Privacy Policy
PushWard is an independent project run by mac-lucky, based in Poland. This policy explains what we collect, what we don't, and what you can do about it.
What we collect
When you sign in with Apple, we receive only an opaque identifier -- no email, no name. The iOS app sends us your device push tokens (so we can deliver Live Activities and notifications), basic device info (OS version, app version, model, locale, permission state) for diagnostics, and the activities and notifications you create through the API.
If you use the optional email channel, we also store the recipient email addresses you register (each confirmed by the recipient through a double opt-in link), the subject lines and delivery status of the emails you send through us, and -- transiently, only while we hand it to our email provider for delivery -- the message body. That confirmation email tells each recipient who added them, and every message lets them unsubscribe at any time.
What we don't collect
We never ask for your email, name, phone, address, or location to create or use your
account -- Sign in with Apple gives us only an opaque identifier. (The one exception is
the optional email channel above: the recipient addresses you choose to send to are
stored so we can deliver and verify them.) No advertising identifiers, IDFA, or
cross-app tracking. No cookies. No third-party analytics, crash reporters, or SDKs of
any kind. The iOS app talks only to Apple (including iCloud) and to api.pushward.app.
How your data is handled
We process this data to operate the service (contractual basis) and to protect it from abuse (legitimate interest). API tokens and integration keys are stored as SHA-256 hashes -- we never see your plaintext tokens. Push delivery telemetry hashes destination tokens too, and payload contents are never logged. IP addresses are used transiently for rate limiting and discarded.
Emails you send are delivered through a third-party email delivery provider; bounce and spam-complaint feedback is used to suppress addresses that should not be contacted again. If you turn on iCloud settings sync, your app preferences (notification settings, language, sort order) are mirrored through your own private Apple iCloud account -- secrets such as tokens and keys are never included.
Where your data lives
Application data is hosted in the EU (Frankfurt). Push tokens transit Apple's APNs
infrastructure (US-based), covered by the EU-US Data Privacy Framework and Standard
Contractual Clauses. The third parties that touch your data are Apple (Sign in with
Apple, push delivery, and -- if you enable it -- iCloud settings sync), Cloudflare (DNS
and TLS for pushward.app), and -- only if you use the email channel -- a
third-party email delivery provider, which sends your emails from the EU (Frankfurt)
region. We do not sell, rent, or share your data for advertising.
How long we keep it
Activities you create through the API are automatically deleted once their TTL expires. Records of emails you've sent are kept for 90 days; the recipient addresses you register stay until you remove them or delete your account. Addresses that hard-bounce or report your mail as spam are added to a suppression list we keep indefinitely so we don't email them again. Everything else exists for as long as your account does -- delete your account from inside the iOS app and everything tied to you (devices, activities, tokens, integration keys) is removed by database cascade. Backups roll over within 30 days.
Your rights
Under the GDPR you can access, correct, export, or delete your data, restrict or object to processing, and lodge a complaint with the Polish data protection authority (UODO, uodo.gov.pl). Email [email protected] to exercise any of these rights -- or start a data request straight from the iOS app's Backup & Sync settings -- we respond within 30 days. You can also delete your account directly from the iOS app at any time.
Changes & contact
If we change this policy, the updated version will be posted here. Questions: [email protected] · GitHub.