Workr — Privacy Policy

Effective date: 29 June 2026  ·  Last updated: 30 June 2026  ·  Version: 2.2

What changed in v2.1 (material update). Workr now offers an optional Workr Premium subscription (managed by RevenueCat) and optional cloud AI features (processed by OpenAI via the AIProxy gateway, only when you explicitly trigger them). This update discloses both. The app's core task management and iCloud sync remain zero-collection. See §3 and §7.
One-sentence summary. Workr stores your tasks and projects on your device and (optionally) in your own private iCloud account. The app's core collects no personal data and we run no servers that hold your task data. Two optional features rely on third parties: Workr Premium subscriptions are managed by RevenueCat, and cloud AI — which runs only when you explicitly trigger it — sends the specific task text you choose to process to OpenAI (see §3 and §7). If your jurisdiction grants you specific rights (GDPR, CCPA/CPRA, UK GDPR, KVKK, LGPD, PIPEDA, etc.), this policy honours them.
Contents
  1. Who we are (Data Controller)
  2. Scope of this Policy
  3. Data we collect — and what we don't
  4. Data stored on your device
  5. Cloud sync (Apple iCloud / Google Drive)
  6. Device permissions we request
  7. Third-party services
  8. This website (workr-pages)
  9. Children's privacy (COPPA / GDPR Art. 8)
  10. International data transfers
  11. Security
  12. Data retention
  13. Your rights
  14. European Economic Area / United Kingdom (GDPR / UK GDPR)
  15. California residents (CCPA / CPRA)
  16. Türkiye residents (KVKK)
  17. Other jurisdictions (LGPD, PIPEDA, APP, PIPL)
  18. Apple App Store & Google Play disclosures
  19. Do-Not-Track & Global Privacy Control
  20. Data breach notification
  21. Changes to this Policy
  22. Contact

1. Who we are (Data Controller)

"Workr" (the "App", "we", "our", "us") is an independently developed task-management application for iPhone, iPad, Mac and (where available) Android devices, published by:

Because Workr does not transmit personal data to any server we operate, we typically act as a data processor of zero personal data. For website visits (see §8) and any direct correspondence you send to us, we act as the data controller.

2. Scope of this Policy

This Policy covers:

This Policy does not cover Apple's iCloud, Google's account services, your mobile operating system, your network operator, or any other third party. Their practices are governed by their own privacy policies.

3. Data we collect — and what we don't

Workr is designed to collect as little as possible. Its core — task management and iCloud sync — is zero-collection. Two optional features involve third parties (subscriptions via RevenueCat; cloud AI via OpenAI) and are called out below and in §7. The table is authoritative.

CategoryCollected by Workr?Notes
Contact info (name, email, phone)NoNo account, no sign-up flow.
Identifiers (Apple ID, Google account, device ID, IDFA, AAID)NoWe do not request the IDFA / advertising identifier and do not link to any identifier.
User content (tasks, projects, notes)Stored on device onlyOptionally synced via your private Apple iCloud or, on Android, your private Google Drive App Folder (when that platform support ships). Never transmitted to us.
Usage data, analytics, telemetryNoNo SDKs for analytics or product instrumentation.
Crash logs / diagnosticsOnly if you opt in via OSIf you have enabled "Share with App Developers" in iOS/macOS Settings, Apple may share anonymous crash reports with us via App Store Connect. Disable any time in System Settings → Privacy & Security → Analytics & Improvements.
Location dataNoNo location permission is requested.
Contacts / Photos / Microphone / Camera / HealthKit / BluetoothNoNone of these permissions are requested or used.
Cookies, advertising IDs, tracking pixelsNoThe app contains no advertising and no analytics/tracking SDKs. It does embed the RevenueCat (subscriptions) and AIProxy (cloud-AI gateway) SDKs — see §7. Neither is used to track you across apps or websites.
Payment informationNo (handled by Apple)If you purchase a Workr Premium subscription, payment is processed entirely by Apple. We never see your card details. Subscription entitlement (active / not active) is managed by RevenueCat using your App Store receipt and an anonymous app-user ID — see §7.
Purchase / subscription dataYes — via RevenueCat (only if you use Premium)If you start, restore, or hold a Workr Premium subscription, RevenueCat processes your App Store transaction/receipt and an anonymous app-user ID to determine whether your subscription is active. No name, email, or card details. Used solely for app functionality (unlocking cloud AI), not for tracking. See §7.
Cloud-AI contentOnly when you explicitly trigger itWhen you tap a cloud-AI action (e.g. "improve title") as a Premium subscriber, the specific text you chose (a task title or selected list) is sent to OpenAI via the AIProxy gateway to generate the suggestion, then returned. We never send your full task database — only the item(s) you act on. On-device Apple Intelligence does not leave your device. See §7.
"Connect your Claude" task mirrorShared with third parties only if you enable itOff by default. If you turn on "Connect your Claude," a private copy of your task data (titles, notes, projects, priority, completion state — not photos) is stored in Google Firebase so your own Anthropic Claude can read and edit your tasks, with sign-in handled by WorkOS. Opt-in via an explicit consent screen and reversible at any time (Disconnect or Delete deletes the cloud copy). See §7.

