Pensieve - Privacy Policy

Statement of Data Stewardship

When you use Pensieve and entrust Pensieve with your data, we have a responsibility to treat you and your data with dignity and respect, and we take that responsibility seriously.

This statement describes how Pensieve fulfills the responsibility to be a good steward of data, specifically regarding the collection, use, storage, and protection of content you provide and data we collect.

Network Traffic

Pensieve is an iOS app, share extension, and service platform. The service platform consists of Pensieve services, data stores, and connections to third-party services. All communications between the Pensieve app and service platform, and between the Pensieve share extension and service platform, are performed using encrypted connections. All communications between Pensieve services, data stores, and third-party services are performed using encrypted connections.

Email Addresses

Because Pensieve is an app that you use to email yourself, Pensieve asks for your email address. After verifying that you’re the owner of the email address, Pensieve will send emails to that email address on your behalf when you use Pensieve.

In order to verify that you are the owner of the email address, Pensieve sends a verification code to the email address, which you must enter in the app. While awaiting verification, your email address is held in temporary storage on the Pensieve platform as a hashed value and is deleted if verification isn’t completed within a time limit.

After receiving the verification code, an account is created for you on the Pensieve platform. Your account does not contain your email address in human-readable plaintext form. Instead, your account contains a one-way hash of your email address. This one-way hash is used by Pensieve to verify that you’re the owner of the email address associated with the account. However, the hash itself does not allow anyone, including Pensieve developers, to know your email address or send email to it. This storage technique helps to protect your email address from being compromised should a data breach ever occur.

Adding destinations to your account, i.e. additional email addresses, follows the same process previously described for creating an account. New destinations awaiting verification are held in temporary storage, deleted if not verified quickly enough, and, once verified, are added to your account as one-way hashes. These hashes allow Pensieve to verify that you, and only you, are using Pensieve to send mail to your email addresses, but do not allow Pensieve developers, or anyone else, to see your email addresses.

When you remove a destination email address in the Pensieve app, the corresponding one-way hash of the email address in your account is deleted from storage on the Pensieve platform.

The only location where your email addresses are stored by Pensieve in plaintext form is on your iOS device.

Your email addresses are not given to any third-parties, except Pensieve’s email service provider, for the purpose of delivering email to you on your behalf when you use Pensieve.

Your email addresses are not used for advertising.

Email Content

Pensieve collects content that you provide in order to email that content to you. Email content includes data you explicitly provide through the Pensieve app and Pensieve share extension, such as text, audio recordings, photos, and images. Email content also includes data that you instruct Pensieve to collect and include in emails on your behalf, such as location GPS coordinates via the “Use Maps” feature.

The email content you provide to Pensieve is only used to send emails to you, on your behalf, when you use Pensieve. The content of your emails are not given to any third-parties, except Pensieve’s email service provider, for the purpose of delivering email to you on your behalf when you use Pensieve. The contents of your email messages are not logged, stored, tracked, aggregated, distributed, or sold. After you use Pensieve to send an email, the content of that email is deleted from the Pensieve service platform.

The contents of your emails are not used for advertising.

App Usage Data

Pensieve collects usage data, such as UI load times, UI screens viewed, actions performed, buttons tapped, etc.

This usage data is used by Pensieve developers to improve the app, e.g. by detecting bugs and fixing them, or by determining which app features are highly used and focusing our development efforts on those areas.

App usage data is not used for advertising.