SupportLearn More
Support

Privacy Policy

Updated April 11, 2025

Introduction

Your privacy is extremely important to us. Schema is an iOS app built with privacy by design: we do not track you, we do not collect personal information, and we strive to give you complete control over your data. This Privacy Policy explains in clear language how Schema handles your data, what little data is stored (all on your own device), how an optional sharing feature works, and how we comply with privacy laws like the GDPR and CCPA. We want you to understand our practices and feel confident that your information is safe with Schema.

In summary: Schema does not require any account or login, and we don't collect or send your personal data to our servers by default. All data you create in Schema stays on your device only. The only time any of your data leaves your device is if you choose to use the optional expiring link sharing feature (explained below), which temporarily uploads encrypted data that you select, and deletes it after it expires. We do not use any third-party analytics or advertising providers, so your usage of Schema is not tracked by anyone.

By using Schema, you can be confident that your privacy is protected. Below we detail our privacy practices in full.

No Data Collection or User Tracking

We do not collect any personal information from you when you use Schema. Our app does not request or track your name, email address, phone number, location, or any other personally identifiable information. In fact, Schema does not even have a sign-up or login—there is no account to create and no credentials needed to use the app.

We also do not gather any usage analytics, crash reports, or tracking data. We have intentionally chosen not to integrate any third-party analytics SDKs, advertising networks, or social media plugins. This means:

  • No Personal Identifiers: We never ask for your name, email, address, phone number, or any contact details.
  • No Location Data: Schema does not access your GPS or location.
  • No Usage or Analytics Data: We do not monitor how you use the app, the content you create, or any other behavioral metrics. There are no cookies or tracking technologies in Schema.
  • No Advertising: Schema does not display ads and therefore does not share any data with advertisers.
  • No Third-Party SDKs: We do not use Facebook, Google, or any third-party tools that would send your information to outside companies.

In short, Schema collects zero personal data by default. We cannot sell or share data that we never collect. We built Schema to operate entirely on-device for your privacy.

Your Data Stays on Your Device

All information and content you create or store in Schema resides locally on your iPhone/iPad, under your control. We use Apple's iOS Data Protection features to secure your data on the device. This means that your app data is encrypted at rest by the operating system (protected by your device passcode/Touch ID/Face ID). In practice, this provides strong security: only you (or anyone with access to your device unlocked) can view the data in Schema. We do not have any access to the data on your device, and nothing is transmitted to us during normal usage.

Because data is stored only on your device, if you delete the app, the data is deleted from your device as well. (If you have iCloud backups or device backups that include Schema's data, those are stored by Apple under their privacy and security policies — Schema itself doesn't transmit any data to cloud backups on its own, beyond what iOS does if you have backups enabled.)

We encourage you to keep your device secure (use a strong passcode and the built-in encryption) to protect the data you store in Schema. Rest assured that Schema itself will not send your data anywhere without your explicit action.

Optional Expiring Link Sharing Feature

Schema includes an optional feature that lets you share your data with others (or between your own devices) via an expiring link. This feature is completely voluntary and off by default – it only engages when you deliberately choose to generate a share link for some of your data. We designed this feature with privacy and security in mind. Here's how it works and what happens if you use it:

