Privacy Policy
Last updated: January 29, 2026
1. Introduction
Welcome to MeSober, a lifestyle habit-tracking application designed to help you track alcohol consumption and maintain healthy habits. We are committed to protecting your privacy and being transparent about what data we collect.
Privacy-First Design: MeSober is designed with privacy in mind. We do not require user accounts for basic features and do not collect email addresses or phone numbers. However, we do collect display names for the optional Friends feature, and we use analytics (PostHog) and crash reporting (Sentry) services to improve app quality and stability. We do not use advertising SDKs.
2. Data We Collect
2.1 Data Stored on Your Device and iCloud
Your primary app data is stored locally on your device using Apple's SwiftData framework and can optionally sync via Apple's iCloud (CloudKit):
| Data Type |
Description |
Storage Location |
| Daily alcohol units |
Number of alcohol units consumed each day |
Your device + iCloud (if enabled) |
| Personal notes |
Optional notes you add to entries |
Your device + iCloud (if enabled) |
| Entry dates |
Dates of your check-ins |
Your device + iCloud (if enabled) |
| Display name |
User-chosen name for Friends feature (optional) |
Your device + CloudKit shared zone |
| Friend relationships |
List of accepted friends and CloudKit share data |
Your device + CloudKit private/shared zones |
| Friend encryption keys |
Curve25519 public keys for end-to-end encryption |
iOS Keychain + CloudKit |
| Shared stats |
Last 7 days consumption, streaks, challenge status (shared with friends only) |
CloudKit shared zone (encrypted) |
| CloudKit user ID |
Stable identifier from Apple's CloudKit system |
Used for friend matching and analytics |
| App preferences |
Notification settings, onboarding status |
Your device only |
Your Control: iCloud sync is controlled by your device's iCloud settings. You can disable sync at any time in iOS Settings > [Your Name] > iCloud > Apps Using iCloud.
2.2 Data Stored on Our Server
We store minimal data on our server, only what is necessary for push notifications:
| Data Type |
Description |
Purpose |
| APNs device token |
A 64-character identifier assigned by Apple |
Required to send push notifications |
| Timezone |
Your timezone (e.g., "Europe/Madrid") |
To send reminders at 9:00 AM your local time |
Important: The APNs device token is not personally identifiable information. It is a random identifier that Apple assigns to your device for this app. It cannot be used to identify you, your location, or any personal details.
2.3 Data Processed but Not Stored
When you use the voice input feature:
- Your voice is transcribed to text on your device using Apple's Speech framework
- The text transcript is sent to our AI service (OpenAI or Groq) to extract alcohol consumption data
- The extracted data (dates and unit counts) is returned to your device
- The transcript is not stored on our servers - it is processed and immediately discarded
2.4 Photo Library Access
MeSober may request access to your photo library only for the optional "Sober October" feature, which allows you to:
- Select a personal image to customize your progress card
- Save generated progress images to your photo library for sharing
Photos are processed entirely on your device and are never uploaded to our servers.
2.5 Friends Feature and Social Data Sharing
How Friends Work
The Friends feature allows you to share your sobriety progress with other MeSober users through mutual consent. This feature is entirely optional.
Data Shared with Friends:
- Display name: A user-chosen name (does not have to be your real name)
- Current streak: Your current consecutive sober days
- Last 7 days consumption: Recent alcohol unit data (not full history)
- Active challenge participation: Whether you're participating in challenges
- Last check-in timestamp: When you last logged data
- CloudKit user record ID: A stable identifier from Apple's CloudKit system
How Friend Sharing Works:
- CloudKit-based: All friend data is managed through Apple's CloudKit infrastructure, not through our backend server
- Request/approval system: Both parties must approve before any data is shared
- End-to-end encryption: Shared data is encrypted using Curve25519 key agreement protocol
- Encryption keys: Stored securely in iOS Keychain
- Limited history: Friends can only see your last 7 days of data, not your full history
- Storage location: Friend data is stored in CloudKit private and shared zones
Poke Feature:
- Allows friends to send friendly nudge notifications to encourage check-ins
- Transmits the sender's display name in the notification
- Rate-limited to one poke per friend every 6 hours to prevent abuse
- Delivered via CloudKit subscriptions (no backend processing)
Privacy Controls:
- You can remove any friend at any time, which immediately deletes all shared data
- Friend list is stored locally on your device
- You control who can see your data through the approval system
- If you delete the app, all friend relationships and shared data are removed
2.6 Data We Do NOT Collect
MeSober does NOT collect:
- Email addresses or phone numbers
- Real names (display names for Friends feature are user-chosen and optional)
- Precise location data (only timezone for notification scheduling)
- Advertising IDs (IDFA)
- Health data from Apple HealthKit
- Contacts or address book data
- Full drinking history in analytics (only aggregate statistics like streak counts)
- Voice recordings (only text transcripts are processed)
3. How We Use Your Data
- Push Notifications: We use your device token and timezone to send daily reminder notifications at 9:00 AM your local time
- Voice Processing: We process voice transcripts through AI to help you log alcohol consumption quickly
4. Third-Party Services
We use the following third-party services:
4.1 Apple Services
- Apple Push Notification Service (APNs): Delivers push notifications to your device
- CloudKit: Syncs your data across your Apple devices (optional, controlled by you)
- Speech Framework: Converts your voice to text on-device
4.2 AI Processing Services
- OpenAI or Groq: Processes voice transcripts to extract alcohol consumption data. Transcripts are sent via secure HTTPS connection and are not stored by our server.
