Dropboard Privacy Policy

Effective date: 6 June 2026 Applies to: Dropboard for iOS, version 1.0 and later

Plain-language summary: Dropboard keeps your notes on your device. We don’t have a server, we don’t have an account system, and we don’t collect, sell, or share your data. If you turn on iCloud Sync, your notes are stored in your own iCloud account under Apple’s terms — not by us. That’s the whole story; the detail below just makes it precise.

1. Who we are

Dropboard (“Dropboard,” “we,” “us”) is a capture-first notes app for iPhone. This policy explains what happens to information when you use the app. If anything here is unclear, contact us at privacy@dropboard.app.

2. The short version of how Dropboard handles data

Your notes live on your device. They are stored locally using Apple’s on-device database (SwiftData / SQLite) and protected at rest by iOS Data Protection.
We operate no servers and have no Dropboard account. There is nothing to sign up for. We never receive a copy of your notes.
We collect no analytics and use no tracking in this version of the app. There are no third-party advertising, analytics, or tracking SDKs in Dropboard.
iCloud Sync is optional and off by default. If you turn it on, Apple syncs your notes through your private iCloud account.

3. Information Dropboard stores on your device

Everything you create in Dropboard is stored locally on your iPhone:

Note content — the text you capture, its filing category, due dates Dropboard detects, and timestamps.
Categories and keywords — the categories you create and the keywords Dropboard uses to file notes.
Filing corrections — when you move a note to a different category, Dropboard remembers that locally to improve future filing for you. This learning never leaves your device and is never sent to us.
Preferences — settings such as appearance and whether biometric lock is enabled.

This information is stored on the device (and in your iCloud account if you enable sync). We have no access to it.

4. Optional iCloud Sync (CloudKit)

If you turn on iCloud Sync in Gear → Settings:

Your notes are synced through Apple CloudKit to your private iCloud database, so your other devices signed into the same Apple ID can see them.
This data resides in your own iCloud account. We do not operate the iCloud servers, cannot read your CloudKit data, and never receive a copy.
Apple’s handling of iCloud data is governed by the Apple Privacy Policy and your iCloud terms.
iCloud Sync is off by default. Turning it off keeps Dropboard entirely on-device.

5. Face ID / Touch ID

If you enable biometric lock, Dropboard asks iOS to confirm your identity before opening. Biometric data (your face or fingerprint) is handled entirely by Apple’s Secure Enclave on your device. Dropboard never sees, stores, or transmits your biometric data — we only receive a yes/no result from iOS.

6. In-app purchases

Dropboard offers a one-time Dropboard Pro purchase through Apple’s StoreKit. Payment is processed by Apple, not by us. We do not receive or store your payment details. Apple’s handling of purchase information is governed by Apple’s privacy policy.

7. What we do not do

We do not collect, transmit, or sell your notes or personal information.
We do not track you across apps or websites. The app’s privacy manifest declares no tracking and no data collection.
We do not use your notes for advertising or to train any AI model.
We do not record audio in the background or access your microphone.
We include no third-party advertising, analytics, attribution, or tracking SDKs.

8. Required-reason API usage

Apple requires apps to declare certain system APIs. Dropboard uses them only for ordinary on-device functioning:

UserDefaults — to store your app preferences.
File timestamps and disk space — to manage your local note database.
System boot time — for internal timing.

None of these are used to identify you or to build a profile, and none of this information leaves your device. This is declared in the app’s bundled PrivacyInfo.xcprivacy privacy manifest.

Because your data lives on your device, you are in direct control of it at all times:

Export — Gear → Export produces a Markdown copy of all your notes, grouped by category, so you can take your data anywhere.
Delete — Deleting a note, a category, or the app itself removes the corresponding data from your device. Deleting the app removes the local database; if you used iCloud Sync, you can remove the Dropboard data from your iCloud account in iOS Settings → your name → iCloud.
Access / correction — All your data is directly visible and editable inside the app.

If you are in the EU/UK (GDPR) or California (CCPA), these mechanisms satisfy your rights to access, port, correct, and erase your data. Since we hold no copy of your data on any server, there is nothing for us to retrieve or delete on our side. If you have questions, contact privacy@dropboard.app.

10. Children

Dropboard is not directed to children under 13, and we do not knowingly collect information from children. The app has no accounts and collects no personal information from anyone.

11. Data retention

We retain nothing, because we receive nothing. Your data persists on your device for as long as you keep it, and is removed when you delete it or uninstall the app.

12. Changes to this policy

If we change how Dropboard handles data, we will update this page and revise the effective date above. Material changes will also be reflected in the app’s release notes.

13. Contact

Questions about privacy: privacy@dropboard.app General support: support@dropboard.app

This document is published at https://dropboard.app/privacy and is the privacy policy referenced inside the Dropboard app (Gear → Privacy) and in the App Store listing.