  • User-Initiated: You decide when to share data. Only the data you specifically choose to share will be prepared for the link. If you never use this feature, no data ever leaves your device.
  • Expiring Link: We generate a unique link (URL) that you can share. This link does not contain any of your personal information or any sensitive data itself – it's essentially a random identifier (and possibly an embedded key) used to retrieve the encrypted data. The link is like a key: anyone with it can access the encrypted data, so you should only share it with intended recipients. However, because the data is encrypted, even if someone unintended got the link, they would still need the decryption key (if it's not embedded in the link) to read the data.
  • User-Set Expiration: When you create the link, you choose how long it will last (for example, a number of minutes, hours, or days). The data will be available on our server only for that duration. After time is up, the link automatically expires and the data is deleted from our server. We irreversibly delete the encrypted data once the expiration time is reached. If you shared the link with someone, after it expires they will no longer be able to access the data.
  • Manual Expiry: You can manually invalidate (expire) a link at any time before its set duration ends, through the app. Doing so will immediately make the link unusable and trigger deletion of the data from our server. This gives you complete control — if you change your mind or sent the link in error, you can expire it early.
  • No Persistence: We do not keep your shared data on our servers beyond the expiration. It's not archived, not backed up, and not visible to any other services. Once expired, it's gone permanently. If you want to share it again later, you'd have to generate a new link (with new encryption).
  • No Credentials in Link: Importantly, the expiring link does not contain any database credentials, user identifiers, or sensitive keys that could compromise your data. It's designed so that only the random token (and encryption key) are used, which cannot be traced back to you or reveal the contents.

What we do not do with your shared data: We do not look at, use, or mine the data you temporarily upload. In fact, because it's encrypted, we couldn't read it even if we tried. The sole purpose of holding it is to enable you to share it with someone via the link you generated. We do not share that data with any third parties, we do not analyze it, and we don't use it for any secondary purpose. It remains your data entirely, just briefly stored on our server by your choice.

If you do not use the link sharing feature, no data is ever uploaded to us at all. If you do use it, the data you share is protected and short-lived. This feature is provided for your convenience, and we've built it to be as privacy-safe as possible.

Data Deletion and Retention

Because Schema by default does not store your personal data on any server, we have very minimal data retention considerations. Here's how data deletion works in the different scenarios:

  • On Your Device: All the data you create in Schema is stored on your device. You have the ability to delete any or all of that data from within the app at any time. If you no longer wish to keep any data, you can remove it (for example, by deleting entries or clearing the app's data). Uninstalling the Schema app will also remove all app-stored data from your device. (If you have device backups, those might contain data until those backups are deleted or overwritten.) We do not have any of your device-held data on our servers, so we cannot restore it if deleted, nor do we keep copies elsewhere. It's truly under your control.
  • Expiring Link Data: Any data you upload via the optional sharing feature is stored temporarily. You select the retention period when creating the link. Once the link expires or you manually expire it, the data is deleted from our server permanently. We do not retain archived copies. Even while the data is stored for the link's duration, it remains encrypted and is not accessible to our team. After deletion, it's unrecoverable. In short, the only data we ever hold on our servers is deleted automatically after its brief lifespan.
  • Metadata and Logs: We do not create personalized profiles or collect analytics, so we are not building any history tied to you. Our system might briefly log technical information (like server logs recording that a file was uploaded or downloaded, along with timestamps or an IP address) purely for maintenance and troubleshooting. However, these logs are not linked to your identity (since we don't know who you are) and are generally ephemeral. We only retain such logs for a short period to ensure the service works correctly, and then they are routinely purged. We do not keep log data long-term that could be used to piece together any form of “activity history” about you.

In summary, we keep user data only for as long as necessary to provide the service you request (if any). Once that purpose is fulfilled, the data is deleted. This approach not only protects your privacy but also helps us minimize risk, as there's no trove of personal data sitting on our servers.

No Third-Party Services or Sharing

Schema does not use any third-party services that would require sharing your information. We do not send your data to analytics providers, advertising networks, or data brokers. The app's functionality is self-contained, and any data processing is done on your device, not on remote servers managed by third parties.