4. Data stored on your device

Workr stores the following on your device only:

This data is held in a SwiftData / SQLite-compatible local store inside the app's sandbox. You can erase all of it instantly by deleting the app.

5. Cloud sync (Apple iCloud / Google Drive)

5.1 Apple iCloud (iOS, iPadOS, macOS)

When you are signed into iCloud on your Apple device, Workr uses Apple's CloudKit framework to sync your tasks and projects across your Apple devices. The data is stored in your private CloudKit database inside your personal iCloud account. The CloudKit container identifier is iCloud.com.asimcanyagiz.Workr.

5.2 Google Drive App Folder (Android — future)

If and when an Android version of Workr is distributed via Google Play, the same zero-collection principle will apply. The likely sync mechanism on Android is the Google Drive App Folder (a hidden per-app folder inside the user's own Drive that the app itself can read and write but other apps cannot). This means:

Until the Android version ships publicly, Sections 5.2 and other Android-specific references describe future intent and impose no obligations on you.

6. Device permissions we request

The current iOS / iPadOS / macOS version of Workr requests no runtime permission prompts. The app declares the following capability only:

If future versions add optional features that require permissions (for example, local notifications for due dates, or Calendar access for due-date import), the corresponding system prompt will appear at the moment you use that feature, and you may decline without losing core functionality. We will update this Policy and the platform store listings before such a feature ships.

7. Third-party services

Workr contains no advertising, analytics, A/B-testing, social-login, or crash-reporting SDKs that we operate. Its everyday use integrates two third-party services (RevenueCat, OpenAI via AIProxy). One further optional, off-by-default feature — "Connect your Claude" — shares task data with additional third parties (Anthropic, Google Firebase, WorkOS) only if you enable it. Each is for a single, user-facing purpose:

On-device Apple Intelligence features (on supported devices) run entirely on your device and send nothing to us or any third party. The remaining external services are the platform services provided by Apple (and, on Android when applicable, Google) plus your operating system itself.

For website visits, see §8.

8. This website (workr-pages)

The pages at the GitHub Pages site associated with the workr-pages repository are static HTML. We do not set any first-party cookies, run any analytics, or load any third-party scripts.

However, when you visit the site, GitHub Inc. (as the hosting provider) automatically processes standard server log information (IP address, user-agent, requested URL, timestamp) for security, abuse prevention, and operational purposes. GitHub's practices are governed by the GitHub General Privacy Statement and the GitHub Privacy Statement. We do not receive these logs.

9. Children's privacy (COPPA / GDPR Art. 8)

Workr is rated 4+ on the App Store and is suitable for all ages, including children. Because Workr collects no personal data from any user, no special children's data is collected either. We do not knowingly collect personal data from children under the age of 13 (United States) / 16 (European Economic Area, depending on the Member State) / the equivalent local age threshold. If you are a parent or guardian and believe your child has somehow provided us with personal data (for example by emailing us), please contact meycasim@icloud.com and we will delete it immediately.

10. International data transfers

Because we collect no personal data ourselves, no international transfer is performed by us. The cloud sync providers (Apple, optionally Google) may transfer your own data internationally in line with their own policies. Apple relies on the EU Standard Contractual Clauses for EU-to-US transfers; Google relies on the EU-US Data Privacy Framework and SCCs. We are not a party to those transfers.

