The summary above captures the intent. The sections below are the full detail.
Needle Minder ("the app") is built and operated by McPeak Enterprises LLC ("we," "us," "our"), an independent software studio based in the United States. This Privacy Policy explains what happens to your information when you use the app and this website.
For the limited processing described in this policy (for example, support email), McPeak Enterprises LLC is the data controller. We have not appointed a Data Protection Officer, as we are not required to under Article 37 GDPR; you can reach us on any privacy matter at support@needleminder.app.
As of the date above, we do not collect personal information from you through the app itself. Needle Minder works entirely on your device. You don't create an account, and the app has no server that receives your stash, your projects, or your activity.
That means we have no access to, and keep no copy of, the data you enter into the app.
The narrow exceptions. We do process a small amount of personal data in two situations that sit outside the app's core functions:
The app stores the following on your phone or tablet, in a local database protected by your device's built-in security:
This information stays on your device unless you choose to export a backup (see Backups). Deleting the app removes this local data from the device.
If you add a photo to a project, the app asks permission to use your camera. The photo is stored on your device with that project. There is no text recognition or label reading — the app does not read, analyze, or upload your photos, and images are not sent to us or to any third party.
In normal use, the app does not need an internet connection and does not send your data anywhere. The network is only involved when you take an action that uses it — for example, exporting or sharing a backup file to a location you pick. The app itself does not phone home in the background. One exception: if you have purchased Full Access, the RevenueCat SDK may contact its servers to verify your entitlement when the app launches. If your device is offline, the app falls back to a locally stored value and continues to work normally — see §07.
This privacy policy covers both the app and the Needle Minder website. The website is informational and does not require an account. We aim to keep it as privacy-respecting as the app:
Needle Minder lets you export your data to a single backup file (.json) that you control. When you save or send that file — to iCloud, Google Drive, AirDrop, Quick Share, email, or any folder — it leaves your device at your direction. From that point, the file is handled by whichever service or person you sent it to, under their terms and privacy practices, not ours.
We recommend keeping backups somewhere you trust, since the file contains your full stash and project data.
Where GDPR or UK GDPR applies, we must tell you the lawful basis for any processing we do. Because the app keeps your data on your device, the bases below cover only the narrow processing in §02:
We do not carry out profiling or automated decision-making that produces legal or similarly significant effects.
McPeak Enterprises LLC operates in the United States. If you contact us, or (in future) make an in-app purchase, the limited personal data involved may be processed in the US, which is outside the EEA and UK. Where the law requires it, we rely on appropriate safeguards — such as the UK/EU Standard Contractual Clauses or an equivalent transfer mechanism offered by the providers involved — to protect that data.
The app stores (Apple, Google) and any purchase-infrastructure provider make their own international transfers under their own policies and safeguards.
Needle Minder contains no advertising, no cross-app or cross-site tracking, and no analytics SDKs that profile how you use the app. We do not sell, rent, or share your data with data brokers.
In-app purchases. When you buy Full Access, the transaction is handled by RevenueCat on our behalf. RevenueCat's SDK contacts its servers to validate your purchase and manage your entitlement. In doing so it receives your app-store receipt, a device identifier, and your IP address. RevenueCat acts as our processor; it does not use this data for advertising or sell it. Its own privacy policy governs how it handles that data.
You download the app through the Apple App Store or Google Play. Those platforms have their own privacy policies and may collect information related to your download, device, or in-store activity (for example, crash diagnostics or purchase records). That collection is governed by Apple's and Google's policies, not this one.
Needle Minder is a general-audience hobby tool and is not directed to children. Because the app does not collect personal information, we do not knowingly collect data from children.
For users in the EEA/UK: where the processing in §02 relies on consent, the minimum age of consent for online services under Article 8 GDPR is 16, though some EU member states set it lower (no younger than 13). We do not knowingly process the personal data of children below the applicable age, and the app requires no such data to function.
Needle Minder may add optional features over time, which could include things like cloud backup, syncing across devices, or premium capabilities. If we introduce a feature that transmits your data off your device, we will:
Privacy is the part of Needle Minder that doesn't change. New features won't quietly start collecting data without this policy being updated first.
Because your data lives on your device, you are in control of it. You can edit or delete any entry in the app at any time, export a backup whenever you want, and remove all local data by deleting the app. You can also revoke the camera permission in your device settings; adding photos to a project simply won't be available until you grant it again.
In practice, the in-app export feature already lets you obtain a complete, portable copy of your data, and deleting entries or the app erases it — so the controls in §11A are largely things you can already do for yourself.
If you are in the EEA or UK, you have the following rights over personal data we process about you (which, as explained above, is limited):
.json export already provides this.)To exercise any of these for data we hold (e.g. support correspondence), email support@needleminder.app. For data stored on your device, you can exercise these rights yourself directly in the app at any time.
Right to complain. You also have the right to lodge a complaint with your local data protection supervisory authority. In the UK, that is the Information Commissioner's Office (ICO) at ico.org.uk. In the EEA, you can contact the authority in your country of residence. We'd appreciate the chance to address your concern first, but this right is yours regardless.
We are established in the United States and not in the EEA or UK. We believe we are exempt from appointing an Article 27 representative, because any processing of EEA/UK personal data we carry out is occasional, low-risk, and does not involve large-scale or special-category data. If this changes — for example, through a future feature — we will appoint a representative and update this policy with their details.
We may update this Privacy Policy as the app evolves. When we do, we'll change the "Last updated" date at the top of this page, and for material changes we'll provide a more prominent notice. Continued use of the app after an update means you accept the revised policy.
Questions about this policy or your privacy? Email support@needleminder.app and a real person will get back to you.
McPeak Enterprises LLC · Needle Minder