← Coffer

Privacy Policy

Last updated: May 2026

Coffer is a travel journal you keep on your iPhone. We built it the way we want our own apps to work: your trips, photos, and notes stay with you, and the only thing that leaves your device is anonymous usage analytics — described in full below.

What Coffer stores about you

Your trips, keepsakes, and photos are stored on your iPhone and, when you are signed into iCloud, in your own private iCloud container. We do not run a server that holds your content, and we do not show ads.

• Trips and Keepsakes — the trips you create, the souvenirs you log inside each trip (name, category, photo, location, notes, price). Stored locally via Apple's SwiftData.
• Photos you attach to a trip or keepsake — stored in the app's sandboxed file system. Photos never leave your phone.
• Precise location — only when you tap "Use current" while adding a keepsake. Used to fill in the city/country field. Not logged, not transmitted.
• Apple Sign-In identity — if you sign in with Apple, we store the credential identifier, your email address, and the name you provided to Apple. These live in your iPhone's Keychain and are used only to display your profile inside the app. We do not send them anywhere.

Analytics

Coffer uses Countly, a privacy-focused analytics tool we host on our own server — there are no third-party analytics or ad networks involved. It records anonymous, behavioural events (which screens and features are used, and the steps of flows like onboarding or purchase) so we can tell what's working.

• It is anonymous: we never attach your name, email, Apple ID, or any account to analytics, and we never put your content — trip names, notes, photos, or locations — into analytics events.
• A device-scoped identifier is used only to group one device's sessions. It is not the advertising identifier (IDFA), and it is not used to track you across other companies' apps or websites — so Coffer does not ask for tracking permission.
• The data is first-party and never sold or shared.

What Coffer does not do

• No ads, and no third-party advertising or marketing SDKs.
• No advertising identifier (IDFA); no cross-app or cross-site tracking.
• Your content is never sent to analytics or to any server we run.
• No data sold or shared with anyone.

iCloud sync

When you are signed into iCloud, Coffer syncs your trips and keepsakes across your devices using Apple's CloudKit. The data lives in your own private iCloud container — we cannot read it. It works automatically with your iCloud account; you can stop it by signing out of iCloud or turning off iCloud Drive for Coffer in iOS Settings.

Permissions Coffer asks for

• Camera — to photograph souvenirs / scan ticket stubs.
• Photo Library — to pick existing photos.
• Location (When In Use) — only when you tap "Use current" in the keepsake form.

You can revoke any of these from Settings → Coffer on your iPhone.

Deleting your data

Open the Profile tab and tap Erase Everything to wipe every trip, keepsake, and photo. Tap Delete Account for the same plus signing out of Apple and clearing your profile.

Uninstalling the app also removes everything stored locally.

Children

Coffer does not knowingly collect data from children under 13. The app has no social features, no chat, and no ads.

Changes

If this policy changes, the "Last updated" date above will change with it. Material changes will also be announced in the app's "What's New" section.

Contact

Privacy questions: atasaygin13@hotmail.com.