Is Maccy safe? Privacy & security review 2026
A clipboard manager sees everything you copy — so “is it safe?” is the right question to ask. Here is an honest privacy and security review of Maccy, including the parts people worry about.
Where your clipboard data lives
Maccy keeps your history in a local database on your Mac (~/Library/Application Support/Maccy) and its settings in a preferences file. Nothing is uploaded to a Maccy server — there is no Maccy server that receives clipboard data. This “local-first” design is the single most important security property of a clipboard manager.
No telemetry, no tracking
The app contains no analytics SDK, no crash-reporting service, and no advertising identifiers. It does not phone home with what you copy or how you use it. Because the code is public, this is not a marketing claim you have to take on faith.
Does Maccy capture passwords?
By default, no. macOS lets apps mark clipboard items as transient or concealed, and password managers such as 1Password, Bitwarden, and Apple Passwords use these flags. Maccy honours them and skips those entries, so copied credentials are not stored in your history. More detail in does Maccy see your passwords and Maccy + 1Password / Bitwarden compatibility.
Why does it need Accessibility permission?
Maccy asks for Accessibility access for one reason: to paste the selected item into the app you are using by simulating the paste keystroke. It does not use this permission to watch your screen or log your activity. You can verify exactly what it does in the source. If you decline the permission, Maccy still works — it just copies to the clipboard instead of auto-pasting.
What about iCloud sync?
iCloud sync is off unless you turn it on. When enabled, it syncs pinned items between your own Apple devices through Apple’s encrypted iCloud; the developer never sees that data. If you prefer everything to stay on one machine, simply leave sync off. See iCloud sync vs local storage.
The open-source advantage
Closed-source clipboard managers ask you to trust their privacy promises. Maccy lets you check them: the full source is on GitHub under the MIT license, so security researchers, your IT team, or you can audit precisely how clipboard data is handled. For sensitive environments, that auditability is decisive — see most secure clipboard manager for Mac.
Hardening tips
- Add sensitive apps (banking, 2FA, VPN) to the ignore list in Settings → Ignore.
- Set a history size limit so old clips are purged automatically.
- Leave iCloud sync off if you do not need cross-Mac pins.
Read the full privacy policy for the complete picture.
Privacy audit: where does your clipboard data go?
With default settings, Maccy stores clipboard history in an SQLite database at ~/Library/Application Support/Maccy/Maccy.sqlite. This file is:
- On your local Mac only
- Not sent to any Maccy server (there are no Maccy servers — it is open source with no backend)
- Not sent to Apple except when you explicitly enable iCloud sync
- Not accessible to other apps (macOS sandboxing applies)
- Protected by your Mac's user account permissions
Network traffic audit
Maccy makes zero network connections during normal operation. You can verify this with Little Snitch or the built-in macOS Firewall. The app's only network activity:
- Update checks: a single GET request to check for new versions (can be disabled)
- iCloud sync: only when you explicitly enable it in Preferences
No telemetry. No crash reporting to external servers. No analytics. The source code confirms this.
What Maccy can and cannot access
Can access:
- Clipboard contents (that is the entire purpose — you granted this by installing it)
- The ability to paste into other apps (requires Accessibility permission)
Cannot access:
- Screen content of other apps
- Keystrokes or keyboard input
- Files on your disk (does not have Full Disk Access)
- Contacts, calendar, or other sensitive data stores
- Network without your explicit configuration
Password manager safety
1Password, Bitwarden, Dashlane, and macOS Keychain are on Maccy's default ignore list. Passwords copied from these apps are never stored in Maccy history. This is verified in the open-source code and testable manually. See full explanation.
iCloud sync privacy considerations
When iCloud sync is enabled, your clipboard history is stored on Apple's iCloud servers. It is encrypted in transit (TLS) and at rest (Apple's standard iCloud encryption). Apple's privacy policy applies. For users with HIPAA, GDPR, or other regulatory requirements, evaluate whether clipboard data in iCloud meets your compliance needs.
For maximum privacy: keep iCloud sync disabled (the default). Your history stays entirely on your local Mac.
Enterprise security review
For IT teams reviewing Maccy before organisational deployment:
- Source code: github.com/p0deje/Maccy — fully auditable
- Binary is Apple-signed and notarised — verifiable with
spctl -a /Applications/Maccy.app - No licence server, no telemetry endpoint, no required internet access
- Deployable via Homebrew Cask or MDM with configurable defaults
- Ignore list pushable via
defaults write com.p0deje.Maccy
See the enterprise deployment guide.