Please refer to OpenAI's Privacy Policy and Groq's Privacy Policy for their data handling practices.
4.3 Analytics and Crash Reporting Services
Important: We use analytics and crash reporting services to improve app quality and stability. These services are enabled by default and cannot be disabled by users.
PostHog (Product Analytics)
Purpose: To understand how users interact with the app and identify opportunities for improvement.
Data Collected:
- Anonymous identifier: CloudKit user ID (if available) or device UUID as fallback
- Device information: App version, iOS version, device model, locale, timezone
- User properties: Number of friends, total check-ins, current streak, best streak, whether challenges are enabled, whether push notifications are enabled
- Behavioral events: App lifecycle (open, close, background), screen navigation, check-in creation, voice input usage, friend interactions, challenge participation
- What we DO NOT send: No personal identifiers (no email, name, phone number), no voice transcripts (only metadata like word count and duration), no detailed consumption amounts
Service Details:
- Provider: PostHog Inc.
- Server Location: EU region (https://eu.i.posthog.com)
- Data Retention: 90 days
- Privacy Policy: https://posthog.com/privacy
- Legal Basis (GDPR): Legitimate interest in improving app quality (Article 6(1)(f))
Sentry (Crash Reporting and Error Monitoring)
Purpose: To detect and fix crashes and errors before they affect more users.
⚠️ Important: Session Recording
Sentry records video-like replays of your app interactions only when errors occur. This happens for 100% of sessions with crashes or errors to help us understand what led to the problem. Normal sessions without errors are NOT recorded. These recordings capture your interactions within the app (taps, scrolls, navigation) but do NOT capture sensitive data like voice transcripts or passwords. Recordings are stored for 90 days and used solely for debugging purposes.
Data Collected:
- Crash logs and stack traces: Technical details about app crashes
- Screenshots: Full app screen capture at the time of crash. Warning: This may include any personal data visible on your screen at that moment, such as your check-in history, friend names, or notes. Screenshots are automatically captured to help us debug visual issues and are retained for 90 days.
- View hierarchy: UI element structure at crash time
- IP addresses: Your device's IP address is collected to help identify region-specific bugs. IP addresses are anonymized and not used for tracking or profiling.
- Device information: Device model, iOS version
- Performance data: CPU usage, memory usage, performance traces
- Session replays: Video-like replays of user interactions recorded when errors occur
- Error logs: Only error-level logs (debug logs are filtered out)
Service Details:
- Provider: Sentry (Functional Software, Inc.)
- Server Location: Germany (EU)
- Data Retention: 90 days
- Privacy Policy: https://sentry.io/privacy/
- Legal Basis (GDPR): Legitimate interest in app stability and security (Article 6(1)(f))
Why We Use These Services:
- PostHog helps us understand which features users find valuable and which need improvement
- Sentry helps us detect and fix crashes quickly, often before users even report them
- Both services use EU-based servers to comply with GDPR requirements
- Both services provide aggregate insights without compromising individual privacy
5. International Data Transfers
Important for EU Users: When you use the voice input feature, your transcript may be processed by AI services located in the United States (OpenAI, Groq). These transfers are necessary to provide the voice extraction functionality.
