This policy describes what ShotList does — and, more importantly, doesn't do — with information you put into it. The short version is that ShotList is built to keep your work on your device. There's no account, no server we run, and no analytics. The long version is below.
Everything you create in ShotList is stored locally on your device:
None of this is sent to us. We don't operate a server that holds your data. If you delete the app, the data is gone — there's no cloud copy to restore from.
If you use ShotList's AI features with Anthropic or OpenAI, you provide your own API key in Settings. Those keys are stored in the device keychain (Apple's secure credential storage). When you generate a shot list, ShotList sends your request directly from your device to Anthropic or OpenAI — we don't proxy or intercept anything.
What this means in practice: your scripts and notes are subject to Anthropic's or OpenAI's privacy policies during generation, not ours. We never see them.
If you use the Foundation Models provider, generation runs entirely on your device using Apple Intelligence. Nothing leaves your phone. Your scripts and notes are processed locally by Apple's on-device model.
When you ask ShotList to scout locations near you, the app uses CoreLocation to read your current coordinates. Those coordinates are sent to Apple's MapKit service to find nearby places (cafés, parks, rooftops, etc.) and may also be included in your AI generation request if you've enabled location-aware generation. We don't store, log, or transmit your location anywhere else.
You can deny location access at any time in iOS Settings. ShotList still works — you just won't get place-name suggestions tailored to your area.
ShotList asks for microphone access only when you tap the Memo button in On-Set mode. Recordings are saved as audio files on your device — they aren't transcribed, transmitted, or analysed.
ShotList asks for Photos access only when you attach a reference image or a captured frame. Selected images are stored on your device (in the app's own storage, not back to the Photo Library). They aren't transmitted anywhere.
Nothing. There are no analytics SDKs, no crash reporting services, no usage telemetry. The only thing we receive from you is what you explicitly send — emails to support, App Store reviews, or in-app purchase records that come from Apple, not from us.
ShotList offers monthly, annual, and lifetime Pro upgrades through Apple's In-App Purchase system. Apple handles billing and processes the transaction. We receive a record from Apple that confirms you're entitled to Pro — your name, email, or payment details aren't shared with us. Subscriptions can be managed or cancelled from your Apple ID account settings.
ShotList isn't designed for or directed at children under 13. We don't knowingly collect information from anyone — including children — because we don't collect information at all.
If we change this policy in a way that affects what data the app handles, we'll update the "Last updated" date above and, where the change is material, mention it in the App Store release notes for the version that introduces it.
Questions about privacy: privacy@shotlist.app.