Privacy Policy
Your privacy matters to us. This policy explains how Withershins, LLC and our products handle your information.
Our Commitment
We believe that your data belongs to you. We don't collect unnecessary information. We don't track you. We don't sell your data to third parties. We don't train AI models on your personal information. When you use our products, your data stays under your control.
STASH - Privacy by Design
STASH is designed from the ground up with privacy as a core principle, not an afterthought.
- On-Device Processing: All AI-powered features use iOS Foundation Models that run locally on your device. No data is sent to external servers for processing.
- Local Storage: Your thoughts, classifications, and search history are stored locally on your device using encrypted storage. We never receive this data on our servers.
- HealthKit Data: Any correlations with HealthKit data (activity, sleep, energy) happen only on your device. We don't collect, store, or process HealthKit data on our servers.
- No Telemetry: We don't collect analytics about how you use STASH. No event tracking, no crash reporting, no usage statistics. Nothing.
- No Ads: STASH has no advertising or ad tracking. We don't monitor your behavior to serve you targeted content.
What We Collect
STASH collects the absolute minimum necessary to provide the service:
- Your Apple account information (if you sign in—this is used only for app management and isn't stored on our servers)
- Email address (only if you voluntarily contact us or request early access)
- Crash reports (only if you explicitly choose to share them; completely optional)
We do not collect:
- Your thoughts or captured content
- Usage patterns or behavior data
- Location information
- Device identifiers (UDID, IDFA, etc.)
- IP addresses
- HealthKit data
Email Communications
If you contact us or request early access to STASH:
- We'll use your email only to respond to your request or share updates about STASH (if you opted in)
- We won't sell or share your email address with third parties
- You can unsubscribe from non-essential emails at any time
- We keep email communications only as long as necessary
Third-Party Services
STASH may use the following Apple frameworks, but only for on-device processing:
- Foundation Models: Apple's on-device AI models for text classification and semantic understanding
- HealthKit: Only for reading (with permission) health metrics on your device; data never leaves your phone
- App Intents / Siri: For voice capture functionality; audio is processed on your device
We don't integrate with analytics services like Firebase, Mixpanel, or similar. We don't use third-party SDKs that track user behavior.
Data Security
Since most data stays on your device, security starts with your iPhone's built-in protections (encryption at rest, secure enclave, etc.). We follow Apple's security best practices in our code to ensure:
- Secure handling of any data that leaves your device
- No plaintext storage of sensitive information
- Regular security reviews and updates
Your Rights
Under GDPR, CCPA, and other privacy laws, you have rights including:
- Right to Access: You can request what personal data we hold about you
- Right to Deletion: You can request that we delete your data
- Right to Portability: You can request your data in a portable format
- Right to Opt-Out: You can opt out of non-essential communications
To exercise these rights, contact us at paf@withershins.us.
Changes to This Policy
We may update this policy as STASH evolves and new features are added. We'll notify you of material changes via email (if we have your email) or by updating the "Last Updated" date below. Your continued use of STASH after changes become effective means you accept the updated policy.
Contact Us
Questions about our privacy practices? Get in touch:
Withershins, LLC
paf@withershins.us
Columbus, Ohio, USA
Effective Date: Upon STASH Release