  • No Third-Party APIs: We haven't integrated any third-party APIs (Application Programming Interfaces) into Schema that would transmit data outside. For example, we don't use Google Maps, social media logins, or cloud sync frameworks that might forward your data to another company. This means you're not unknowingly sending data to places like Google, Facebook, or others by using Schema.
  • No Selling or Renting Data: Because we don't collect personal data, we obviously do not sell, rent, or trade any personal information to anyone. In fact, even if we wanted to (which we absolutely would not), we have nothing to sell. Your data is yours alone.
  • No Sharing Without Consent: We will never share your information with a third party unless it's you initiating it (for example, you sharing a link with a friend – in which case that's not us sharing, it's you). We do not disclose data to advertisers, analytics companies, or law enforcement/government, except if we ever received a valid legal request. (It's hard to imagine, since we don't have user-identifiable data on hand. If authorities ask for user data, we can only provide them what we have, which is typically nothing beyond perhaps an encrypted file that even we cannot decrypt.)
  • Service Providers: The infrastructure for the optional link sharing (servers, data storage) is operated by us (Schema). We may use reputable cloud hosting providers to run this service securely (for example, a cloud server company), but any such provider acts as a data processor for us under strict contract. They are not allowed to access your data except to store it and make it available for retrieval via the link, and they must secure it. They also would automatically delete it as we instruct when it expires. We ensure any infrastructure we use upholds strong security and privacy practices. No service provider will ever use your data for their own purposes.

In short, Schema does not hand out your data to others. The only exceptions would be if you direct us to (like using the share link to send data to someone) or if we are legally compelled for some reason. Even in the latter case, because of our no-collection approach, we likely wouldn't have anything personal to divulge.

Data Security Measures

We take security seriously and implement measures to protect your information:

  • On-Device Security: As mentioned, all your Schema data on your iOS device is secured by iOS Data Protection. This is Apple's built-in encryption system that protects app data on the file system level. When your device is locked, data is encrypted and inaccessible without your passcode or biometrics. We follow Apple's best practices to ensure Schema's files receive the highest protection class available. In plain terms, as long as your device is secure, your Schema data is safe from prying eyes. Always use a strong passcode and keep your device software updated to benefit from the latest security enhancements.
  • Access Controls: The temporary data you upload can only be accessed through the exact expiring link (which includes a secure token). It's not publicly listed or findable without that link. This ensures that only people you share the link with (or you yourself) can retrieve the data. Our backend verifies the token and serves the file only if it's valid and not expired. Once expired or manually deleted, the link no longer works and the data cannot be retrieved.
  • No Sensitive Info in Links: The URLs generated for sharing are designed to be random and unguessable. They don't contain any meaningful info like your username (since you have none) or file names, etc. This prevents anyone from gleaning information just by seeing the link.
  • Internal Practices: Because we hold virtually no personal data, the risk of insider access is very low. Nonetheless, we restrict access to our systems to authorized personnel only, and we maintain logs of access to ensure no unauthorized access goes unnoticed. Our small team is trained in privacy and security practices.
  • Data Breach Procedures: We are committed to keeping your data safe. In the unlikely event of a security breach that compromises any personal data, we will follow all applicable laws in notifying users and authorities as required. Given that we store minimal data (and encrypted link data at that), a breach is statistically less likely and would have limited impact. Regardless, we have procedures ready to respond swiftly to any incident and mitigate any potential harm.

By using strong encryption and minimizing data collection, Schema drastically reduces the typical risks associated with data breaches or misuse. We aim to give you peace of mind that your data is safe with us.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we update the policy, we will change the “Last updated” date at the top of this document. For significant changes, we will do our best to notify you through additional means – for example, via an in-app notification or a message on our website – so that you can review the changes. However, we encourage you to periodically review this Privacy Policy whenever you have questions about how we protect your privacy.

Contact

We're here to help and answer any questions you might have about your privacy and our app. If you have any questions or feedback about this Privacy Policy, want to know what (if any) information we have about you, need help deleting something, or wish to exercise any of your rights under privacy laws, or have concerns about how Schema handles data, please don't hesitate to contact us at: support@tryschema.com

We will respond as promptly as possible. Privacy is core to Schema's mission, and we value the trust you place in us. If something isn't clear in this policy or you need further information, let us know and we will clarify.

Thank you for using Schema. We appreciate the opportunity to protect your data and provide you with a useful app without compromising your privacy.