Privacy Policy

        The short version: DECK stores your cards on your device and syncs them via your private iCloud account. We never see your data. We use anonymized analytics (PostHog, EU) and never sell anything. Payments are handled entirely by Apple — we never see card details.
      

1. Who We Are

DECK is developed and published by Jamie Newman ("we", "us", "our"). If you have any questions about this policy, contact us at contact@jamie-newman.com.

2. Data We Collect

Your cards & decks

The content of every card you create (task text, creation date)
Card state — active, deferred, completed, dropped — and the associated timestamps
Defer counts and the full event history for each card (created, deferred, undeferred, moved, completed, dropped)
Deck names and ordering (Pro)

This data lives in SwiftData on your device and syncs through your private CloudKit database on your Apple ID. We, the developers, cannot access it.

Subscription data

Subscription status and entitlement information managed by RevenueCat
A pseudonymous user ID generated by RevenueCat to link your purchase to the app
We do not store or process payment card details — all payments are handled by the Apple App Store

Usage analytics

Anonymized usage events (e.g. screens opened, features used, conversion funnels) via PostHog, processed in the EU
No card content, deck names, or personally identifiable information is ever included in analytics events

3. How We Use Your Data

To provide the core mechanic — showing, adding, deferring, completing, and dropping cards
To sync your decks across your iPhone via your private iCloud account
To manage your subscription and restore purchases via RevenueCat
To run on-device defer analytics, clustering, and the Graveyard (Pro)
To improve the App through anonymized usage analytics

4. Data Storage & Security

All your cards, decks, and event history are stored locally on your device using SwiftData. The App works fully offline without an account.

Sync uses Apple's CloudKit service on your own private iCloud database. Data is transmitted over TLS and stored in your Apple-managed iCloud container. The developer has no access to this data — only you, via your Apple ID, do.

DECK never runs its own backend for your card data. There is no third-party server holding the contents of your deck.

5. On-device intelligence

Pro users with a compatible device see a "What you're avoiding" section in defer analytics that groups high-defer cards into named themes. This clustering runs entirely on-device using Apple's Foundation Models framework. Card content is never transmitted off the device for this purpose, and results are not persisted — the grouping is recomputed each time the view opens.

6. Third-Party Services

The App uses the following third-party services:

Apple iCloud / CloudKit — private sync across your own devices
RevenueCat — subscription and purchase management
PostHog (EU region) — anonymized usage analytics

Each service operates under its own privacy policy. We encourage you to review their policies.

7. Data Sharing

We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes. Your card data is never shared with anyone — it lives in your private CloudKit database only.

8. Notifications

DECK does not send push notifications. Not for deferred cards returning, not for daily reminders, not for anything. The App is pull, not push. We do not request or use the notification permission.

9. Your Rights & Data Deletion

You can wipe all your cards, decks, and event history at any time from Settings > Data > Wipe all data. Deletion propagates through CloudKit to your other devices.
Uninstalling the App removes all locally stored data from that device. Data on other signed-in devices remains until you wipe it there.
To delete iCloud data globally, sign out of iCloud or remove DECK's data from iPhone Settings > Apple ID > iCloud > Manage Account Storage > DECK.
You can request a copy of any data we hold (analytics, subscription) by contacting us (see below).

If you are located in the EEA or UK and have questions about your rights under GDPR, or if you are a California resident with questions about your rights under CCPA, please contact us at the address below. We will respond within 30 days.

10. Children's Privacy

The App is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us so we can delete it.

11. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated effective date. Continued use of the App after changes constitutes acceptance of the updated policy.

12. Contact

Questions or concerns about this privacy policy? Please reach out:

Email: contact@jamie-newman.com