Sure, here you go:
The App Store basically discriminates between data that we have access to that can be traced back to you and data that can’t, i.e. data that has been anonimized.
Contact Info - Optional
Email: If you decide to create an Agenda account using an email+password combination we can link your email address to you. An email address is the only thing we require for creating an Agenda account. Also when filing crash reports you can choose to include your email address.
Note: you will always have to explicitly opt-in to our newsletter emails.
Name: If you decide to create an Agenda account (optional) and add your name to your profile (optional), then we can link your name to your account, i.e. you.
User identifier: When you start using Agenda we create a user identifier for you, which is nothing more than a random string of characters. This identifier is used to register you with our server so we can do the bookkeeping of any premium features purchased. Note that it doesn’t tell us who you are, this only becomes possible when you create an Agenda account using your personal email address.
Note: In terms of your personal data at most we will know your email address, and if provided explicitly in support, in the agenda community, your name. The exception is if you buy through Paddle instead of the Mac App Store, then you also provide your billing details.
Device identifier: For each device you run Agenda on we create a device identifier, again just a random string of characters. The only thing this device identifier can tell us is what kind of platform your run Agenda on, be it macOS or iOS/iPadOS. This is again used to determine whether you can unlock the premium features or not as we offer both a macOS+iOS and iOS-only option.
Diagnosis - Optional:
We optionally allow you to file a crash report (in the Vulcano dialog for the Agenda connoisseur). This greatly helps us fix crashes and making the app more stable. As part of the report you can, again optionally, include your email address and/or comments, which (obviously) allows us to link the report to you.
User Content - Optional
If you contact us for support you may decide to include user content like screenshots or exported notes to illustrate the issue you are reporting. Given you emailed us we can then link this content to you (duh!). This data is purely used in the context of your support request and never shared without your explicit permission.
Important: We never collect or store your notes on our server. Your notes in Agenda will always be stored in your personal iCloud or Dropbox account. Neither us, nor anyone else can access your notes.
Usage Data - Optional
If you decide to contact us from within Agenda by default we append a set of usage data into the email (linking it to you), which helps us in debug potential issues. For example, the number of devices you use, whether you use iCloud or Dropbox sync, etc. You can always delete this info from the email before sending it, and we don’t use this data for any other purposes than your support request.
Also, if you optionally file a crash report, the report might contain some limited amount of usage data as part of the report, again not used for anything else than diagnosing the cause of the crash. If you also provided your email, then this data is obviously linked to you.
Finally, if you decide to make use of the forum here in the agenda.community we can of course see how many posts you’ve written, likes you’ve given etc.
Important: Unless you create an Agenda account, or choose to contact us, we don’t collect any data linked to you.
Diagnostics - Anonymous
We collect anonimized usage statistics in the forum (how many people visited the forum etc), as well as the app (how many people started the app, the OS version and type of device distribution among users, etc. We cannot link any of this data to you specifically. This aggregated data helps us make decisions on future development of Agenda.
Tip: if you click on the boxes in the above images on the App Store pages you will get a lot more details about the pictograms and what exactly is being used for what purpose.
Now with that all out of the way, and while in general we believe it’s a good thing that Apple is doing this, I do find there are a few caveats which Apple should address:
It’s not at all clear or explained when something is optional. You need to indicate what we may collected, but as shown above most users won’t have anything collected if they don’t opt-in to certain things. Which means it can give the impression a lot more is collected than is the case really.
Apple doesn’t show all the data that Apple itself collects, which is a bit nasty. Of course you can argue that this is the same for all apps and therefore doesn’t warrant showing. But I don’t feel this is correct, as those developers that use 3rd party services might in essence not collect much more info than Apple does already, yet those developers that only use Apple’s services claim to have a “clean slate” and “not collecting anything”, which isn’t the case. Diagnostics (crash reports), performance metrics, etc are collected for all apps. Yes, they are anonimized and Apple in that respect does a great job, but as far as I’m concerned that should make them be listed under “Data not linked to you”.
Thanks for the detailed reply and the tips therein. I am convinced that the Agenda team takes data protection and privacy seriously.