Privacy Policy

1 Information We Collect

Short answer: still none.

RosaryPath never asks you to create an account, provide an email address, or share personal identifiers. We do not run RosaryPath-controlled servers, and we never transmit your rosary sessions, intention journals, reminder templates, streaks, or widget data anywhere.

When you subscribe to RosaryPath Pro through Apple's App Store, StoreKit shares a signed transaction receipt so the app can unlock Pro features offline. We cache only a yes/no entitlement flag and expiration timestamp locally so the app works without a network connection.

Apple retains the actual receipts and billing information. RosaryPath cannot see your payment method, name, or email, and no other personal information is collected.

2 How We Store Your Data

All RosaryPath data stays local unless you explicitly choose otherwise. The offline-first design uses:

• SwiftData/Core Data & UserDefaults: Prayer sessions, rosary logs, intention journals, reminder templates, and streaks live inside Apple's encrypted app sandbox on your iPhone or iPad.
• Shared App Group caches: Widgets, Reminder scheduling cues, and ActivityKit Live Activities read a lightweight cache from the shared container without contacting any servers.

RosaryPath Pro subscribers can optionally enable additional storage paths:

• iCloud Sync (opt-in): Encrypted copies of your data live inside your personal iCloud private database and App Group. Only devices signed into your Apple ID can read it.
• Manual AES-GCM backups (Pro-only): The in-app export flow creates an AES-GCM encrypted backup file protected by a password you choose. You decide where to store it (Files app, iCloud Drive, AirDrop, Finder, external storage). RosaryPath never uploads or keeps a copy.

RosaryPath operates zero databases or APIs. Everything, including widgets, reminders, and Live Activities, reads from data that lives solely on your hardware or in Apple services you control.

3 Analytics and Tracking

We use absolutely no analytics, tracking, or monitoring tools.

RosaryPath does not embed or rely on:

• Firebase, Google Analytics, or any other analytics SDK
• Crashlytics, Sentry, or automatic crash log uploaders
• Mixpanel, Amplitude, or behavioral telemetry
• Advertising identifiers, attribution SDKs, or tracking pixels
• Social media SDKs or login providers
• Cookies, fingerprinting scripts, or background beacons

Even diagnostic logs stay on your device unless you explicitly share them with Apple via iOS Settings. We have no insight into what you pray or when you pray.

4 Third-Party Services

RosaryPath is free to download, and RosaryPath Pro is an optional subscription handled entirely by Apple via StoreKit. Apple manages every aspect of billing, so RosaryPath never sees your payment information and never touches a payment processor directly.

The only external services involved are Apple frameworks that keep data inside your Apple ID:

• StoreKit & App Store Server Notifications: Verify RosaryPath Pro receipts and renewals so the app knows whether to unlock Pro-only features offline.
• iCloud Sync (opt-in for Pro): Syncs encrypted copies of your data inside your private iCloud database. RosaryPath employees have no way to view or modify it.
• UserNotifications, Time-Sensitive, and Critical Alerts: Schedule reminders entirely on-device. Identifiers never leave your hardware.
• ActivityKit, WidgetKit, and App Groups: Power Live Activities, lock-screen widgets, and Home Screen components using local caches only.
• Apple speech services (optional): AVSpeechSynthesizer downloads Apple-provided voices when you enable spoken reflections; audio stays on-device.

No other third parties receive data. We do not integrate advertising networks, social platforms, or custom cloud vendors.

5 Children's Privacy

Because RosaryPath collects nothing and stores everything on-device, it is safe for users of all ages, including children under 13. We do not knowingly collect personal information from anyone.

Parents can manage Notifications, Time-Sensitive alerts, and Critical Alerts through iOS Settings > Notifications > RosaryPath. There are no user accounts or profiles to supervise, and no data ever leaves the family's devices without their explicit action.

6 Data Security

The best security is keeping data on hardware you control. RosaryPath does exactly that, and every optional sync path inherits Apple's encryption.

Your prayer data is protected by:

• Device encryption & Secure Enclave: iOS encrypts RosaryPath's databases at rest, tied to your passcode, Face ID, or Touch ID.
• Biometric & passcode protections: Only someone who can unlock your device can see your intentions, streaks, or reminders.
• Manual backups encrypted with AES-GCM: Exported backups require the password you set. We cannot recover or reset it because we never receive it.
• iCloud safeguards: If you enable sync, Apple encrypts the records in flight and at rest within your iCloud account.

