The Privacy Policy doesn't really distinguish from user information like Name & Email versus data transferred by the product, and since it allows for business transfers of this data, it's troubling. There's also no data retention policy, so the things you quickly copy & paste may be retained forever.
On the tech level, there's no information on the type of encryption used and on which levels it's implemented. Of course, it'd be magical for this all to happen without the 'cloud' roundtrip and with zeroconf or something similar, but we all know how tricky that kind of tech can be to do smoothly.
Just wanted to add:
The document that applies to the actual DeskConnect service is our Terms of Service, which is unfortunately overly broad because we don't want to get sued because we left something out. I just read the legal mumbo jumbo for the first time in a while, and it's not great. For example, we require that you give us the right to "use, modify, reproduce, distribute, display, publish and perform Your Content for operational purposes of the Service," because technically converting file formats for compatibility constitutes "modifying" your data, uploading data to our server constitutes "using," "reproducing," and "distributing" it and showing you your own data may constitute "displaying", "publishing", and "performing" it. This really sucks and is absolutely ridiculous, and I'd like to see how we can make these terms more restrictive to better reflect the service.