Privacy Protocol

1. Local-Only Storage

Every input, strike, urge log, and personal reflection written inside the Operator's Log is stored entirely on your local device sandbox. We utilize client-side persistent key-stores (Zustand AsyncStorage) and a local sandboxed SQLite database file (`harness.db`).

We have no servers. No external sync engines. No remote databases. If you delete the app or wipe your device storage, your data is permanently gone. We cannot recover it because we never had it.

2. Zero Telemetry & Telematics

Forge operates in complete isolation. The application does not contain remote analytics SDKs, crash trackers, or behavior tracking scripts (such as Google Analytics, Firebase, or Mixpanel). Your usage frequency, triggering patterns, and success thresholds remain private.

3. Device Sensors

During active Crucible protocols (such as push-ups or pacing drills), the app reads device motion indicators (the accelerometer sensor) locally to calculate and verify counts. This hardware telemetry is processed inside RAM in real time and is never written to disk or transmitted over network sockets.

4. Biometric Security

If enabled, the biometric authentication toggle (FaceID / TouchID) relies natively on your operating system’s secure enclave protocols. Forge receives only a binary success or failure confirmation from the system controller — we never access, view, or process your biometric markers.

5. Transactions & Subscriptions

Subscription payments are processed securely through the Apple App Store and Google Play billing APIs. We use RevenueCat for client-side receipt validations. All purchases are linked to anonymous transactional IDs generated by the app stores.