We ensure appropriate safeguards for international data transfers:
- Voice transcripts: Processed by AI services in the United States (OpenAI, Groq), transmitted via encrypted HTTPS, processed in real-time and not stored
- Analytics data (PostHog): Processed in EU region only (https://eu.i.posthog.com)
- Crash reports (Sentry): Processed in Germany (EU) only
- Friend data (CloudKit): Stays in your Apple iCloud region, managed by Apple's infrastructure
- Push notifications: Device tokens stored on our EU-based server
- All data transmissions use encrypted HTTPS connections
- You can avoid US data transfers by using manual entry instead of voice input
6. Data Security
- All communication with our server uses HTTPS encryption
- Your health data (alcohol units) never leaves your device/iCloud except for encrypted friend sharing
- Friend data is encrypted end-to-end using Curve25519 ECDH + ChaCha20-Poly1305
- Encryption keys are stored securely in iOS Keychain
- CloudKit provides additional encryption for shared data in transit and at rest
- Server-stored data (device token, timezone) is stored in a secure database
- We do not share your data with advertisers or data brokers
- Analytics and crash reports are anonymized and cannot be traced back to you personally
7. Data Retention
- Device/iCloud data: Retained until you delete it or uninstall the app
- Friend data: Retained until you remove the friend or delete the app (immediate deletion)
- Friend encryption keys: Stored in iOS Keychain until app deletion
- Push notification token: Retained until you disable notifications, uninstall the app, or request deletion
- Voice transcripts: Not retained - processed and immediately discarded
- Analytics events (PostHog): Retained for 90 days, then automatically deleted
- Crash reports (Sentry): Retained for 90 days, then automatically deleted
8. Your Rights Under GDPR
If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:
| Right |
Description |
How to Exercise |
| Access |
Know what data we have about you |
Contact us via email |
| Rectification |
Correct inaccurate data |
Edit entries in the app |
| Erasure |
Delete your personal data |
Use in-app "Delete All Data" button |
| Restrict Processing |
Limit how we use your data |
Disable notifications in app settings |
| Data Portability |
Export your data in a portable format |
Use "Export Data" in app settings |
| Object |
Object to processing of your data |
Contact us via email |
To exercise any of these rights, you can use the in-app features or contact us at [email protected].
9. Your Privacy Choices
9.1 Friends Feature
The Friends feature is entirely optional:
- To avoid sharing data: Simply don't set up a display name or accept friend requests
- To remove a specific friend: Open the Friends list, select the friend, and tap "Remove Friend"
- To remove all friends: Go to Settings > Friends > Remove All Friends
- Removing friends immediately deletes all shared data and encryption keys
9.2 Analytics Collection
Analytics (PostHog): We collect anonymous usage data to improve the app. This collection is based on legitimate interest under GDPR Article 6(1)(f). The data collected is anonymized and cannot be traced back to you personally. We do not collect personal identifiers, voice transcripts, or detailed consumption amounts.
Your Right to Object
Under GDPR Article 21, you have the right to object to analytics processing. To exercise this right:
- Email [email protected] with subject line "GDPR Objection - Analytics"
- Include your CloudKit user ID (visible in Settings > About) or describe your device
- We will manually disable analytics for your identifier within 7 business days
- Note: Objecting may reduce our ability to fix bugs affecting you specifically, as we won't be able to see error patterns from your device
9.3 Crash Reporting
Crash Reporting (Sentry): Crash reports are necessary for app stability and security. This collection is based on legitimate interest under GDPR Article 6(1)(f). Crash reports help us detect and fix critical issues before they affect more users. All crash data is processed in the EU and retained for only 90 days.
Your Right to Object
Under GDPR Article 21, you have the right to object to crash reporting. To exercise this right:
- Email [email protected] with subject line "GDPR Objection - Crash Reporting"
- We will provide instructions for blocking crash reports via device configuration
- Warning: Disabling crash reports means we cannot help debug issues you experience, and critical bugs affecting you may go unnoticed
9.4 Voice Input
Voice input is optional:
- You can choose to use manual entry instead of voice input
- Voice input requires microphone permission, which you can revoke at any time in iOS Settings
- Using manual entry avoids sending any data to AI services
9.5 Push Notifications
Push notifications are optional:
- You can disable notifications in the app's Settings
- Disabling notifications removes your device token from our server
- You can also manage notification permissions in iOS Settings
10. Data Deletion
Easy In-App Deletion
You can delete all your data directly from the app:
- Open MeSober
- Go to Settings (gear icon)
- Tap "Delete All Data"
- Confirm the deletion
This will delete all your local data, remove data from all iCloud-synced devices, and unregister your device from our notification server.
11. Age Requirement
This app is rated 17+ and intended for adults only.
MeSober is designed for tracking alcohol consumption, which is a regulated substance for adults. The 17+ age rating reflects:
- Content related to alcohol consumption tracking
- The app's purpose of helping adults monitor their drinking habits
- Compliance with App Store guidelines for alcohol-related content
We do not knowingly collect data from anyone under 17 years of age. If you are a parent or guardian and believe your child has used this app, please contact us to request data deletion.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.
13. Contact Information