Privacy
Plain-language detail on what each of our apps does with your data. Last updated 28 April 2026.
This page covers three apps: Stoic, BoringNews, and RemoteWeather. A shared section at the end covers things that apply to all of them.
Stoic
Account and identity
Stoic uses Sign in with Apple to gate access to the app. When you sign in, Apple gives the app an opaque user identifier and — only if you choose to share them — your name and email. All three are stored locally in the app on your device; none of them ever leave the device or reach our backend. There is no password to set or remember.
Our backend uses Apple's App Attest to confirm that requests come from a genuine copy of the app. App Attest identifies the device, not you — we never receive your Apple ID, name, or email address.
The attestation public key for your install is stored in a DynamoDB table in our AWS account
(region ap-southeast-2) along with a counter that prevents replay attacks. Each
row carries an expiry timestamp; if your device hasn't talked to our backend for
90 days, DynamoDB automatically deletes the row, so abandoned installs are
garbage-collected without you needing to do anything. Short-lived registration challenges
expire automatically too.
Data on your device
Your starred lessons, calendar entries, and reflections are held in your private iCloud database via CloudKit. Apple manages the encryption keys; we cannot read this data. Face ID, if you choose to enable it, is handled entirely by iOS — the secret never leaves your device.
AI reflections
If you ask the app for a reflection on a lesson, the system prompt, your typed message, and
any lesson text you've included are sent to Amazon Bedrock (using either Nova
Pro in ap-southeast-2 or Llama 4 Maverick in us-west-2). The
backend is stateless — neither your message nor the response is stored. Operational logs in
CloudWatch (without message bodies) are retained for 30 days.
What we don't do
No advertising, no analytics SDKs, no third-party tracking, no profile of who you are or what you've read.
Removing your data
Open Settings → Delete Account in the Stoic app to remove your local data, your encrypted lessons in iCloud, and your device-attestation record on our backend in one step. Each device is treated separately — repeat on every device you've used Stoic on. If you can't run that flow, the attestation record is automatically deleted after 90 days of inactivity. See the account deletion page for full details.
BoringNews
Account and identity
BoringNews uses Sign in with Apple. We store the opaque Apple User ID Apple gives us. If you choose to share your name and email at sign-in, those are stored in plaintext in our DynamoDB table. Session tokens expire automatically after 90 days.
What we store on the backend
On our AWS backend (region ap-southeast-2) we store, scoped to your account:
- The list of RSS feeds you've subscribed to.
- Articles fetched from those feeds, along with their classification results and your read/saved state. Articles are auto-deleted after 90 days.
- Your reading preferences (the free-text instructions you give to the classifier) and digest schedule.
- Your Apple Push Notification (APNs) device token, used to send you push notifications. Stored in plaintext until APNs reports it as no longer valid.
How AI classification works
For each article, the headline, up to about 800 characters of body text (occasionally up to
3,000 for longer pieces), the publication name, and your reading preferences are sent to
Amazon Bedrock Nova Lite (region ap-southeast-2). Bedrock returns
a "boring" headline, category tags, scores, a priority tier, a brief rationale, and a "story
slug" — a short identifier shared between feeds covering the same news event, used for
deduplication. These results are stored in DynamoDB alongside the article.
A consequence worth flagging: because the same event is given the same story slug across feeds, our backend can in principle infer when you've read multiple sources on a single story. We do not currently use this for anything beyond deduplication.
Push notifications
Push notifications are sent only for articles classified as Top Stories. The notification payload includes the boring title and a short summary, and is delivered through Apple's APNs. Apple sees the notification content, as it does for every iOS push.
Encryption
All connections between the app and our backend, between our backend and Bedrock, and to APNs use TLS 1.2 or higher. At rest, our DynamoDB tables and SQS queues use AWS-managed encryption.
Removing your data
To delete your BoringNews data — feeds, articles, preferences, device tokens, and session tokens — please use the support form with the subject "Delete my account". Mention the email address you used at sign-in. We process these manually.
What we don't do
No advertising, no third-party analytics, no resale of any data. We do not share any information with anyone outside the sub-processors listed below.
RemoteWeather
RemoteWeather is in development. This section will be filled in with full data-handling details before the app is released. If you have questions in the meantime, get in touch via the support form.
Things that apply to all our apps
Sub-processors
- Amazon Web Services — hosting, databases, and Amazon Bedrock for AI features.
- Apple — App Attest, Sign in with Apple, CloudKit, and APNs, depending on the app.
Children
Our apps are not directed at children under 13.
Your rights
You can request a copy of any data we hold about you, ask for it to be corrected, or ask for it to be deleted. Send any such request through the support form.
Changes to this policy
If we change this policy in a way that affects what we collect or how we use it, we'll update the date at the top of the page and, where appropriate, prompt you in the app. Earlier versions are available on request.
Contact
Use the support form for any privacy enquiry. Messages reach a real person.