MorningKeep

Privacy

MorningKeep Privacy Policy

MorningKeep is a daily ritual for your own thinking: capture Sparks, reflect with Cue, and begin each morning with a clear brief. Privacy is foundational to that experience. Your Sparks belong to you.

Last updated: May 25, 2026

1. Introduction

This policy explains what data MorningKeep handles, how it is used, and what controls you have. We designed MorningKeep around local-first and CloudKit-first storage so your information stays in your Apple ecosystem.

2. What We Collect

  • Sparks and content: Stored on-device and in your iCloud via CloudKit. Your Sparks stay in the local/iCloud path unless you explicitly enable AI features.
  • Health data: With your permission, MorningKeep reads activity and sleep data from HealthKit to identify your best thinking patterns (e.g., time of day, activity level). Health data is processed on-device only and never sent to external services.
  • Voice and microphone: With your permission, MorningKeep can capture voice Sparks using your device microphone. Voice recordings are stored locally. Transcripts and Spark text can be processed through Cue after AI consent is enabled. We do not store raw voice input on MorningKeep servers.
  • Email address: Optionally provided during onboarding, purchase, or support. Used for account support, lifecycle messages, and product updates when you opt in. You may skip this entirely.
  • Contacts: Optional and local-only. If you enable Contact Recognition, MorningKeep reads Contacts on device to match names you mention. Contact names, phone numbers, and emails are not sent to Cue providers.
  • Usage analytics: Anonymized product telemetry through TelemetryDeck. No personal identifiers are included.
  • Account information: Apple Sign In only. We receive a stable Apple identifier, not your email unless you explicitly share it.

3. How We Use Your Data

We use your data to generate your Morning Briefs, power Cue AI conversations, detect patterns in your thinking, and identify your optimal creative conditions. The product is designed to operate local-first with CloudKit synchronization, rather than central server-side profiles.

Apple Calendar and Reminder items are created only when you grant the relevant permission and enable the matching setting. Apple Notes export is manual through the system share sheet. Journal Suggestions receive content-free capture context, not raw Spark text.

4. How We Use AI

MorningKeep uses AI services to process your Sparks and generate insights, briefs, and Cue responses. We use the following providers:

  • Google Gemini API (primary): Processes Spark content for insights, Morning Briefs, and conversational interactions with Cue. Provider data use follows the Gemini API terms and the account configuration used by MorningKeep.
  • OpenAI API (fallback): Used only when Gemini is unavailable. Same data handling principles apply. Provider data use follows OpenAI's API terms and MorningKeep's account configuration.
  • ElevenLabs (voice narration): Dawn tier only. Text is sent to ElevenLabs to generate Cue's voice narration for Morning Briefs. No Spark content is shared — only the generated brief summary text.

AI requests are routed through MorningKeep's proxy infrastructure with TLS and App Attest or request authentication where supported. MorningKeep does not operate a central Spark-content database. Offline caching of AI results is stored locally on your device.

5. What We Don't Do

  • We do not sell your data.
  • We do not sell your Sparks or share them for advertising.
  • We do not operate a centralized database of your Sparks.
  • We do not use your data for advertising.
  • We do not use your Sparks to train MorningKeep-owned models.
  • We do not store your Health data outside your device.

6. Data Storage & Security

Primary storage lives on your device and in your iCloud through CloudKit. MorningKeep does not operate centralized databases of your Sparks.

CloudKit uses Apple-managed encryption and private-database access control. MorningKeep v4.0 does not claim full application-layer end-to-end encryption for synced CloudKit content.

Security measures include: biometric authentication (Face ID / Touch ID) with immediate lock on background, Keychain storage for sensitive data, TLS for network traffic, and Apple App Attest or request authentication where supported for API request verification.

7. Data Deletion

You can delete your account and associated data from Settings > Privacy > Delete My Data. MorningKeep deletes local data immediately and requests removal of synced CloudKit records. CloudKit deletion syncs asynchronously through Apple infrastructure, so exact server-side timing can vary. Locally cached AI responses are deleted with local app data.

8. Contact

For privacy questions, email [email protected].