diff --git a/releases/v2.5.0/TESTFLIGHT_CHECKLIST.md b/releases/v2.5.0/TESTFLIGHT_CHECKLIST.md
new file mode 100644
index 0000000..d614b84
--- /dev/null
+++ b/releases/v2.5.0/TESTFLIGHT_CHECKLIST.md
@@ -0,0 +1,103 @@
+# v2.5 TestFlight submission checklist
+
+Pre-flight steps to take ScarfGo to public TestFlight. Order matters — Apple review wants the privacy URL to resolve at submission time, and the build needs to upload before review can start.
+
+## 0. Apple Developer Program prerequisites
+
+- Apple Developer Program enrollment active (team `3Q6X2L86C4`).
+- iOS Distribution certificate in login Keychain (`Apple Distribution: Alan Wizemann`).
+- App Store provisioning profile for the iOS bundle ID (auto-managed in Xcode is fine).
+- App Store Connect access for the team.
+
+## 1. Privacy policy live
+
+- [ ] Copy `scarf/docs/PRIVACY_POLICY.md` content into `.gh-pages-worktree/privacy/index.html` (wrap in minimal HTML, or leave as Markdown if GitHub Pages renders Markdown — GitHub Pages with Jekyll does).
+- [ ] `cd .gh-pages-worktree && git add privacy/index.html && git commit -m "docs(privacy): publish v2.5 policy" && git push`
+- [ ] Verify https://awizemann.github.io/scarf/privacy/ resolves (give it ~1 min after push).
+
+The privacy URL is required by App Store Connect before submitting for Beta App Review. Without it the submission button is disabled.
+
+## 2. Xcode target configuration
+
+Open `scarf/scarf.xcodeproj`, select the `scarf mobile` target.
+
+- [ ] Signing & Capabilities → "Automatically manage signing" ON, team set to `3Q6X2L86C4`.
+- [ ] Capabilities present: Keychain Sharing only. **Push Notifications stays OFF** — `NotificationRouter.apnsEnabled = false` and the entitlement is absent. Match the two: enable both later together.
+- [ ] Info.plist sanity:
+  - Bundle Identifier matches App Store Connect record.
+  - `LSApplicationCategoryType = public.app-category.developer-tools`.
+  - `NSAppTransportSecurity` allows the SSH ports the app dials? — N/A for SSH (raw TCP); ATS only governs HTTPS. Skip.
+
+## 3. Version bump
+
+The version bump runs automatically via `./scripts/release.sh 2.5.0` in Phase G. Do NOT bump `MARKETING_VERSION` / `CURRENT_PROJECT_VERSION` manually before that — the script writes the version commit and reads `CURRENT_PROJECT_VERSION` to compute the next build number.
+
+## 4. Archive + upload
+
+- [ ] Xcode → Product → Scheme → `scarf mobile`.
+- [ ] Destination → "Any iOS Device (arm64)".
+- [ ] Product → Archive. Wait for build (~3-5 min).
+- [ ] Organizer opens automatically. Select the archive → Distribute App.
+- [ ] Distribution method: **App Store Connect**.
+- [ ] Destination: **Upload**.
+- [ ] Distribution options: leave defaults (manage versioning automatically; include bitcode if offered = N/A on Xcode 14+; strip Swift symbols ON).
+- [ ] Re-sign: automatic.
+- [ ] Upload. Apple processes the binary (~5-15 min); App Store Connect emails when ready.
+
+## 5. App Store Connect metadata (TestFlight tab)
+
+Once the binary is processed:
+
+- [ ] **App information** (one-time, persists across builds):
+  - Subtitle: "On-the-go Hermes companion"
+  - Privacy policy URL: https://awizemann.github.io/scarf/privacy/
+  - Category: Developer Tools
+  - Age rating: 4+ (no restricted content)
+- [ ] **Test information** (per-build is fine, persists if not changed):
+  - Beta App Description (paragraph): see "Beta description copy" below.
+  - Email: alan@wizemann.com
+  - Beta App Review information: account credentials only if the app required them — N/A (BYO Hermes host).
