Privacy Policy

Reframe is built to be private by default. This policy describes what data the app touches and what happens to it. In plain English: everything stays on your phone.

What we collect

By default, nothing. Reframe does not collect, transmit, store, or sell any personal data. There are no accounts, no sign-ups, no analytics, no tracking pixels, no third-party SDKs that phone home.

The app makes zero outbound network requests unless you explicitly opt in to the Pro AI insights feature (described below). You can verify this with any network proxy.

What you create stays on your device

When you write an entry, a journal note, or a parked thought, that text is written to a SQLite database stored in the app's iOS sandbox. iOS encrypts this sandbox at rest using Data Protection (NSFileProtectionComplete) tied to your device passcode and Secure Enclave.

The app is locked behind Face ID (or device passcode) on every open.

Crash logs

The app keeps a local-only crash buffer of up to 50 recent errors. Crash log entries contain the error message, stack trace, and React component stack — they do not contain the text of your journal entries.

This buffer never leaves the device unless you explicitly tap Settings → Send diagnostics, which hands a JSON file to the iOS share sheet. You choose where (if anywhere) to send it.

Backups

Settings → Export backup writes a JSON file of your entries to your device and offers to share it via the iOS share sheet. This file is plain JSON. While the file lives on your phone it stays encrypted by iOS Data Protection. The moment you share it via Mail, iCloud Drive, or any other service, that protection ends.

We recommend keeping backups local (e.g. AirDrop to yourself, save to Files on your phone).

AI analysis (opt-in, Pro only)

If you turn on AI analysis (part of Reframe Pro), the relevant content is sent over HTTPS to our analysis service — a Vercel-hosted proxy that forwards the request to Anthropic's API — solely to generate your result, which is returned to your phone and stored on your device. We do not log or retain the contents on our servers, and the content is not used to train AI models. The request is not associated with an account, because there are no accounts.

• Analyzing a single entry sends that entry's text, plus your display name if you've set one.
• Profile analysis sends only anonymized pattern counts (which thinking traps you notice and how often), plus your display name if set — never your entry text.

AI features are off by default, and the first time you use one the app shows exactly what will be sent and asks you to confirm. You can turn them off at any time in Settings → AI Analysis. With them off, nothing leaves your device.

Third parties

Reframe has no third-party data processors beyond the optional AI flow above. The app uses open-source libraries strictly as on-device runtime code (no telemetry), including Expo, React Native, React, and TypeScript. The one networked exception is RevenueCat (react-native-purchases), used for subscription management; its SDK may contact RevenueCat's servers to verify your App Store subscription status. No journal content is involved.

Children

Reframe is not directed at children under 13 and we do not knowingly collect data from anyone (per above, we don't collect data from anyone at all).

Changes

If we ever change what data the app touches, this document will be updated and the version bump will be called out in the release notes.

Contact

Email us at info@caminonorth.ca, or use Settings → Send feedback in the app.