DECAY PRIVACY POLICY
Effective date: 27 May 2026
DECAY is a subscription tracker for iPhone and iPad, operated by Aneesh Pradeep. We built DECAY around a simple principle: your subscription data is yours, and we should not need to see any of it. This policy explains exactly what data DECAY handles, where it lives, and what choices you have.
1. WHAT WE COLLECT
DECAY does not collect, transmit, sell or share personal data with us.
We do not run any analytics SDKs, advertising SDKs or third party trackers inside the app. Apple's App Privacy nutrition label for DECAY is Data Not Collected.
The information you enter inside the app, such as subscription names, amounts, billing cycles, notes, and usage logs, lives in two places only:
- On your device, inside the DECAY app's private container.
- Optionally in your own private iCloud database, if you are signed into iCloud and have iCloud Drive enabled. We never access this container ourselves. It is end to end protected by Apple between your devices.
2. AI FEATURES AND ANTHROPIC
Several DECAY features are powered by Anthropic's Claude model. These features include receipt parsing, cancellation email drafting, alternative finder, bundle overlap analysis, the Worth It decision helper, and plain language explanations of cost per use.
When you trigger any of these features, the text you provide and the relevant context from your subscriptions are sent to Anthropic's API for processing. Anthropic processes the request and returns a response. The data is handled per Anthropic's privacy policy, available at anthropic.com.
We do not log or store these requests on any DECAY server. There is no DECAY server.
Power users may add their own Anthropic API key in the app's AI Settings. If you do, that key is stored in your device's iOS Keychain and is never transmitted to us.
3. IN APP PURCHASES
DECAY uses Apple's StoreKit to process the one time Pro unlock. Apple handles the entire payment flow, receipt validation and entitlement state. We do not see your payment method, billing address or Apple ID. Apple's privacy policy applies to that transaction.
4. NOTIFICATIONS
DECAY sends only local notifications, scheduled on your device. We do not run a push notification server. Silent CloudKit pushes used for iCloud sync are arranged between Apple and your device and contain no DECAY content.
5. DATA RETENTION
Because we do not collect data, there is nothing for us to retain. Your subscription data stays on your device and in your iCloud container until you decide to delete it. Deleting the app removes all locally stored DECAY data. Removing the DECAY data from iCloud, from your iCloud Storage settings, removes the synced copy from Apple's servers.
6. YOUR RIGHTS
Under GDPR, UK GDPR, CCPA and similar laws, you have rights to access, correct, delete, and port the personal data a company holds about you. DECAY does not hold any personal data about you on our side. You can exercise those rights directly within the app: every record can be edited or deleted from the relevant screen, and the entire data set can be exported through Settings, Export Data, as CSV or JSON.
If you want to confirm that we do not hold data about you, email pradeep.aneesh@gmail.com and we will respond within 14 days.
7. CHILDREN
DECAY is rated 4+ but is not directed at children under 13. It contains no advertising or social features. We do not knowingly collect data from children. If you believe a child has shared information with us by mistake, contact us and we will help.
8. INTERNATIONAL DATA TRANSFERS
When you use AI features, the request you make is transmitted to Anthropic's processing infrastructure, which may be located outside your country. Anthropic provides appropriate safeguards including Standard Contractual Clauses where required.
9. SECURITY
DECAY relies on Apple's platform security: app sandboxing, file protection, the Keychain for any sensitive credentials, and CloudKit's end to end protected private database. We do not store credentials, payment data or other sensitive identifiers on our side because we do not run a server.
10. CHANGES TO THIS POLICY
If we ever change this policy we will update the Effective date above and publish the new version at this URL. For substantive changes that affect what data is processed, the in app About section will direct you here for review.
11. CONTACT
Questions, requests or complaints about privacy: pradeep.aneesh@gmail.com
Subject line tip: write "Privacy" so we route it quickly.