← Gratitude First

Privacy Policy

Introduction

Gratitude First is a gratitude journaling app built by an independent developer. This Privacy Policy explains what data the app collects, how it is used, and how it is protected.

The short version: Your journal entries stay on your device and in your private iCloud account. I cannot read them. I do not sell your data. I collect only the minimum information needed to keep the app working and improving.

By using Gratitude First, you agree to the data practices described in this policy. If you do not agree, please do not use the app.

1. Data I Do Not Collect

It is just as important to understand what Gratitude First does not collect:

2. Data I Do Collect

Gratitude First collects a limited set of data to provide, maintain, and improve the app. Here is a complete list:

2.1 Anonymous Device Identifier

When you first open Gratitude First, the app generates a random, anonymous identifier (a UUID). This ID is not linked to your Apple ID, your name, or any other personal information. It is used to:

This identifier is stored only on your device. It is not backed up to iCloud and cannot be used to identify you personally. Each device generates its own independent ID.

2.2 Behavioral Analytics

I use PostHog, a privacy-focused analytics service, to understand how people use Gratitude First. The data collected includes:

Analytics never include your journal text, mood selections, prompt responses, or any content you write. PostHog receives only behavioral events tied to the anonymous device identifier described above.

2.3 Crash & Error Reports

I use Sentry to collect crash reports and error data. This helps me identify and fix bugs. Crash reports may include:

Crash reports do not include your journal entries, personal information, or any content you write in the app.

2.4 Subscription & Purchase Data

All purchases are processed by Apple through StoreKit. I do not see or store your payment method, billing address, or Apple ID. Superwall, which manages the paywall experience, receives limited subscription status data (whether a trial is active, whether a subscription is current) to determine which features to unlock. Superwall does not receive your journal content or personal information.

2.5 Feature Flags

PostHog is also used to deliver feature flags, which allow me to test different onboarding flows and feature configurations. Feature flag evaluation is based on the anonymous device identifier. No personal data is used for targeting.

3. Data Stored on Your Device

The following data is stored locally on your device using Apple's SwiftData framework:

All on-device data is encrypted at rest by iOS Data Protection (NSFileProtectionComplete) and is inaccessible when your device is locked.

4. iCloud Backup

If iCloud is enabled on your device, Gratitude First syncs your journal entries, streak record, and settings to and from your private iCloud container (CloudKit), so your journal follows you across your devices and after reinstalling. This sync:

Blocked app tokens are NOT backed up because Apple's FamilyControls tokens are device-specific and do not transfer between devices. You will need to re-select your locked apps on a new device.

If iCloud is disabled, your data exists only on your device. I strongly recommend keeping iCloud enabled to protect against data loss.

5. Third-Party Services

Gratitude First uses the following third-party services. Each receives only the minimum data necessary for its function:

None of these services receive your journal entries, mood data, or prompt responses.

Each service has its own privacy policy. I encourage you to review them if you wish to understand their data practices in detail.

6. How Your Data Is Protected

7. FamilyControls & Screen Time

Gratitude First uses Apple's FamilyControls framework in "individual" (self-management) mode to enable the app-locking feature. This means:

8. Children's Privacy

Gratitude First is intended for users aged 13 and older. I do not knowingly collect personal information from children under 13. If you believe a child under 13 is using the app, please contact me and I will take appropriate steps.

Users between 13 and 18 should have the consent of a parent or legal guardian before using the app.

9. Data Retention & Deletion

9.1 On-Device Data

Your journal entries, streak data, and settings remain on your device for as long as the app is installed. If you delete the app, all locally stored data is permanently removed by iOS.

9.2 iCloud Data

Data backed up to your private iCloud container persists until you either delete it through iCloud settings or delete your iCloud account. I do not have access to your iCloud data and cannot delete it on your behalf.

9.3 Analytics Data

Anonymized analytics events stored in PostHog and crash data in Sentry are retained for a reasonable period for product improvement purposes. Because this data is tied only to an anonymous device identifier and contains no personal information or journal content, it cannot be linked back to you.

9.4 Requesting Deletion

If you would like to request deletion of any data associated with your anonymous device identifier from third-party services, please contact me at the email address listed below. I will process your request within a reasonable timeframe.

10. Future Features & Data Handling

As of this version, your gratitude journal text is stored exclusively on your device and in your private iCloud container. It is never transmitted to external servers.

In the future, Gratitude First may introduce optional premium features (such as AI-powered insights or personalized analysis) that would require portions of your journal data to be processed by third-party services. If and when such features are introduced:

Your journal is yours. That will not change without your clear, informed permission.

11. Your Rights

Depending on where you live, you may have certain rights regarding your personal data, including the right to access, correct, delete, or restrict the processing of your data. Because Gratitude First collects minimal data and does not maintain user accounts, most of your data is already under your direct control on your device.

If you have questions about your rights or wish to make a data-related request, please contact me at the email address below. I will respond within a reasonable timeframe.

12. Changes to This Policy

I may update this Privacy Policy from time to time to reflect changes in the app or in applicable laws. If I make material changes — especially any changes to how your data is collected, stored, or shared — I will notify you through the app and, where required, obtain your consent before the changes take effect.

The effective date at the top of this policy indicates when it was last updated.

13. App Store Privacy Labels

In accordance with Apple's requirements, the following categories are disclosed in Gratitude First's App Store privacy nutrition labels:

Data Not Collected: Gratitude First does not collect names, email addresses, phone numbers, physical addresses, payment information, health data, fitness data, location data, contacts, browsing history, search history, photos, or audio.

14. Contact

If you have any questions about this Privacy Policy or about how your data is handled, you can reach me at:

Email: gratitudefirst.app@gmail.com
Website: www.gratitudefirst.app