11. Security

No system is perfectly secure. By using Workr, you acknowledge that no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

12. Data retention

13. Your rights

You have the following rights with respect to any personal data you provide to us by emailing us, or that may exist about you in our records (which is typically nothing more than the email thread itself):

To exercise any right, email meycasim@icloud.com from the address you originally used. We respond within 30 days, extendable by a further 60 days for complex requests as permitted by GDPR Art. 12(3).

14. European Economic Area & United Kingdom (GDPR / UK GDPR)

If you are in the EEA, the United Kingdom, or Switzerland, the following applies.

15. California residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (as amended by CPRA) gives you specific rights. In the 12 months preceding the effective date of this Policy:

You have the right to know, delete, correct, and limit the use of any personal information, and the right to non-discrimination for exercising these rights. Authorised agents may submit requests on your behalf with appropriate proof. Contact meycasim@icloud.com.

16. Türkiye residents (KVKK)

6698 sayılı Kişisel Verilerin Korunması Kanunu ("KVKK") kapsamında veri sorumlusu sıfatıyla yukarıda belirtilen geliştirici görev yapmaktadır. Workr uygulaması, KVKK madde 3 anlamında bir kişisel veri işleme faaliyeti yürütmemektedir; yalnızca cihazınızda yerel olarak veri saklanmakta ve seçtiğiniz takdirde Apple iCloud veya Google Drive üzerinden senkronize edilmektedir.

KVKK madde 11 uyarınca, kişisel verilerinizin işlenip işlenmediğini öğrenme, işlenmişse buna ilişkin bilgi talep etme, amacına uygun kullanılıp kullanılmadığını öğrenme, yurt içi / yurt dışı aktarımlardan haberdar olma, düzeltilmesini isteme, silinmesini / yok edilmesini isteme, aktarıldığı üçüncü kişilere bildirilmesini isteme, otomatik sistemlerle analiz edilmesine itiraz etme ve kanuna aykırı işleme nedeniyle uğradığınız zararın giderilmesini talep etme haklarına sahipsiniz. Başvurularınızı meycasim@icloud.com adresine iletebilirsiniz. KVK Kuruluna şikâyet hakkınız saklıdır.

17. Other jurisdictions (LGPD, PIPEDA, APP, PIPL, etc.)

If you reside in Brazil (LGPD), Canada (PIPEDA), Australia (Australian Privacy Principles), India (DPDP Act), Japan (APPI), South Korea (PIPA), South Africa (POPIA), or mainland China (PIPL), this Policy is intended to satisfy the substantive transparency and data-subject-rights requirements of your local regime. Where local law affords you a stronger right than this Policy describes, that local right prevails. Contact us to exercise it.

18. Apple App Store & Google Play disclosures

18.1 Apple App Store — "Privacy Nutrition Labels"

Workr's App Store privacy label reflects the limited data the optional features involve, and nothing more:

For users who do not enable "Connect your Claude," all core task data remains "Data Not Collected" — it never leaves your own iCloud. No data is used to track you across other companies' apps or websites. If any of this changes, we will update the label and this Policy before the affected build is reviewed.

18.2 Google Play — "Data Safety" section

When Workr is distributed on Google Play, the Data Safety section will declare: no data collected, no data shared with third parties, data encrypted in transit, and (subject to platform support) users can request data deletion by deleting the app or contacting us. We will update the disclosure if any of these change.

19. Do-Not-Track & Global Privacy Control

Workr does not track you across apps or websites, so DNT and GPC signals have no impact on the app. This website (§8) does not deploy tracking, so DNT / GPC signals received here also produce no behavioural change — there is no tracking to suppress.

20. Data breach notification

In the unlikely event of a personal data breach affecting any data we hold about you (typically: an unauthorised disclosure of an email thread you sent us), we will notify the relevant supervisory authority within 72 hours where required by GDPR Art. 33, and we will notify you without undue delay where required by Art. 34, by the equivalent CCPA / CPRA provisions, by KVKK madde 12/5, or by any other applicable law.

21. Changes to this Policy

We may update this Policy from time to time. The "Last updated" and "Version" fields above will always reflect the current revision. Material changes (any change that broadens our data collection, narrows your rights, or changes the legal basis for processing) will be highlighted at the top of this document for at least 30 days and noted in the next App Store / Google Play release notes. Continued use of Workr after a material change becomes effective constitutes acceptance of the revised Policy.

A change log of all previous versions is maintained in the git history of the workr-pages public repository.

22. Contact

Privacy questions, data subject requests, supervisory-authority enquiries, or general feedback: