Privacy Policy
Last updated: March 2026
What we collect
The backend stores the minimum data required to route push notifications to your device:
- Your device's APNs push token — provided by Apple, used to deliver notifications.
- A SHA-256 digest of your device webhook secret and user webhook secret. These are one-way hashes; the raw secrets are never transmitted to or stored by the server.
- An optional human-readable device label (e.g. "iPhone 15 Pro") that you choose.
That is the complete list. No email address, no name, no account, no analytics.
What we do not collect
- Notification contents — for instant delivery, the message, title, and any other payload fields pass through the server in-flight and are never logged or persisted. For scheduled notifications, the payload is stored in Cloudflare KV until the scheduled time, then deleted immediately upon delivery.
- Action responses — when you use the
callback_urlfield (interactive action buttons), thecallback_urlis forwarded to your device inside the APNs payload and is never stored by this service. If you tap an action button, the app sends your response directly from your device to the URL you were sent — the Notifikations server is not involved. Only the sender of the notification and the operator of that URL will receive your response. - Your raw webhook secret — generated on-device, stored in your private iCloud. The server only ever sees its SHA-256 hash.
- IP addresses or request metadata — requests are processed by Cloudflare Workers; no access logs are written by the application.
- Notification history — history is stored on your device only (via SwiftData). Deleting the app removes it.
Where data is stored
Device records (APNs token + digests + label) are stored in Cloudflare KV, a globally-distributed key-value store operated by Cloudflare, Inc. Data is replicated across Cloudflare's edge network.
Your raw webhook secrets are synced across your own devices using iCloud CloudKit (Apple's private database). This data lives in your personal iCloud account and is inaccessible to us.
How data is used
The stored data has exactly one purpose: when a webhook request arrives at /api/v1/:secret, the server hashes the secret, looks up the corresponding APNs token, and forwards the notification to Apple's Push Notification service (APNs). Nothing else.
Third parties
- Apple (APNs) — notifications are delivered via Apple's infrastructure. Apple's privacy policy governs their handling of push tokens.
- Cloudflare — the worker and KV storage run on Cloudflare's platform. Cloudflare may log metadata at the network layer per their own privacy policy.
When the callback_url feature is used, the app contacts whatever server the notification sender specified. That server is outside Notifikations' control; its own privacy policy governs what it does with the data it receives.
There are no advertising networks, analytics SDKs, or data brokers involved.
Data deletion
You can remove your device's stored record at any time from within the app (Settings → Unregister device). This deletes the APNs token and both digests from Cloudflare KV. The device will stop receiving notifications immediately.
Deleting the iOS app removes all local notification history and your webhook secrets from iCloud.
Security
Webhook secrets are generated using a cryptographically secure random number generator (SecRandomCopyBytes) and are 32 characters long. Only their SHA-256 hash reaches the server, so a database breach would not expose your webhook URL.
All traffic between the app, the server, and APNs uses TLS.
Children
This service is not directed at children under 13. We do not knowingly collect data from minors.
Changes
If this policy changes materially, the updated date at the top will reflect that. Continued use of the service after changes constitutes acceptance.
Contact
Questions? Reach out at hello@notifikations.com.