+  - Marketing URL (optional): https://github.com/awizemann/scarf
+- [ ] **What to test** (per-build):
+  ```
+  v2.5.0 — first public TestFlight build of ScarfGo. Try connecting to a
+  Hermes host (you'll need an SSH-reachable Hermes install). Test:
+  - Onboarding + Add a second server
+  - Project-scoped chat
+  - Session resume from Dashboard
+  - Sessions tab project filter
+  - Forget a server / re-onboard
+  Known limitations: no push, no in-app Settings editor, English only.
+  Report issues via TestFlight feedback.
+  ```
+
+### Beta description copy
+
+> ScarfGo is the iOS companion to Scarf, the Mac client for the Hermes AI agent. Connect to a Hermes server you operate (Mac, Linux, or any SSH-reachable host) and run sessions, browse memory, manage cron jobs, and resume conversations from your phone. All data stays between your device and your Hermes host — no developer servers in between.
+
+## 6. Submit for Beta App Review
+
+- [ ] TestFlight tab → External Testers → Add a public group called "Public Beta".
+- [ ] Add the new build to the group.
+- [ ] Click **Submit for Review**.
+- [ ] Apple's Beta Review queue is typically 24-48h.
+
+## 7. After approval
+
+- [ ] Apple issues a public TestFlight URL (`https://testflight.apple.com/join/XXXXXX`).
+- [ ] Record the URL — needed in Phases E (wiki ScarfGo page) and F (README v2.5 section).
+- [ ] **DO NOT** publicize it yet. Update wiki + README in branches first; the user (Alan) decides when to push live.
+
+## Rollback
+
+If a build breaks on TestFlight:
+
+- [ ] Disable the build in App Store Connect → TestFlight → Builds → Expire.
+- [ ] Fix the bug, archive a new build with the same `MARKETING_VERSION` (Apple requires the build number — `CURRENT_PROJECT_VERSION` — to monotonically increase).
+- [ ] Upload + add to Public Beta group + submit if Apple flagged the prior build for re-review.
+
+## Open items / future TestFlight builds
+
+- **Push notifications** — flip `NotificationRouter.apnsEnabled = true` simultaneously with: enabling the Push Notifications capability, generating an APNs auth key, deploying the Hermes-side push sender. Stops being a no-op only when all three exist.
+- **iPad support** — `.tabViewStyle(.sidebarAdaptable)` is wired but iPad layout hasn't been smoke-tested. Probably free, but verify before flipping the iPad flag in the target.
+- **Localization** — English only for v1. Mac ships 7 languages; iOS strings are extracted but no translations.
diff --git a/scarf/docs/PRIVACY_POLICY.md b/scarf/docs/PRIVACY_POLICY.md
new file mode 100644
index 0000000..9498c1a
--- /dev/null
+++ b/scarf/docs/PRIVACY_POLICY.md
@@ -0,0 +1,78 @@
+# ScarfGo & Scarf — Privacy Policy
+
+_Last updated: 2026-04-25._
+
+## Plain summary
+
+Scarf and ScarfGo are companion clients for the open-source [Hermes AI agent](https://github.com/awizemann/hermes-agent). Both apps connect from your device to a Hermes host you (or your team) operate. **Neither app collects, transmits, or stores your data on any server controlled by the developer.** All data the apps work with stays on your device or on Hermes hosts you configured yourself.
+
+## Apps covered
+
+- **Scarf** — macOS desktop client. Distributed via direct download (Sparkle) and built-in auto-update.
+- **ScarfGo** — iOS companion. Distributed via TestFlight (and, in future, the App Store).
+
+## What data the apps access
+
+### On your device
+
+- **SSH credentials.** ScarfGo generates and stores an SSH private key in the iOS Keychain (`kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly`, never iCloud-synced). Used solely to authenticate with Hermes hosts you configure. Scarf reads SSH keys from `~/.ssh/` like any other SSH client.
+- **Server configuration.** Host, user, port, nickname, and an optional remote `~/.hermes` path. Stored in `UserDefaults` (ScarfGo) or the standard app container (Scarf). Never transmitted off-device except as the destination address of your own SSH connections.