RosaryPath cannot suffer a data breach because we do not host your data. Optional iCloud copies remain inside Apple's infrastructure and under your Apple ID credentials.

7 Data Deletion

To delete your data, choose the steps that apply:

• a. Uninstall RosaryPath: Deleting the app removes every local database, including rosary session logs, intention journals, reminder settings, and widget caches.
• b. Settings → Data Reset: Inside the app open Settings > Data Reset to selectively clear rosary logs, intention entries, reminder templates, and Live Activity/widget state without uninstalling.
• c. iCloud sync data (Pro opt-in): Turn off Sync in RosaryPath Pro settings, then visit iOS Settings > [your name] > iCloud > Manage Account Storage > RosaryPath and tap Delete Data to remove the encrypted records from your iCloud account.
• d. Manual AES-GCM backups: Locate any RosaryPath backup files you exported (Files app, iCloud Drive, AirDrop, Finder, or removable storage), delete them, and clear each location's "Recently Deleted" folder. Those backups exist only where you stored them.

Pending reminders, Notification identifiers, widgets, and Live Activities contain no personal content and are erased as soon as you revoke Notification permissions or clear the reminder schedule.

8 International Users

Because RosaryPath keeps prayer data on devices you own (or inside your iCloud account or manual backups you control), we do not perform cross-border transfers on your behalf. Compliance with global frameworks is achieved by not collecting personal data in the first place.

• GDPR (European Union)
• CCPA/CPRA (California, USA)
• PIPEDA (Canada)
• LGPD (Brazil)

RosaryPath performs no automated decision-making or profiling.

9 App Permissions

RosaryPath requests only the permissions needed to deliver reminders and optional Pro features:

• Notifications, Time-Sensitive alerts, and Critical Alerts (optional but required for reminders): Used only to schedule local prayer reminders and countdown timers via Apple's UserNotifications framework. Pending notifications store only local identifiers and timestamps.
• ActivityKit & WidgetKit access: Live Activities, Lock Screen widgets, Home Screen widgets, and StandBy widgets read summaries from the shared App Group container; no network permission or server call exists.
• Speech synthesis voice downloads (optional): If you enable spoken reflections, iOS may download Apple speech voices over Wi‑Fi. Audio rendering remains on-device.

RosaryPath does not request HealthKit, Motion, Location, Contacts, Photos, Camera, Microphone, Bluetooth, or Files access. You can revoke Notifications or Time-Sensitive permissions anytime from iOS Settings > Notifications > RosaryPath, and reminders/widgets/Live Activities will stop immediately.

10 Website Privacy

This website is a static site served from a global CDN. We run privacy-friendly Plausible Analytics to understand basic page views and referrers so we can ensure the site is usable; Plausible only stores anonymized, aggregate metrics and never uses cookies or cross-site tracking. No other analytics, tracking pixels, or advertising scripts are present. If you submit the contact form, we use your name and email solely to reply to that request and nothing else.

11 Changes to This Privacy Policy

If our privacy practices ever change (we have no plans to alter the offline-first approach), we will:

• Update this page with a new "Last Updated" date and publish the new version in the RosaryPath repo.
• Show an in-app notice the next time you open RosaryPath and highlight the change in the App Store release notes.
• Obtain your explicit consent before collecting any new category of data.

Transparency is part of our release process; policy versions live alongside the app code so you can review the history anytime.

12 Your Rights

Privacy laws give you rights over your information. Because RosaryPath keeps everything on your hardware, you already exercise those rights directly:

• Access & Rectification: Open the app to view or edit rosary sessions, intentions, and reminder schedules anytime.
• Portability: Create an encrypted manual backup and move it to any storage you personally control.
• Deletion: Use Settings → Data Reset, uninstall the app, delete iCloud sync data, and trash manual backups.
• Opt-Out: Keep Pro sync/backup disabled, or turn it off anytime. Nothing is collected automatically.

13 Contact Us

Questions about RosaryPath's privacy commitments? Reach out anytime via the contact form or email and we will respond promptly.