Our Promise
DailyVox is built so your private thoughts never leave your phone. There is no server. There is no cloud. There is no account. We don't collect data because there is no infrastructure to collect it with. This is privacy by architecture, not by policy.
What data DailyVox processes
- Voice recordings — captured when you tap the record button, stored locally in your app's sandboxed storage.
- Transcriptions — generated on-device by Apple's
SFSpeechRecognizerframework. Stored in Core Data on your device. - Mood & sentiment — detected on-device by Apple's
NaturalLanguageframework. Stored alongside the entry. - Digital Twin model — a personality model built locally from your entries. Lives in Core Data, encrypted at rest.
- Photos (optional) — up to 5 per entry, stored locally if you attach them.
Where your data lives
All data lives on your iPhone or iPad, in the app's sandboxed storage protected by iOS. The app's database is encrypted at rest with iOS Data Protection. When the device is locked, the data is mathematically inaccessible without your passcode or biometric.
Optional iCloud sync
If you enable iCloud sync in Settings → iCloud Sync, your entries sync between your own Apple devices via Apple's CloudKit. Your data is encrypted with your Apple ID — DailyVox cannot read it, and neither can Apple. This is end-to-end encrypted between your devices. iCloud sync is optional and disabled by default. The app works without it.
What we do NOT do
- We do not have servers that receive your data.
- We do not have user accounts.
- We do not include analytics SDKs (no Firebase, no Mixpanel, no Amplitude, no Segment).
- We do not include crash reporting SDKs (no Crashlytics, no Sentry).
- We do not include advertising SDKs (no IDFA collection, no attribution).
- We do not sell, share, or monetise your data — there's no mechanism to do so.
- We do not send your entries to OpenAI, Google, Anthropic, or any other cloud AI vendor.
AI processing
All AI features (speech recognition, sentiment analysis, named entity recognition, personality modelling) use Apple's built-in frameworks running on your device's Neural Engine. Specifically: SFSpeechRecognizer for transcription, NaturalLanguage for sentiment + named entities, Core ML for the Digital Twin model. None of this involves a network call. You can verify this with a packet capture tool (Charles, Proxyman, or mitmproxy) or by using DailyVox in airplane mode — all features work identically.
Permissions we request
- Microphone — required to record your voice. Used only while you're actively recording.
- Speech Recognition — required for on-device transcription.
- Face ID / Touch ID — optional, used only if you enable the App Lock feature.
- Photo Library — optional, requested only when you tap "Attach Photo."
- Notifications — optional, used for the daily reminder if you enable it.
- Health (read-only) — optional, requested only if you turn on Body Twin in Settings. Reads sleep, heart rate, HRV, steps, and mindful minutes so your Twin can understand what your body felt around each entry.
- Motion & Fitness — optional, used with Body Twin to tell whether you were moving when you recorded, so body signals are interpreted in the right context.
None of these permissions cause data to leave your device.
Health data
If you enable Body Twin, DailyVox reads a small set of Health data (sleep, heart rate, heart-rate variability, steps, mindful minutes) and motion-activity context on your iPhone only. Health data is processed entirely on-device: it is never uploaded, never synced by us, never shared with anyone, never used for advertising or marketing, and never sold — the app has no server to send it to. You review each body signal before your Twin learns from it, and you can discard any of them. Revoking Health access in the system Settings stops all reading immediately; deleting the app (or using "Delete All Data" in Settings) removes everything the Twin learned. Body data is stored in local files on your iPhone only — outside iCloud sync and explicitly excluded from iCloud device backups, as Apple's HealthKit rules require.
Photo storage
Photos you attach to entries are stored in your app's sandboxed storage with the rest of your journal data. They are never uploaded to a server. If you enable iCloud sync, photo attachments sync via Apple CloudKit alongside your text entries.
Data retention
Your data stays on your device until you delete it. There is no automatic retention policy — entries from your first day are kept identically to entries from yesterday. Delete individual entries via swipe-left in the Timeline view. To remove all data, uninstall the app. For iCloud data, manage it through your device's iCloud settings.
Encrypted backups
You can export password-protected encrypted backups of all your data via Settings → Export Data → Encrypted Backup. These use AES-256-GCM encryption with a key derived from your password via PBKDF2. The backup file is yours to store wherever you choose (we recommend a physical device you control).
Open source
The entire DailyVox codebase is published on GitHub under the MIT License: github.com/intrepidkarthi/dailyvox. Privacy claims should be verifiable, not just stated — anyone can read the source and confirm there are no network calls in the AI pipeline.
App Store privacy label
Apple's App Store privacy nutrition label for DailyVox reads "Data Not Collected." This is verified by Apple as part of the App Store review process and matches the architectural reality described above.
Changes to this policy
If we ever change our privacy model (which would require adding servers), we will: announce it in advance, give users the option to opt out, and update this page with the change date. The current page is the source of truth. Last updated: 2026-07-08 (added the Health data section for Body Twin).
Contact
Questions about privacy? Email hello@getdailyvox.com — Karthikeyan reads every message personally.
Verify it yourself
Don't trust the privacy claims — verify them. Use DailyVox in airplane mode. Run a packet capture. Read the open-source code. Privacy claims should be testable.
View source on GitHub