+- **Hermes state cache.** When you tap a session or open the Dashboard, the app downloads a snapshot of `~/.hermes/state.db` from your Hermes host over SFTP and reads it locally. Cached on-device temporarily for performance; cleared when the app is force-quit or the OS reclaims storage.
+- **Project registry + session attribution sidecar.** Scarf and ScarfGo read (and write, when you opt in) two JSON sidecar files on the Hermes host: `~/.hermes/scarf/projects.json` and `~/.hermes/scarf/session_project_map.json`. These describe the projects you've registered and which Hermes sessions belong to which project. Owned by you on your Hermes host.
+
+### On Hermes hosts you configure
+
+Same as the [Hermes agent privacy policy](https://hermes-agent.nousresearch.com/) (or whoever operates your Hermes deployment). The apps do not introduce any new server-side data collection.
+
+## What data the apps DO NOT collect
+
+- **No analytics.** No event tracking, no crash analytics, no performance metrics sent to any third party. Crash logs stay on-device unless you choose to share them with Apple via the standard iOS / macOS reporting flows.
+- **No telemetry.** No "improve our product" beacons, no version-pinging, no install counters.
+- **No ads or ad identifiers.** The `IDFA` / `IDFV` are not read or transmitted.
+- **No cloud accounts.** There's no "Sign in with Scarf" — the apps only know about Hermes hosts you give them SSH access to.
+- **No iCloud Keychain sync.** SSH keys are explicitly marked `ThisDeviceOnly` so they don't propagate.
+
+## Network connections the apps make
+
+- **SSH connections** to Hermes hosts you configured (port 22 by default; user-configurable). All Hermes data flows over these.
+- **HTTPS to GitHub** for Sparkle's update check (Scarf only) and to fetch the public template catalog (`https://awizemann.github.io/scarf/templates/`). No personally identifying headers; cacheable.
+- **HTTPS to models.dev** when Hermes refreshes its model catalog cache. Initiated by Hermes, not the apps directly.
+
+That's the complete list. The apps make no other network requests.
+
+## Push notifications
+
+ScarfGo includes a push-notification skeleton for future use — pending permissions on a remote agent run. **The Push Notifications capability is disabled in shipping builds** (gated by an internal `apnsEnabled = false` flag) until Apple Developer Program enrollment + a Hermes-side push sender land. No device tokens are registered with Apple's APNs servers in current builds.
+
+When push lands, only the device token will be transmitted, and only to the Hermes host you authorize (so it can address pushes back to your phone). Apple's APNs infrastructure will route the actual push payload, but the developer never sees it.
+
+## TestFlight beta program
+
+If you join the ScarfGo beta via TestFlight, Apple shares anonymized crash reports + the email you used to redeem the invite with the developer. Apple's standard [TestFlight terms](https://www.apple.com/legal/internet-services/itunes/testflight/) apply to that data — out of scope for this policy.
+
+## Security
+
+- iOS Keychain storage uses `kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly` so credentials are unreachable while the device is locked and never synced to iCloud.
+- SSH connections use the same protocol stack as `ssh(1)` — strict host-key verification on first connect, key-based auth (no passwords are sent over the wire), and Citadel's pure-Swift implementation on iOS.
+- The macOS app is sandboxed where possible and notarized via Apple's standard Developer ID flow.
+
+## Children's privacy
+
+Neither app is directed at children under 13 and we do not knowingly collect any data from them.
+
+## Your rights
+
+Because we don't collect any data on developer-controlled servers, there is nothing for you to opt out of, request deletion of, or export. To remove all app-stored data from your device:
+
+- **ScarfGo**: delete the app. iOS purges the Keychain group + app container.
+- **Scarf**: delete the app and the `~/Library/Containers/com.scarf` directory (the app is sandboxed; this is the only on-disk data).
+
+Your Hermes host's data (`~/.hermes/`) stays untouched — that's yours to manage.
+
+## Contact
+
+Questions, concerns, or notice of a security issue: [alan@wizemann.com](mailto:alan@wizemann.com).
+
+## Changes
+
+Material changes to this policy will be announced on the [Scarf wiki](https://github.com/awizemann/scarf/wiki) and recorded here with a new "Last updated" date. Beta testers will see a TestFlight build note when policy changes affect data handling.