Your words stay quiet.

Tide is built and operated by David Petrina, an independent developer based in Czechia. There is no company, no team, no server-side infrastructure under my control. The privacy contract below is what one person can honestly promise.

Contact: david@petrina.me.

Anonymous usage events. Tide uses Firebase Analytics to record a small set of events — first open, session start, screen view, and tip-jar interactions (shown / attempted / purchased). These events are tied to a randomly generated Firebase instance ID, not to your name, your Apple ID, your email, or any identifier we choose. Tide does not link the IDFA (Apple's advertising identifier) — the App Tracking Transparency prompt isn't shown because we don't track.

Crash and performance data. Firebase Crashlytics and Firebase Performance Monitoring collect diagnostics when Tide misbehaves: stack traces, device model, iOS version, app version, time of crash, and how long key operations took. These are not tied to your identity. They exist so I can fix things.

Tip-jar purchases. If you send an optional tip, Apple processes the payment through StoreKit. I never see your payment information — Apple shares only aggregate sales reports with me, with no identifying details about who tipped.

Sign in with Apple (optional). If you choose to sign in, Apple shares your Apple-issued user identifier and the display name you choose to share. Tide stores both on your device. Email is never requested (the sign-in scope is name only). Signing out removes the local account row; uninstalling removes everything.

Your habits, reflections, mood, and preferences. The content you create inside Tide — the names of your intentions, what you wrote at sundown, which mood you picked, your notification times, your accent colour — never reaches a server I control. It lives in Tide's local database on your iPhone or iPad.

And in your own iCloud, if you let it. If you have iCloud signed in on the device and keep the "iCloud" toggle on inside Tide's Settings, the same content is synced to your private CloudKit database (iCloud.me.petrina.tide), which is part of your iCloud account. I cannot read it. Apple cannot read it. Other Tide users cannot read it. It is private to your Apple ID. You can verify this in iOS Settings → your Apple ID → iCloud → Manage Storage → Tide.

• The IDFA (Identifier for Advertisers). The Firebase IdentitySupport module isn't linked. Apple's IDFA stays inaccessible.
• Your email address. Sign in with Apple is requested with the name scope only.
• The content of your habits, reflections, mood, or any other note you write. None of that is ever sent off-device to anything I run.
• Your contacts, photos, calendar, or location.
• Microphone or camera input. Tide does not request these permissions.
• Health data. Tide does not integrate with Apple HealthKit.
• Anything from any third-party advertising network. There are no ad SDKs in Tide.

Apple. Apple sees the same things Apple always sees for any iOS app: that you downloaded it, your StoreKit purchases, and (if you chose Sign in with Apple) the fact that you used SIWA with Tide. Apple's privacy policy applies to that data. Anything stored in your iCloud is governed by Apple, not by me.

Google (Firebase). The anonymous usage events and crash diagnostics described above flow to Google's Firebase platform, which I use as my analytics and crash-reporting provider. Firebase data is governed by Google's privacy policy. I have not enabled Google Analytics for Firebase audiences, ad personalisation, or any cross-app linking.

Nobody else. Tide ships no other third-party SDKs. There are no advertisers, no data brokers, no marketing automation, no profiling vendors. The full third-party list, end to end, is Apple plus Firebase.

Firebase data is processed on Google infrastructure, which may include servers in the United States and other regions. CloudKit data is stored by Apple in the region Apple determines for your Apple ID. On-device data stays on the device you're holding.

If you are a resident of the European Union or the UK, the data transfer to Firebase is covered by Google's standard contractual clauses. You have the rights granted under the GDPR — most usefully here, the right to deletion, which is achievable on your end without writing me a letter (see the next section).

On your device: for as long as you keep Tide installed. Uninstalling removes the local copy.

In your iCloud: for as long as you keep Tide's iCloud toggle on and the data present in your iCloud account. You can wipe it at any time through iOS Settings → your Apple ID → iCloud → Manage Storage → Tide → Delete Data.

In Firebase: Firebase Analytics events use Google's default retention (currently up to 14 months for event data, with anonymous identifiers reset on a shorter cadence). Crashlytics retains crash reports up to 90 days. I haven't tuned these to be more aggressive yet; this page will be updated if I do.

Delete on-device data: uninstall Tide from your iPhone or iPad.

Delete iCloud data: iOS Settings → your Apple ID → iCloud → Manage Storage → Tide → Delete Data.

Stop syncing without deleting: inside Tide, Settings → Sync → iCloud → toggle off. Existing iCloud data stays until you manually delete it; future changes will not sync up.

Remove your Sign in with Apple link: inside Tide, Settings → Account → Sign out. Or from iOS Settings → your Apple ID → Sign in with Apple → Tide → Stop using Apple ID.

Export your reflections: Settings → Sync → Export reflections offers Markdown and CSV. Your data is yours.

Ask me to delete Firebase data: because the analytics events are not linked to an identifier I control, I usually cannot find your specific records to delete. If you know the rough timing of your install and you'd like me to try, email david@petrina.me and I'll do what I can.

Tide carries a 4+ age rating in the App Store. It is not directed at children, and it does not knowingly collect personal information from anyone under 13 (or the equivalent minimum age in your jurisdiction). If you believe a child has used Tide and you'd like me to take action, write.

If I change what Tide collects or who it shares data with, I'll update this page and bump the date at the bottom. For material changes I'll also note it in the "What's New" of the next App Store update, so the change isn't hidden in a footnote.

If anything on this page is unclear, or if it doesn't match what you observe in the app, write david@petrina.me. I'd rather rewrite a paragraph than leave a question hanging.