Privacy Policy
Stash is built on a single rule: your screenshots are yours, and they don't leave your phone. This policy explains, in plain English, what that means in practice.
On this page
1. The short version
Stash auto-organizes the screenshots already in your Photos library using on-device machine learning. Everything runs locally on your iPhone. We do not run servers that process your screenshot content, we do not have user accounts, and we do not track what you read, search, or save.
The personal data Stash interacts with is whatever lives in your Photos library — which stays on your device — plus a small amount of pseudonymous diagnostic and usage data collected through Google's Firebase SDKs to keep the app stable and improve it. That diagnostic data never includes your screenshot content, OCR text, board names, or search queries (see §3 and §7).
2. What runs on your device
All of the following happens entirely on your iPhone, never on a server we control:
- Classification. Apple Vision and Core ML read text from each screenshot (OCR) and decide which category it belongs to (recipes, receipts, places, etc.).
- Search. Literal-text search runs against an on-device OCR index. No query is ever sent over the network.
- Personalization. When you re-categorize a screenshot, that correction is logged in local app storage and used to refine the classifier — on-device only.
- Sort decisions. Keep, delete, move-to-board — all stored in a local SwiftData database.
Stash does not require an internet connection to function. You can use the entire app in airplane mode.
3. What Stash collects (and doesn't)
3.1 Data Stash never collects
- The contents of your screenshots (pixels, OCR text, visual embeddings).
- Your search queries.
- What boards you've created or what's inside them.
- What you've kept, deleted, or moved.
- Your name, email, phone number, contacts, or any other identifier.
3.2 Data Stash may collect
To keep Stash stable and understand which features are useful, the app uses Google Firebase. The data below is pseudonymous — it is not linked to your name, email, or any identity you provide (we never ask for one), is not used to track you across other companies' apps or websites, and never includes the content of your screenshots:
- Product-interaction events (Firebase Analytics) — which screens you open and which actions you take (for example: "opened search," "completed onboarding," "started a subscription"), as non-content counts, durations, and labels. Never your screenshots, OCR text, board names, or search terms.
- Crash diagnostics (Firebase Crashlytics) — stack traces, device model, and OS version when the app crashes, so we can fix it.
- Performance data (Firebase Performance Monitoring) — anonymous timings such as app launch and screen-render duration.
- A pseudonymous app-instance identifier generated by Firebase to group the events above for one install. It is not your Apple ID, not your device's advertising identifier (IDFA), and cannot be used to contact you.
This data is processed by Google as our service provider under Firebase's privacy and security terms. Apple also provides us aggregate App Store metrics (installs, app launches, basic device metadata) that you can limit in iOS Settings → Privacy & Security → Analytics & Improvements.
4. How Stash uses your Photos library
Stash requests read-write access to your Photos library. Here's why each permission level matters:
- Read. Stash filters your library for screenshots (using Apple's
PHAssetscreenshot subtype) and reads each one to classify it. No screenshot is copied out of Photos into our app — we only store a reference (Photos' internal identifier) plus the metadata Stash generates on-device. - Write. If you ask Stash to hide a screenshot from Photos Memories or delete one, we need write access to make that change in Photos itself. We never modify a screenshot's pixels.
You can downgrade this to read-only access in iOS Settings → Privacy & Security → Photos → Stash. The hide/delete features will stop working; everything else still works.
5. Subscriptions and the App Store
Stash sells optional Pro subscriptions and a lifetime upgrade through Apple's In-App Purchase system. We never see your payment information — Apple handles billing.
Apple shares with us anonymous transaction state (active subscription, expired, refunded). We use that state only to unlock Pro features inside the app. Apple's own privacy policy governs how they handle your payment data.
6. Notifications
Stash can send local notifications: a weekly wrap-up, optional sort reminders, trial-milestone reminders during a free trial, and an occasional win-back reminder if your Pro access lapses. These are scheduled locally on your device — they're not pushed from a server we control, and no notification content is ever transmitted.
All notification types are off by default (except trial milestones during an active trial), opt-in, and individually toggleable in Settings → Notifications.
7. Third-party services
Everything that touches your screenshot content runs through first-party Apple frameworks, entirely on-device. None of them send your content anywhere:
- Apple Vision (OCR + image classification)
- Core ML (on-device model inference)
- PhotoKit (Photos library access)
- StoreKit 2 (In-App Purchases)
- UserNotifications (local notifications)
- SwiftData (local on-device database)
The one third-party service Stash uses is Google Firebase, strictly for the pseudonymous, content-free diagnostics and product analytics described in §3.2:
- Firebase Analytics — non-content product-interaction events
- Firebase Crashlytics — crash diagnostics
- Firebase Performance Monitoring — anonymous app-performance timings
- Firebase Remote Config — lets us adjust in-app settings (such as feature flags) without an update; it sends configuration to your device and does not collect your content
Beyond Firebase, Stash integrates no advertising SDK and no attribution SDK. There are no tracking pixels, no fingerprinting, no cross-app or cross-site tracking, and no use of the identifier for advertisers (IDFA). We do not sell your data, and we do not use it for advertising.
8. Children's privacy
Stash is not directed at children under 13 and we do not knowingly collect data from children under 13. Because Stash does not collect personal information at all, there is nothing about a child user that Stash would receive or store on a server.
9. Changes to this policy
If we materially change how Stash handles data, we'll update this page and bump the "Last updated" date at the top. Significant changes will also be surfaced in the app on next launch. We won't quietly start collecting data we previously said we wouldn't.
10. Contact
Stash is published by Define Solutions, based in Lviv 79000, Ukraine — the data controller for the data described in this policy.
Questions about privacy, or want to exercise a data right? Email contact@definesolutions.co. Real human, replies in 1–2 business days. You can also delete all Stash data from your device at any time (see below), which removes everything stored on-device instantly.
You can also delete all Stash data from your device at any time via Settings → Delete all Stash data inside the app. That wipes the local database, classification history, and any cached state — instantly, on-device.