andros/org-social-ios
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
org-social-ios/PRIVACY.md
T
andros 51ae38a6c4 Add privacy policy and 6.5-inch App Store screenshots 
PRIVACY.md spells out that the app is a decentralized client: no
collection, no analytics, no third-party SDKs. Posts go to the user's
own vfile host and the relay sees only public post URLs. Required for
App Store Connect's privacy questionnaire.

The 6.5-inch screenshots are the 5.8/6.1/6.5-inch class size App Store
Connect accepts (1242x2688), resampled from the iPhone 17 Pro captures.
2026-04-28 22:01:28 +01:00

3.2 KiB
Raw Permalink Blame History

Privacy Policy

Last updated: 2026-04-28

Org Social for iOS ("the app") is a client for the Org Social protocol, a decentralized social network based on plain-text social.org files served over HTTP. The app is open source.

This document describes, in plain language, what the app does with data.

Short version

The app does not collect, store, or transmit any personal data to servers operated by the developer. There are no accounts, no analytics, no advertising, no tracking, and no third-party SDKs.

What stays on your device

The following information is stored locally in iOS preferences and the app's sandboxed file storage. It never leaves your device unless you explicitly publish a post:

  • The public URL of your social.org feed.
  • The vfile upload URL (which already contains its own authentication token) used to publish posts to your chosen host.
  • Application preferences (default language, preview-link toggles, relay URL, last-read positions, draft posts).
  • A local cache of feeds you read.

You can wipe all of this at any time by deleting the app from your device.

Where your posts go

When you publish a post, the app uploads your updated social.org file to the vfile host you configured in Settings. The developer does not operate any vfile host. You choose the server (for example host.org-social.org, your own domain, or any other Org Social host). What that host stores, retains, or makes public is governed by that host's own privacy policy, not this one.

social.org files are public by design: anyone with the URL can read them. Do not put information in your feed that you would not publish on a public web page.

The relay

The app reads timeline data from a public Org Social relay (default: https://relay.org-social.org). The relay is operated by a third party, not the developer. The app sends the relay only:

  • HTTP GET requests with public feed URLs and public post URLs in the query string, to fetch reply threads, reactions, and search results.
  • HTTP POST to /feeds/ to register your public feed URL with the relay so it discovers your posts.

The relay does not receive your vfile token, your device identifier, or any private content. You can change the relay URL or disable relay-backed features in Settings. See the relay's own documentation for its data-handling practices.

Third parties

The app does not embed any analytics, advertising, crash reporting, or tracking SDKs. No data is shared with third parties for marketing or profiling purposes.

External servers the app connects to are limited to:

  • The vfile host you configured (to upload your social.org).
  • The relay you configured (to read public timeline metadata).
  • The public URLs of feeds you follow (to read their social.org files).
  • Avatar image URLs referenced inside those public feeds.

All of these connections use standard HTTPS.

Children

The app is not directed at children under 13 and does not knowingly collect any data from them. There is no data collection at all.

Changes

If this policy changes, the new version will replace this document and the "Last updated" date above will be revised.

Contact

Questions about this policy: hi@andros.dev.

Reference in New Issue View Git Blame Copy Permalink