: Periodically review and delete sensitive recordings you no longer need
  • Exclude sensitive apps: Use Rerun's exclusion settings to prevent capture of specific applications