Privacy Policy

1. Data Controller

The data controller is the owner of the micro-enterprise Grizzlu: Rémi Thomase. (see section 1 of the Legal Notice)

2. Data Collected by the App & Storage

All user data (all user content: text, date/time, GPS location, photos, weather) is stored only: locally on the user's device and/or synced to the user's Apple / iCloud account. No one other than the user can access it if the user properly protects their Apple / iCloud account and device against hacking risks. Potch does not use a private server for data synchronization and does not sync data outside Apple's secure enclave. Users are advised to make their own backups and ensure they can always recover access to their device and/or Apple / iCloud account.

Face ID / Touch ID

Biometric data is stored and encrypted in Apple's secure enclave and never leaves the device. The Potch app does not have access to it and does not transmit it. When an authentication request is made, the Potch app waits to receive a response from the iOS system (authentication OK or not).

To disable biometric authentication for the Potch app: Settings > Apps > Potch > Permissions > Face ID

"State of Mind" Data (HealthKit)

The Potch app can read the "State of Mind" value stored in Apple's Health app (HealthKit) only with the user's explicit consent (via an iOS-managed permission screen). After authorization, the Potch app will only read the score corresponding to the mental well-being entry recorded in the Health app without accessing its precise content. This data is not stored in Potch; it is read to generate a victory reminder notification.

About Added Photos

Users can import photos into a new victory or a previously added one. These photos are duplicated from the user's photo library to Potch, meaning the original photo is not altered or deleted.

About Weather

The Potch app uses GPS location (if authorized by the user) or a manually entered city to display weather via WeatherKit, Apple's weather service. No personal data is transmitted to third parties. Requests are processed by Apple according to their own privacy policies to retrieve weather for a given location and time.

About Automatic Location Service

The Potch app can use automatic location to determine the user's position and record the location corresponding to the victory being written. This location is not performed in the background and is only done on the victory creation screen so that the "Optional Location" field is automatically filled, then upon saving the victory to send GPS coordinates to Apple's Weather service (see previous section). The location is not associated with the user.

About Automatic iCloud Sync

To sync data to the user's private iCloud account, opening or adding a victory will send the app's local data to the user's iCloud account. Although Potch does not require an internet connection to function, a reliable and fast connection is recommended so that local data is synced and to prevent data loss in case of device reset. Data is not sent outside Apple's secure enclave.

Tracking & Analytics

The Potch app does not use any third-party tracking or analytics tools.

2bis. In-App Purchases

  • One-time purchases (consumables): Purchases made in the Potch app are charged once via the user's Apple ID account. They do not renew automatically.
  • Monthly subscriptions (auto-renewable): Subscriptions are billed to the user's Apple ID account and renew automatically each month, unless the user cancels at least 24 hours before the end of the current period. Subscription management or cancellation is done via Apple ID settings (Settings > [user's name] > Subscriptions).
  • Potch does not store any payment data: all transactions are managed by Apple via the App Store and subject to Apple's standard EULA.

3. Website Spam Protection

The newsletter form on this website uses client-side anti-spam protection techniques (honeypot and time-based verification). No data is transmitted to third-party services for verification. Subscriptions are managed by Buttondown.

4. User Consent

  • Geolocation: requested via iOS popup (NSLocationWhenInUseUsageDescription).
  • Face ID / Touch ID: managed by iOS, requested via system popup.
  • State of Mind (HealthKit): access only if the user authorizes it in Settings > Health > App Access > Potch.
  • Photos: No access to the photo library is requested; the user manually adds the photos they wish to associate with a victory.
  • Notifications: Potch requests permission to send notifications for reminders at the user's chosen time.

5. Purposes & Legal Bases

Sync & Backup

  • Data: victory journal, photos
  • Legal basis: contract performance

Access Security (Face ID/Touch ID)

  • Data: no data accessible by the app
  • Legal basis: legitimate interest

Weather Display

  • Data: GPS location or manually entered city
  • Legal basis: contract performance

Suggestions & Notifications

  • Data: state of mind (HealthKit), schedule
  • Legal basis: explicit consent

6. Recipients

  • The user themselves (via the app)
  • Apple (iCloud, Face ID/Touch ID authentication, HealthKit, WeatherKit)

The items below do not apply to the iOS app but only to this website:

  • Cloudflare (proxy/CDN — processing of visitor IP addresses)
  • Buttondown (management of Potch newsletter subscribers)

7. Data Retention

  • Local & iCloud data: as long as the user's iCloud account exists; if no sync, as long as the app is installed on the user's device.
  • HealthKit data: not managed by Potch — this data is in the Health app, managed by the user through their Apple account.
  • Weather data (WeatherKit): recorded only when saving a note (weather + temperature). More info: Apple weather privacy.

The following items do not concern the iOS app but only this website:

8. Individual Rights

In accordance with the GDPR, users have the following rights over their data:

  • Right of access, rectification and deletion
  • Right to data portability
  • Right to restrict or object to processing

To exercise these rights, users can submit a request via the contact page. Any request will be processed within a maximum of 30 days.

9. Security

  • Data is encrypted at rest and in transit (HTTPS, iCloud encryption).
  • Apple's secure enclave guarantees the protection of biometric and HealthKit data.
  • Exchanges with Apple services are done via HTTPS.
  • Traffic to the potch.app website is routed through Cloudflare's network (proxy/CDN), which provides additional protection against attacks (DDoS, bots). In this capacity, Cloudflare processes visitor IP addresses as a GDPR data processor.

10. Cookies

No analytical or advertising cookies are set by the potch.app website. The site is self-hosted and does not use any third-party tracking services.

Cloudflare, used as a proxy/CDN, may set strictly necessary technical cookies to ensure the proper functioning of the service (e.g. bot protection). These cookies are not used for advertising or tracking purposes.

The Potch iOS app does not use any cookies.

11. Policy Updates

This privacy policy is available online at: potch.app/en/privacy

← Back to home
Potch