Privacy · Draft 0.1 · Pending legal review

Privacy Policy

Effective date: To be set on launch.
Last updated: To be set on launch.
Version: Draft 0.1

1. Who we are

Dark Talent ("Dark Talent", "we", "us", "our") is a privacy-first AI focus system for founders, builders, and high-agency professionals, distributed as a native iOS and macOS application.

Legal entity and registered address are pending confirmation. Contact the privacy address at privacy@darktalent.app with any question about this policy.

2. The short version

Dark Talent is built so that almost nothing leaves your device. We do not run analytics. We do not sell, share, or rent your data. We do not track you across apps or websites.

The only data that ever reaches our infrastructure is:

1. Subscription receipts, relayed through our server-side validation worker so we can verify your paid tier. No personal information is attached.
2. AI Coach API calls for features that require cloud inference. Redacted prompts go to Anthropic, our AI processor; the response is streamed back. We do not retain copies on our servers.

Everything else — your journal entries, state checks, focus sessions, signals, targets, and AI memory — is stored on your device, in your own iCloud account, or in encrypted storage to which only you hold the key.

3. What this policy covers

This policy covers the Dark Talent iOS app, macOS app, their bundled extensions (Widgets, Live Activities, App Intents, Share Extension, and any future watchOS companion), and the darktalent.app website.

It does not cover Apple's processing of your subscription, third-party services you choose to connect via integrations, or Anthropic's processing of AI requests routed through their API. Those are governed by their own policies.

4. Data we do not collect

Dark Talent is deliberately designed to avoid collecting:

• No third-party analytics SDKs (no Mixpanel, Amplitude, Segment, PostHog, Firebase Analytics, etc.).
• No advertising identifiers or IDFA.
• No cross-app or cross-site tracking.
• No browser fingerprinting.
• No social-graph data.
• No contact list, photo library, or microphone access except where you explicitly invoke a feature that needs it. Voice journaling uses on-device Apple Speech transcription; audio is not transmitted off-device.
• No location data.
• No telemetry from Crisis Mode.
• No email, name, password, or account creation. Dark Talent does not require you to make an account with us.

5. Data we process

On-device

Stored locally inside the app sandbox: user preferences, Target, Key Results, State Checks, Lock-In sessions, distractions, signals, Weekly Debriefs, and integration connection metadata in the default SwiftData store. Pressure Log entries and Coach Memory live in a separate encrypted journal store (SQLCipher AES-256, key wrapped by the Secure Enclave). Integration OAuth tokens live in Keychain.

In your iCloud (CloudKit private DB)

When iCloud sync is enabled, Dark Talent mirrors the default SwiftData store into your own Apple CloudKit private database. The data lives in your iCloud account, under your Apple ID. Dark Talent cannot read the contents of your private CloudKit database. You can disable CloudKit sync at any time.

On our infrastructure

Two narrow categories of data ever reach servers we operate or contract.

Subscription receipt validation, via a Cloudflare Worker. The Worker receives the App Store transaction ID, product ID, transaction timestamp, expiry timestamp, and an anonymized App Account Token. It does not receive your name, email, payment card details, device identifiers, or any personal information from your App Store account.

AI Coach API requests, via Anthropic. When you use AI Coach features that require cloud inference, Dark Talent constructs a prompt on your device, passes it through a local redaction step, and sends it to Anthropic's Claude API. Responses stream back and are stored locally on your device. We do not store the contents of AI requests or responses on our infrastructure.

6. Subscription and payment

Subscriptions are purchased and managed through Apple's In-App Purchase system. Apple processes your payment. We never see your card details, billing address, or Apple ID email. You can manage or cancel subscriptions at any time via Settings → Apple ID → Subscriptions on your device.

7. AI Coach data handling

The AI Coach is the most sensitive data path in the app. We treat it that way.

Before any prompt is sent to a cloud AI provider, it passes through an on-device redactor that strips email addresses, phone numbers, identifiable URLs, person names, API tokens, and credential patterns. Integration-derived raw payloads are replaced with normalized summaries.

The Coach can propose long-lived memory entries describing observed patterns in how you work. These live in the encrypted journal store on your device. You can view, edit, approve, archive, or delete every memory entry. You can also disable cloud AI entirely in Settings → Privacy → AI Provider.

8. MCP integrations

Dark Talent can connect to Apple Calendar, Notion, GitHub, Linear, Slack, and Gmail. Integrations are off by default. Connecting one requires you to complete an OAuth flow with the third party. OAuth tokens are stored in Keychain with device-only access; they are not synced to iCloud and not stored on our servers. The default permission level is read context only. Disconnecting an integration revokes the token and purges it from Keychain.

9. Crisis Mode

If the on-device safety classifier flags an entry as indicating possible self-harm or harm to others, Dark Talent shows a Crisis Mode screen with hardcoded helpline resources. The classification runs entirely on your device. The flagged content is not sent to Anthropic or any other cloud provider. We do not log, record, transmit, or count crisis events. Crisis Mode is a referral, not professional advice or emergency care.

10. Your rights and controls

You can exercise the following directly inside Dark Talent (Settings → Privacy): view what data is stored, export all data, delete a single entry, delete all journal entries, delete Coach Memory, delete all data, disconnect any integration, turn off cloud AI, toggle iCloud sync, and enable Face ID / Touch ID app lock.

If you are in the EEA, UK, or Switzerland, you have rights under the GDPR / UK GDPR to access, rectify, erase, restrict, port, and object to processing of your personal data. If you are a California resident, you have equivalent rights under the CCPA / CPRA. Because almost all personal data lives on your device or in your iCloud, you can exercise most of these rights through the in-app controls above. For data on our infrastructure (subscription receipts), write to the privacy contact.

11. Data retention

On-device and iCloud data is retained until you delete it, sign out of iCloud, or uninstall the app. Subscription receipts on our infrastructure are retained for the duration of your subscription plus a reconciliation window, then deleted. AI prompts at Anthropic follow Anthropic's policy; we have requested zero data retention on our account.

12. Security

HTTPS / TLS for all network calls. iOS and macOS sandboxing. Keychain with device-only access for OAuth tokens. SQLCipher AES-256 encryption for the journal store, with key material wrapped by the Secure Enclave. Face ID / Touch ID app lock. No third-party SDKs that could exfiltrate data. To report a vulnerability, write to the security contact.

13. Changes to this policy

We will revise this policy when we add features that change how data is handled. Material changes will be notified in-app before they take effect. Non-material changes (clarifications, typo fixes) take effect on the date noted at the top of this document.

14. Contact

For any question, request, or complaint about privacy, write to privacy@darktalent.app.