Privacy, in plain language.

This is a draft policy that mirrors how DateKnot is engineered today. A formal, lawyer-reviewed version lands before the v2.0 App Store submission. If you want the legal final, email hello@dateknot.com and we'll send a copy.

What we collect

DateKnot is designed to collect as little as possible. The app stores your relationship data — your anniversaries, your couple photos, your shared journal, your moods — inside your own iCloud account via CloudKit private and shared zones. We never see it, and it never touches our servers.

What we do see, on a server we control:

• Your email address, only if you join the waitlist
• Anonymous crash reports (via Apple's MetricKit and Sentry) when something breaks
• Aggregate purchase events from App Store Connect (no personal identifiers — just totals)

What we don't collect

• The content of your anniversaries, journal, mood notes, or photos
• Your contacts or address book
• Your location (we ask only when you tap a date-night suggestion, and we never store it)
• Behavioral analytics inside the app — no Mixpanel, no Amplitude, no PostHog inside the app boundary

AI features

When you ask DateKnot to suggest a gift, a date night, or draft a love note, the relevant context (partner profile, anniversary year, budget — never your raw photos or journal entries) is sent to Anthropic's Claude API. Anthropic does not train on this data, and we don't store the request or the response on our end after it's returned to your phone.

Untying the knot

You can delete everything from Settings → Knot → Untie. Local copies are removed within seconds. CloudKit copies are gone within 24 hours. The archive (read-only snapshot for 30 days) is opt-in — uncheck the box during untying and we skip it entirely.

Contact

Questions, requests, or a data export — email hello@dateknot.com. We reply within a couple of business days.