Privacy Policy

1. Our Core Commitment

Secure Space does not collect, transmit, or store your personal data on any server. We have no backend. We cannot see your journal entries, your emotional responses, your patterns, or your reflections. Everything you write stays on your device.

2. Data You Create

When you use Secure Space, the following data is created and stored locally on your device only using Apple's Core Data framework:

• Journal entries (trigger descriptions, emotions, story, facts, reframes, action plans)
• Quick trigger check-ins
• Assessment results (attachment style, sensitivity mode)
• Behavioral pattern logs
• Grounding anchor and reframe usage
• App preferences and settings (haptic feedback, app lock, notification preferences)

None of this data is ever transmitted to Secure Space or any third party. It exists only in your device's local storage.

Deleting the app permanently deletes all of this data. You may also reset assessment and profile data at any time via Settings → Data → Reset All Data.

3. On-Device Processing

All analysis in Secure Space — including pattern detection, attachment scoring, growth signals, and reframe recommendations — runs entirely on your device. Your journal text is never sent to external AI services, cloud servers, or used to train any machine learning model.

4. Face ID and Touch ID

If you enable App Lock, Secure Space uses Apple's LocalAuthentication framework to authenticate you via Face ID, Touch ID, or your device passcode. We never access, store, or transmit your biometric data. Authentication is handled entirely by iOS and your device's secure enclave — Secure Space only receives a yes/no result.

Your Face ID and Touch ID data never leaves your device.

5. Subscriptions — RevenueCat

Secure Space uses RevenueCat to manage Pro subscriptions. When you purchase or restore a subscription, RevenueCat processes limited transaction data including:

• App Store transaction receipts
• Subscription status (active, expired, trial)
• Country/region (derived from App Store, not your location)
• An anonymous app user ID (not linked to your name or email)

RevenueCat does not receive any journal content, assessment results, or personal reflections. Their privacy policy is available at revenuecat.com/privacy.

All payment processing is handled by Apple. Secure Space never sees your payment details.

6. Notifications

If you grant notification permission, Secure Space schedules local notifications for follow-up reminders and reflection nudges. These notifications are generated and delivered entirely on-device. No notification content is sent to a server.

You can manage or disable notifications at any time via Settings → Notifications in iOS.

7. Widgets

Secure Space includes a home screen widget that displays your daily reframe. Widget data is written to a shared App Group container on your device — it does not leave your device and is not accessible to Secure Space or anyone else remotely.

8. Analytics and Crash Reporting

Secure Space does not use any third-party analytics or behavioral tracking SDKs (no Firebase, no Mixpanel, no Amplitude).

Xcode's optional crash reporting (via Apple's infrastructure) may collect anonymized crash logs if you have opted into sharing app analytics with developers in your iOS settings. This data is anonymized by Apple and only shows technical crash information — no journal content is ever included. You can control this in iOS Settings → Privacy & Security → Analytics & Improvements.

9. Children's Privacy

Secure Space is not intended for users under 17. We do not knowingly collect data from children under 17. Because all data is stored locally and we have no server-side data collection, there is no mechanism by which we would receive a child's data. If you believe a child under 17 is using the app, please contact us.

10. Your Rights

Because all your data lives on your device, you are always in full control:

• Access: All your data is readable within the app
• Delete: Use Settings → Data → Reset All Data to delete assessment data, or delete the app to remove everything
• Export: You can screenshot or manually export entries at any time
• Portability: Your data is not locked in any cloud — it is yours, on your device

If you are in the EU (GDPR) or California (CCPA), the above rights apply to you by default given our architecture. Since we hold no personal data on our servers, there is nothing for us to provide, correct, or delete on our end beyond what you can already do yourself.

11. Data Retention

Data lives on your device for as long as you keep the app installed. Deleting the app removes all locally stored data permanently. Secure Space retains no copies.

12. Third-Party Links

The app may contain links to external websites (such as this privacy policy page). We are not responsible for the privacy practices of those sites and encourage you to review their policies independently.

13. Changes to This Policy

If we make material changes to this policy, we will update the "Last Updated" date and notify you within the app. Continued use of Secure Space after changes are posted constitutes acceptance of the revised policy.