Hi,
I checked the privacy policy for the Agenda app in the App-Store (see attached screenshot). Could you please explain, what do you need the different information for?
Sure, here you go:
The App Store basically discriminates between data that we have access to that can be traced back to you and data that can’t, i.e. data that has been anonimized.
Contact Info - Optional
Email: If you decide to create an Agenda account using an email+password combination we can link your email address to you. An email address is the only thing we require for creating an Agenda account. Also when filing crash reports you can choose to include your email address.
Note: you will always have to explicitly opt-in to our newsletter emails.
Name: If you decide to create an Agenda account (optional) and add your name to your profile (optional), then we can link your name to your account, i.e. you.
Identifiers
User identifier: When you start using Agenda we create a user identifier for you, which is nothing more than a random string of characters. This identifier is used to register you with our server so we can do the bookkeeping of any premium features purchased. Note that it doesn’t tell us who you are, this only becomes possible when you create an Agenda account using your personal email address.
Note: In terms of your personal data at most we will know your email address, and if provided explicitly in support, in the agenda community, your name. The exception is if you buy through Paddle instead of the Mac App Store, then you also provide your billing details.
Device identifier: For each device you run Agenda on we create a device identifier, again just a random string of characters. The only thing this device identifier can tell us is what kind of platform your run Agenda on, be it macOS or iOS/iPadOS. This is again used to determine whether you can unlock the premium features or not as we offer both a macOS+iOS and iOS-only option.
Diagnosis - Optional:
We optionally allow you to file a crash report (in the Vulcano dialog for the Agenda connoisseur). This greatly helps us fix crashes and making the app more stable. As part of the report you can, again optionally, include your email address and/or comments, which (obviously) allows us to link the report to you.
User Content - Optional
If you contact us for support you may decide to include user content like screenshots or exported notes to illustrate the issue you are reporting. Given you emailed us we can then link this content to you (duh!). This data is purely used in the context of your support request and never shared without your explicit permission.
Important: We never collect or store your notes on our server. Your notes in Agenda will always be stored in your personal iCloud or Dropbox account. Neither us, nor anyone else can access your notes.
Usage Data - Optional
If you decide to contact us from within Agenda by default we append a set of usage data into the email (linking it to you), which helps us in debug potential issues. For example, the number of devices you use, whether you use iCloud or Dropbox sync, etc. You can always delete this info from the email before sending it, and we don’t use this data for any other purposes than your support request.
Also, if you optionally file a crash report, the report might contain some limited amount of usage data as part of the report, again not used for anything else than diagnosing the cause of the crash. If you also provided your email, then this data is obviously linked to you.
Finally, if you decide to make use of the forum here in the agenda.community we can of course see how many posts you’ve written, likes you’ve given etc.
Important: Unless you create an Agenda account, or choose to contact us, we don’t collect any data linked to you.
Diagnostics - Anonymous
We collect anonimized usage statistics in the forum (how many people visited the forum etc), as well as the app (how many people started the app, the OS version and type of device distribution among users, etc. We cannot link any of this data to you specifically. This aggregated data helps us make decisions on future development of Agenda.
Tip: if you click on the boxes in the above images on the App Store pages you will get a lot more details about the pictograms and what exactly is being used for what purpose.
And to be complete, a link to our Privacy Policy and Terms of Service.
8 Likes
Now with that all out of the way, and while in general we believe it’s a good thing that Apple is doing this, I do find there are a few caveats which Apple should address:
-
It’s not at all clear or explained when something is optional. You need to indicate what we may collected, but as shown above most users won’t have anything collected if they don’t opt-in to certain things. Which means it can give the impression a lot more is collected than is the case really.
-
Apple doesn’t show all the data that Apple itself collects, which is a bit nasty. Of course you can argue that this is the same for all apps and therefore doesn’t warrant showing. But I don’t feel this is correct, as those developers that use 3rd party services might in essence not collect much more info than Apple does already, yet those developers that only use Apple’s services claim to have a “clean slate” and “not collecting anything”, which isn’t the case. Diagnostics (crash reports), performance metrics, etc are collected for all apps. Yes, they are anonimized and Apple in that respect does a great job, but as far as I’m concerned that should make them be listed under “Data not linked to you”.
9 Likes
Hi Alex,
Thanks for the detailed reply and the tips therein. I am convinced that the Agenda team takes data protection and privacy seriously.
Best regards
2 Likes
Amazon Cloud Services… One reason I chose to commit to Agenda was knowing I can trust my data/cloud storage with Apple. But I just read your privacy info and under the section entitled “Do we disclose any information to outside parties?” I was surprised to see Agenda’s host is Amazon Web Services (which was investigated last year by EU).
I know it’s a losing battle but anything Google, Amazon, and Facebook are red flags for me. My question is, how much of my personal content entered into Agenda does Amazon see/hold? I clicked on your link to their privacy policy but it says it doesn’t apply to third parties (Agenda?) so I’m unclear.
PN
1 Like
This is the most important part of the answer to your question:
In other words, your most important and private data is stored in containers that only you have access to. Be aware though, that even Apple uses (a mix of) Amazon Cloud Services, Microsoft Azure, Google’s cloud storage and possibly others to store its iCloud data, a little known fact.
Having said that, what we use AWS for is to run our license server on, which all it does is manage the unlocking of any premium features you buy and managing your login to the community. All that contains at most is your email address, we don’t collect any other personal information. Hope that helps.
This reply above is from a while ago, and it is worth expanding on our use of Amazon Web Services a little.
As stated, it is used for our license server, which stores a bare minimum of your data, basically just your email address. Our relatively new collaboration feature does store shared notes in AWS. This applies only to notes shared in a collaboration.
The data for the shared notes is encrypted on your device before upload, using keys that are not stored on Amazon. In other words, while there is data on AWS, Amazon can’t read that data. Nobody at Amazon has access to both the data and the encryption keys needed to access the contents.