Privacy Policy
The short version: We collect only what we need, we never sell your data, and we never share it with advertisers or use it for AI training. Most of our apps store data locally on your device.
1. Who We Are
GritWerk is an independent software development studio based in Chicago, Illinois. We build mobile apps and web tools including Muleline, Delivery Boss, Archifi, CoinLens, ShiftNote, and PromptLens. Our contact email is [email protected].
2. Information We Collect
We collect the minimum information needed to operate our services:
- Account information — when you create an account, we collect your email address and display name.
- Usage data — basic analytics such as feature usage and error reports to improve our apps. This data is aggregated and not tied to personally identifiable information.
- Payment information — when you make a purchase, payment is processed by Apple (via the App Store) or Stripe. We do not store your full payment card details. We may retain a record of the transaction amount and date.
- Content you create — photos, notes, and other content you upload or create within our apps. This content belongs to you.
- Support communications — if you contact us via email, we retain that correspondence to provide support.
For apps that operate entirely offline (ShiftNote, CoinLens, PromptLens), we collect no data beyond what you choose to send us directly.
3. Face Recognition Data (Archifi)
Archifi includes optional face recognition for grouping photos by person. This section explains how face data is handled.
- What we collect: When face recognition is enabled, Archifi detects faces in uploaded photos and generates a 128-dimensional numerical face encoding (a mathematical vector) for each detected face. A cropped thumbnail of the face region is also stored. No raw biometric templates or 3D face maps are created.
- How it is used: Face encodings are used exclusively to group photos by person, allowing users to browse their photo archive by the people in it. The face grouping is entirely automated and runs on the user's own server. There is no facial identification against external databases.
- Third-party sharing: Face data is never shared with any third party. Face encodings and face crop thumbnails are stored exclusively on the user's self-hosted server in a local SQLite database. No face data is transmitted to GritWerk, Apple, or any external service.
- Storage location: All face data resides on the user's self-hosted server. GritWerk does not have access to user-hosted data. The user has full physical control of the server where face data is stored.
- Retention and deletion: Face data is retained as long as the associated photos exist. When a user deletes a photo, the associated face embeddings and crops are deleted. Users can delete all face data for a specific person, clear all face data entirely via the app's settings, or delete data directly from their server's filesystem at any time.
4. What We Don't Do
- We do not sell your personal data to anyone.
- We do not share your data with advertisers or data brokers.
- We do not use your content or data to train AI or machine learning models.
- We do not embed third-party advertising SDKs in our apps.
- We do not engage in behavioral tracking or cross-app tracking.
5. Third-Party Services
We integrate with the following third parties, each with their own privacy policies:
- Apple App Store — handles in-app purchases and subscriptions for iOS apps. Subject to Apple's Privacy Policy.
- Stripe — handles payment processing for web-based purchases. Subject to Stripe's Privacy Policy.
We do not use Google Analytics, Facebook Pixel, or any other advertising or behavioral analytics platforms.
6. Data Storage
Data storage depends on which app you use:
- Local-only apps (ShiftNote, CoinLens, PromptLens) — all data is stored exclusively on your device. Deleting the app removes all data permanently.
- Server-backed apps (Muleline, Archifi) — your content is stored on our self-hosted servers located in the United States. Data is encrypted in transit (TLS) and at rest.
We retain account data for as long as your account is active. When you delete your account, we remove your data within 30 days.
7. Cookies
Our mobile apps do not use cookies. Our web apps use session cookies solely to maintain your logged-in state. These cookies expire when you sign out or close your browser. We do not use tracking cookies, advertising cookies, or persistent cross-site cookies.
8. Your Rights (CCPA / GDPR)
Depending on where you live, you may have the following rights regarding your personal data:
- Access — request a copy of the data we hold about you.
- Correction — ask us to correct inaccurate data.
- Deletion — request that we delete your account and associated data.
- Portability — receive your data in a machine-readable format.
- Opt-out of sale — we do not sell data, so this right is already satisfied by default.
To exercise any of these rights, email [email protected] with the subject line "Data Request." We will respond within 30 days. See our Data Deletion page for specific deletion instructions.
9. Children's Privacy
Our apps and services are not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at [email protected] and we will delete it promptly.
10. Our Apps
This policy applies to all GritWerk products:
- Muleline — self-hosted photo and file platform (iOS)
- Delivery Boss — driver messaging and route management (iOS, Android)
- Archifi — personal photo archive platform (iOS, macOS)
- CoinLens — coin tracking and portfolio management
- ShiftNote — shift notes and journal app
- PromptLens — AI prompt management tool
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or an in-app notice. Continued use of our apps after changes are posted constitutes acceptance of the updated policy. The "Last updated" date at the top of this page always reflects the most recent revision.
12. Contact
For privacy inquiries, data requests, or questions about this policy:
- Email: [email protected]
- Location: Chicago, IL, United States
13. SMS Communications
GritWerk and its client applications may send transactional SMS notifications to users who have opted in. This section describes how we handle phone numbers and SMS communications.
- What we collect: We collect phone numbers when you voluntarily provide them during account creation, booking, or by enabling SMS notifications in your account settings.
- Why we collect it: Phone numbers are collected solely to send transactional notifications such as booking confirmations, appointment reminders, service status updates, and account security alerts.
- Transactional use only: We do not use phone numbers for marketing, promotional, or advertising purposes. SMS messages are sent only in response to user-initiated actions or account events.
- No third-party sharing: Your phone number and SMS opt-in data are never sold, shared, or rented to any third parties, affiliates, or lead generators for marketing or promotional purposes. Your mobile information is not provided to advertisers, data brokers, or any external party.
- SMS provider: SMS messages are delivered through Twilio, our third-party SMS service provider. Twilio processes phone numbers solely to route and deliver messages on our behalf and is subject to Twilio's Privacy Policy.
- Opt-out: You may opt out of SMS notifications at any time by texting STOP to any message you receive from us. You will receive a confirmation and no further messages will be sent.
- Data retention: Phone numbers are stored as long as your account remains active. Upon account deletion or upon request, your phone number will be removed from our systems within 30 days. You may request deletion at any time by emailing [email protected].