Privacy Policy

🔒 The short version

      Your messages are stored on your device only. The server is a delivery relay — once a message is delivered and acknowledged, it is deleted from the server. We do not read, sell, or share your messages.
    

📦 What we collect

We collect the minimum required to operate the service:

Account identifiers — an anonymous ID from Sign in with Apple, and an optional username and display name you choose.
Device token — your APNs push token, used solely to deliver notifications to your device.
Connection permissions — a list of users you have approved or blocked, stored on the server so the permission system works across app reinstalls.
Delivery windows — quiet-hour preferences you configure, stored on the server so alerts respect your schedule.
Alert content (transient) — the body of an alert is held on the server only until it is delivered to the recipient's device and acknowledged. After acknowledgement it is permanently deleted.

🚫 What we do not collect

Message history — conversation logs live on your device, not our servers.
Location data.
Contacts or address book access.
Analytics or behavioural tracking.
Advertising identifiers.

📨 How messages are handled

When you send an alert, the encrypted content is stored on our server only long enough to deliver it to the recipient. Delivery triggers an acknowledgement from the recipient's device, after which the server permanently deletes the message.

If a message is scheduled for a future time, it is held on the server until the scheduled delivery time, then deleted upon acknowledgement.

Message history is stored locally on your device using an on-device JSON store. You can clear it at any time from inside the app.

🔔 Push notifications

ClockU uses Apple Push Notification service (APNs) to deliver alerts. Your device token is registered with our server and used exclusively for this purpose. We do not share device tokens with third parties.

👤 Sign in with Apple

Authentication is handled entirely through Sign in with Apple. We receive only an opaque user identifier from Apple — we never see your Apple ID email unless you choose to share it. We do not use any other authentication method.

🤝 Data sharing

We do not sell, rent, or share your personal data with third parties for advertising or commercial purposes.

We may disclose data if required by law or to protect the safety of users (e.g. in response to a valid legal request).

Our infrastructure runs on Cloudflare Workers. Cloudflare's privacy policy applies to data in transit and at rest on their platform: cloudflare.com/privacypolicy.

🗑️ Deleting your data

You can delete your account at any time from Settings → Delete account. This permanently removes your account, all connection permissions, device tokens, and any pending undelivered messages from our servers.

Conversation history stored on your device can be cleared per-conversation or in full from Settings → Clear local messages.

👶 Children

ClockU is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it promptly.

✏️ Changes to this policy

We may update this policy from time to time. The effective date at the top of this page will reflect the most recent revision. Continued use of the app after changes constitutes acceptance of the updated policy.

📬 Contact

Questions or requests regarding your privacy can be sent to:
[email protected]