legal

privacy

v1 · effective july 2026 · the plain-talk version is the only version
no account, no email, no phone number — an anonymous id is minted on your first launch.
your event content is end-to-end encrypted. we can't read it. not "we promise we won't" — can't.
no ads, no trackers, no analytics, no data sales. ever.
you can export everything or erase everything, anytime, from the app.

who we are

getit is a reminders app for iPhone. this policy covers the app and getit.so. questions: [email protected].

what we store

the server keeps the minimum it needs to sync your devices and run the board:

an anonymous identity — a random id and token created on your first launch. it lives in your iCloud Keychain, which is how your other iPhones pick it up. we never see your Apple ID, name, or email.

your events, sealed — titles, notes and icons are encrypted on your phone before they sync. the server stores ciphertext; the key stays in your keychain. schedules (which days, what times) are stored readably so sync and streak math can work.

check-ins — which event, which day, on time or not, and your utc offset. that's the whole streak and xp math.

your handle, avatar and theme — the board shows handle + avatar only. handles are made up; leave your real name out of them.

friends & challenges, if you use them — friendships are id-to-id links; we never touch your contacts. challenge text is the one thing you write that the server can read — it has to render on the invite page you share. it's filtered for abuse wherever it shows publicly.

getit+ status — a signed note from Apple saying your subscription is active. payment details, card, billing address: all Apple's, never ours.

what we never collect

no location, no contacts, no photos, no microphone. no advertising id, no fingerprinting, no third-party sdks phoning home. notifications are scheduled on your phone — there are no push tokens. getit.so sets no cookies.

security

every write to the server is gated by App Attest — apple hardware vouching that the request comes from a real getit app on a real iPhone. transport is tls. tokens are stored hashed. event content is aes-gcm sealed with a key only your keychain holds.

where it lives

one small server in the us (railway, us-east) with daily backups. like any server, it sees your ip when the app talks to it; we use it for rate-limiting and abuse protection, not profiling, and it isn't attached to your stored data beyond short-lived server logs.

your controls

export my data (profile → export) hands you everything as json. erase everything wipes your server row and local data on all your devices — no undo. deleting the app does not erase you: your identity waits in your keychain so you can come back. if you want gone-gone, erase first, then delete.

kids

getit isn't directed at children under 13, and with no account there's nothing to sign up with. if you believe a child's data ended up on the board, write us and we'll erase it.

changes

if this policy changes, the new version lands here with a new date. we won't quietly widen what we collect — the architecture can't see your content in the first place.