Privacy and security

Local-first is a product boundary, not a slogan.

EEG TraceLab is built around local storage, anonymised metadata, no advertising tracking, and explicit control over what users import, export, share, or delete.

This page explains the product privacy model in plain language. It complements, but does not replace, the formal Privacy Policy and Terms.

Read Privacy Policy Read Terms

LocalAnonymiseSupportManifest

Tracking falsePrivacyInfo.xcprivacy

Feedback onlyCollected data declaration

LocalRaw EDF files by default

Local-first storage

Imported recordings and derived work stay on device by default.

By default, EEG TraceLab does not upload raw EDF files, analysis results, workspace data, or exports to developer servers.

Local-first processing and storage

No raw EDF cloud upload by default

No advertising tracking

No third-party advertising SDKs

No sale of personal data

User controls imported, exported, shared, and deleted files

Anonymisation

The local library is built around safer recording metadata.

Identifying EDF header fields are rewritten before the recording is saved into the app library, and app metadata stores anonymised IDs and safe user-facing labels.

Automatic EDF header anonymisation on import

Exact original EDF start date/time is not retained in app metadata

Original file names are stored only as a SHA-256 hash where applicable

User-entered recording names and notes are sanitized to reduce PHI-like content

Raw EDF samples and raw EDF headers are not mutated by preprocessing

Payments and support

External data flows are narrow and intentional.

Apple handles payments and subscriptions. If users contact support or use the in-app Send Feedback form, the user-provided message, contact email, iOS version, and device model are used for customer support, debugging, and product feedback.

Apple StoreKit and the App Store handle subscription payment processing

EEG TraceLab does not receive full payment card numbers or payment credentials

In-app feedback sends only contact email, feedback message, manually entered iOS version, and manually entered device model

The app does not automatically attach app version/build, bundle identifier, timestamp, workspace data, recording metadata, analysis results, exports, raw EDF files, or local attachments to feedback submissions

Do not include names, patient IDs, raw EDF content, medical records, or personal health information unless intentionally choosing to do so

Privacy manifest

Current iOS privacy manifest summary.

The current PrivacyInfo.xcprivacy declares tracking false, tracking domains empty, collected data for optional in-app feedback, and required-reason API access for UserDefaults and file timestamps.

NSPrivacyTracking: false

NSPrivacyCollectedDataTypes: Email Address, Customer Support, and Other Diagnostic Data for optional user-submitted feedback

NSPrivacyTrackingDomains: empty

UserDefaults reason: CA92.1