Privacy Policy

Effective date: 2026 • Applies to: InnerWhisper for iOS

The short version: InnerWhisper does not collect, transmit, or sell your personal data. Everything stays on your device, encrypted. The only off-device data flow is iCloud favorites sync, handled entirely by Apple’s infrastructure. We never see it.

1. About This Policy

This Privacy Policy describes how InnerWhisper (“we,” “our,” or “the app”) handles information when you use the InnerWhisper iOS application. By using the app, you agree to the practices described here.

We are committed to your privacy. The app was designed so that we cannot access your data even if we wanted to — because it never leaves your device.

2. Information We Do Not Collect

InnerWhisper does not collect, store, or transmit:

  • Your name, email address, or any identifying information
  • Location data of any kind
  • Health or wellness data you interact with in the app
  • Device identifiers (IDFA, IDFV, or similar)
  • Usage analytics or behavioral data
  • Crash logs or diagnostics sent to our servers

No account is required to use InnerWhisper. We operate no servers that receive user data.

InnerWhisper’s Apple privacy manifest declares NSPrivacyTracking: false and lists no collected data types, in accordance with Apple’s privacy requirements.

3. Data Stored Locally on Your Device

The app stores the following data on your device only:

  • App preferences — notification schedule, visual theme, and quote collection settings, stored in Apple UserDefaults and protected by iOS Data Protection when your device is locked
  • Favorites list — the IDs of quotes you have saved, stored locally and optionally synced via iCloud (see Section 4)
  • Encryption keys — stored in the iOS Keychain, protected by your device passcode and Secure Enclave
  • Quote files — the aggregated quote library and any quotes you add yourself, stored as encrypted files in app storage, encrypted with AES-256-GCM using keys held in the Keychain

Quote files are encrypted on disk using AES-256-GCM. App preferences and settings rely on iOS Data Protection. You can toggle encryption on or off at any time in the app’s Settings; when disabled, quote files rely on iOS file protection only. Deleting the app removes all locally stored data from your device.

4. iCloud Sync

If you are signed in to iCloud on your device, InnerWhisper syncs two types of data across your Apple devices. All sync is handled entirely by Apple’s iCloud infrastructure — InnerWhisper operates no servers that receive this data.

Favorites (iCloud Key-Value Store)

  • Your list of favorited quote IDs is synced using Apple’s NSUbiquitousKeyValueStore API.
  • Only opaque quote identifier strings are synced (e.g., 00000001-0000-4000-a000-000000000001). No quote text or personal notes are included.

Your Added Quotes (iCloud Documents)

  • Any quotes you write yourself are stored as an AES-256-GCM encrypted file synced via your personal iCloud Documents container (iCloud.ca.imposterSyndromium.InnerWhisper).
  • The encryption key for this file is synced via iCloud Keychain (synchronizable: true), so the same key is available on all your signed-in devices.
  • The content of the file is encrypted before it reaches iCloud and is never readable in plaintext by Apple or by us.

Apple’s Privacy Policy applies to all data processed through iCloud. You can disable iCloud sync for InnerWhisper at any time in iOS Settings → [Your Name] → iCloud → Apps Using iCloud.

5. Push Notifications

InnerWhisper delivers daily quote notifications as local notifications, scheduled and delivered entirely on your device by iOS. No notification content, schedule, or delivery confirmation is transmitted to any server.

iOS may request permission to send notifications when you first use the app. You can revoke notification permission at any time in iOS Settings → InnerWhisper → Notifications.

6. No Third-Party Services

InnerWhisper does not integrate with any third-party analytics, advertising, or crash-reporting services. Specifically, the app contains no:

  • Analytics SDKs (Firebase Analytics, Amplitude, Mixpanel, etc.)
  • Advertising networks or tracking pixels
  • Crash reporting or performance monitoring services

The core quote library is bundled inside the app. The app may also fetch an optional supplementary quote file from robinobrien.me via HTTPS, at most once every 24 hours. This request carries no user identifiers, account tokens, or personal data — it is a plain anonymous HTTPS GET. No user data is transmitted.

7. Children’s Privacy

InnerWhisper is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at the address below and we will delete it promptly.

8. Data Retention and Deletion

All InnerWhisper data exists solely on your device and in your personal iCloud account. We have no access to it and cannot delete it on your behalf.

  • To delete local data: Delete the InnerWhisper app from your device. iOS removes all associated data automatically.
  • To delete iCloud-synced favorites: After deleting the app, go to iOS Settings → [Your Name] → iCloud → Manage Account Storage and remove InnerWhisper’s iCloud data if listed.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the effective date at the top of this page. We encourage you to review this policy periodically. Continued use of InnerWhisper after changes are posted constitutes your acceptance of the updated policy.


10. Contact

If you have questions about this Privacy Policy or InnerWhisper’s data practices, please contact us:

Email: support@movingtruth.com