PRIVACY POLICY

The Doctrine

One Commit is built on the principle of local-first data sovereignty. Your intellectual labor and historical results are your own.

1. Local Storage (The Archive)

All commitment history, including board states, timestamps, and compliance results, is stored exclusively on your physical device in a local JSON format. This data is never uploaded to our servers.

2. Anonymity & Device Identifiers

One Commit uses an anonymous device identifier provided by Firebase Analytics. This identifier:

• Is randomly generated per app installation.
• Is not tied to your Apple ID, email, or name.
• Cannot be used to identify you personally.
• Is used only to calculate aggregate statistics.

3. Technical Privacy Implementation

One Commit enforces multiple layers of privacy protection:

1. Advertising Identifier Disabled: The app does not request or collect the Apple Advertising Identifier (IDFA).
2. Vendor Identifier Disabled: The app does not collect the Vendor Identifier (IDFV).
3. Anonymous Instance ID: Firebase generates a temporary, anonymous identifier that resets when the app is deleted, cannot be linked to other apps, and is used solely for statistics.
4. System-Level Enforcement: Privacy settings are enforced at the iOS system level before any analytics code executes.

4. User Control

You maintain absolute control over the institutional observation. Within the Settings menu, you may:

• Disable all anonymous analytics tracking.
• Export your entire local commitment history as a JSON file.
• Manage local notification triggers.

5. Data Retention

We do not maintain user accounts. If you delete the app, your local archive is destroyed. Anonymous global aggregates remain in the system to maintain the historical solve-rate baseline.