Privacy

Privacy Policy

Last updated: June 10, 2026

StaffReader is built to need as little of your data as possible. There are no accounts. The app never asks for your name, email, or location. You can practice without an internet connection; the only things that ever leave your device are pseudonymous, aggregated diagnostics that help us fix crashes and understand which features get used. We do not sell or share your data, and we do not track you across other apps or websites.

Who we are

StaffReader ("we", "us") is an iOS app made by Alex Kazarez, an independent developer. For the purposes of data-protection law, we are the data controller for the limited information described below. You can reach us any time at [email protected].

The short version

  • No sign-up, no account, no password — nothing that identifies you personally.
  • Your learning progress and settings stay on your device. They are not uploaded anywhere.
  • The microphone is used only to hear the note you sing or play, live, on your device. Audio is never recorded, saved, or sent anywhere.
  • We collect pseudonymous, aggregated analytics and crash reports through two service providers (PostHog and Sentry) so we can improve the app.
  • Purchases are handled entirely by Apple. We never see your payment details.
  • No advertising, no ad SDKs, no cross-app tracking, no data sold.

What we collect, and what we don't

Stays on your device (never collected by us)

  • Your progress — current stage, notes practiced, accuracy and speed per note, streaks, and practice history.
  • Your settings — clef choice, input mode, sound and notification preferences, note-naming style.
  • Your purchase/unlock state.

All of this is stored locally on your device only. There is no cloud account and no iCloud sync of this data.

Collected pseudonymously (leaves the device)

To keep StaffReader stable and to understand which features help people learn, we collect a small amount of pseudonymous, aggregated data through the two processors below. None of it includes your name, email, contacts, or precise location, and none of it is tied to a personal identity. A random, app-generated identifier is used so events from one install can be counted together — it is not linked to your name, email, or any contact detail; it is a random identifier that persists for the lifetime of the app install.

Product analytics — PostHog

In-app events such as an onboarding step viewed, a stage advanced, the paywall shown, or a purchase completed (a yes/no purchase signal — no amount, no payment details) — plus standard usage signals the analytics tool records automatically, like app installs, opens and updates and which screens you move between. These tell us which parts of the app are used and where people get stuck. No free-text and no personal data are sent. Hosted in the United States. See PostHog's privacy policy.

Crash & performance diagnostics — Sentry

If the app crashes or runs poorly, Sentry sends us a crash report and basic performance diagnostics (such as device model, OS version, app version, memory and frame-rate data via Apple's MetricKit). This helps us find and fix bugs. Crash reports carry the same random per-install identifier as our analytics so we can match a crash to the usage pattern that led to it — this links two pseudonymous records, never a person. IP addresses are not stored. Session diagnostics that capture screen activity are currently turned off; if we ever enable them to reproduce a hard-to-find bug, all on-screen text and images are masked, and we will update this policy before that feature is ever switched on. Hosted in the United States. See Sentry's privacy policy.

Purchases — Apple

The one-time "Pro" unlock is processed by Apple through the App Store using StoreKit. Apple handles the entire transaction; the app only receives a yes/no confirmation that the purchase is valid. We never see or store your payment information. Apple's handling of your purchase is governed by Apple's Privacy Policy.

What we never collect

  • Your name, email address, phone number, or contacts.
  • Your precise or approximate location.
  • Any recording of your microphone audio.
  • Any advertising identifier. There are no ads and no ad SDKs in the app.

The microphone

StaffReader's "Sing & Play" mode listens through your microphone so you can answer by singing a note or playing it on your instrument. The audio is analyzed live on your device to detect the pitch, and then discarded. It is never recorded, never stored, and never leaves your device. iOS will ask for your permission before the microphone is used, and you can turn that permission off at any time in the Settings app.

Why we're allowed to collect this (legal basis)

For users in the European Economic Area and the UK, our legal basis for the pseudonymous analytics and diagnostics above is our legitimate interest in keeping the app stable and improving it. Because this data is pseudonymous and minimal, it has little to no impact on your privacy.

How long we keep it

  • Analytics events (PostHog): retained by our analytics provider for as long as we operate the app; we use no more than the last 12 months for analysis, and you can request deletion at any time (see Your rights).
  • Crash & diagnostic data (Sentry): retained for up to 90 days.
  • On-device data: kept until you delete the app; removing the app removes it.

Sharing

We do not sell your personal information and we do not share it for cross-context behavioral advertising. The only parties that process data on our behalf are the service providers named above (PostHog, Sentry, and — for website email sign-ups only — Brevo), who act under contract and provide protections consistent with this policy and as required by Apple's App Store Review Guidelines. We may disclose information if required by law.

International transfers

Our analytics and diagnostics providers process data on servers in the United States. Where data of EEA or UK users is involved, these transfers rely on the providers' approved transfer mechanisms, such as the EU Standard Contractual Clauses and/or EU–U.S. Data Privacy Framework certification. Because the data is pseudonymous, the privacy impact of this processing is minimal.

Your rights

Depending on where you live, you may have rights to access, correct, or delete your personal data, to object to or restrict its processing (GDPR/UK GDPR), and to know about and delete personal information or opt out of its sale or sharing (CCPA/CPRA). Because StaffReader has no accounts and the data we collect is pseudonymous, we usually cannot link any of it to you specifically — but if you have a question or request, email [email protected] and we'll do our best to help. To stop all on-device data collection, simply delete the app.

To stop future analytics and crash reports, or to request deletion of data already sent to PostHog or Sentry, email [email protected] ("Data Deletion Request"). We will pass the deletion request to each provider; because the data carries no personal identifiers we may be unable to locate your specific records, in which case they expire under the retention periods above.

EEA and UK residents can also lodge a complaint with their data-protection authority (e.g. the UK ICO, ico.org.uk). We will not discriminate against you for exercising any privacy right.

Children

StaffReader's content is suitable for all ages. The app is not targeted at children, and we do not collect personal information from any user — so we collect none from children either. Children under 13 should use StaffReader with a parent's permission.

Our website

If you enter your email address on staffreader.app to join the TestFlight beta or get updates, we store it with Brevo (an email service provider) so we can send you what you signed up for — nothing else. Legal basis: your consent. We never share it for marketing, and you can unsubscribe via the link in any email or by writing to [email protected], and we'll delete it. See Brevo's privacy policy.

Changes to this policy

If we change how the app handles data, we'll update this page and the "Last updated" date above. Material changes will be reflected here before they take effect.

Contact

Questions about this policy or your privacy? Email [email protected].