Privacy and data handling
Fill out App Privacy details honestly and handle user text responsibly — a legal and review requirement, not an afterthought.
Because DayOne sends journal text to a model API, you are handling personal content. Apple requires you to declare what data your app collects and how it's used, and to back it with a privacy policy. Getting this right is both an App Store requirement and simply the ethical baseline.
What DayOne actually does with data
- Journal entries are stored locally on device via SwiftData — they don't leave the phone unless the user taps Reflect.
- When the user taps Reflect, the entry text is sent to your proxy and then to the model provider to generate insights, and the result comes back. Be transparent that this happens.
- You are not building advertising profiles or selling data — declare that honestly (users notice and trust it).
The concrete tasks
- 1Write a short privacy policy (a model can draft it) and host it at a public URL — you'll need the link during submission.
- 2In App Store Connect — Apple's web dashboard for managing your apps — fill out the App Privacy questionnaire: declare that user content is sent to a third-party AI service to provide the feature, and whether it's linked to identity (for DayOne, it isn't — there are no accounts). You'll get access to App Store Connect in Module 8 after joining the Developer Program; it's fine to defer this step until then.
- 3Tell the user in-app, in plain words, that tapping Reflect sends their entry to an AI service. A one-line note under the button is enough and builds trust.
Draft a plain-English privacy policy for an iOS journaling app called DayOne. Facts: entries are stored locally with SwiftData; when the user taps 'Reflect', the entry text is sent over HTTPS to our backend proxy and then to Anthropic's API to generate a title/mood/reflection; we don't use accounts, ads, or analytics; we don't sell data. Keep it honest and readable, not legalese.
Apple actively checks that your App Privacy answers match what the app really does (they can see the network calls). Under-declaring is a fast path to rejection or removal. When in doubt, disclose more, not less.