Pulse — Privacy Policy

Legal

Privacy Policy

Pulse is a personal wellness and productivity application. Its sole purpose is to help you understand how you spend your time across your Mac and iPhone so you can build better focus habits. Pulse is built with a privacy-first, on-device architecture. The Pulse applications do not rely on developer-operated servers, do not collect telemetry, and we have no access to your app data. If you choose to connect your Google account, Pulse reads selected Gmail and Google Calendar data and stores it only on your device — see Section 4 for the full disclosure. Data collected by this website is described in Section 17.

1. Purpose and Intended Use

Pulse exists to help individuals improve their personal productivity and digital wellbeing. The application provides focus scoring, work session detection, screen time awareness, distraction tracking, and — if you connect your accounts — a daily brief that draws on your email and calendar. Pulse is designed exclusively for personal self-improvement use by the device owner. It is not a surveillance tool, employee monitoring tool, or parental control application.

2. What Data Pulse Collects on macOS

The Pulse macOS application captures the following data locally on your Mac to provide productivity insights:

Active application names, bundle identifiers, and window titles — used to identify what you are working on and classify activity into categories (deep work, communication, browsing, learning). This data is read from the macOS window server and Accessibility API and never leaves your device.
Screen content via on-device optical character recognition (OCR) — Pulse periodically captures a screenshot and extracts visible text using Apple's Vision framework, entirely on-device. OCR text is used to detect meaningful workflow changes and enrich session context. Screenshots are stored locally and automatically rotated after a configurable retention count (default: 50).
Accessibility tree text — for supported applications (web browsers, code editors, chat apps), Pulse reads visible interface text and the currently focused element via the macOS Accessibility API.
Browser URLs and tab titles — for supported browsers, Pulse captures the active tab URL and title to classify web-based activity. URLs matching configurable privacy filters (banking sites, health portals, sensitive domains) are automatically excluded from capture.
Periodic screenshots — stored as image files on your local filesystem for your personal reference only. Older screenshots are automatically deleted. Screenshots are never transmitted, uploaded, or included in any database.
System idle time — time since last keyboard or mouse input, used to distinguish active work from inactive periods. Idle time is excluded from focus score calculations.
Computed session metrics — focus scores, session durations, app usage statistics, and daily/weekly summaries are derived entirely from the data above using on-device algorithms.

3. What Data the Pulse iOS Companion Collects

The Pulse iOS companion is a personal wellness tool that uses Apple's Screen Time API (DeviceActivityFramework, FamilyControls, and ManagedSettings) to help you understand and manage your phone usage during work hours.

Opaque application tokens only — Pulse uses Apple's Screen Time API, which provides cryptographically opaque tokens to represent applications and websites. Pulse never receives, decodes, stores, or transmits the actual names, bundle identifiers, or URLs of apps or websites you use on your iPhone.
Aggregate usage duration thresholds — Pulse registers usage thresholds through Apple's DeviceActivityMonitor extension to detect when you exceed configured screen time limits.
Phone pickup events — Pulse records when and how often you pick up your phone during designated work hours.
User-selected app categories for monitoring — you choose which categories of apps to include in focus tracking. Pulse cannot monitor apps or categories you have not explicitly selected.
Session interruption events — when phone usage occurs during an active focus session on your Mac, Pulse records the interruption duration to calculate its impact on your productivity.

All Screen Time data processing happens entirely on your iPhone within Apple's sandboxed extension environment. The DeviceActivityMonitor extension runs in a restricted 6 MB sandbox that cannot make network requests, cannot access shared storage, and cannot transmit data off-device.

4. Google User Data (Gmail and Google Calendar)

Pulse can optionally connect to your Google account so that your email and calendar can inform your daily brief and working-context insights. This connection is strictly opt-in: nothing is accessed until you click “Connect Google” in Pulse’s settings and grant consent on Google’s own sign-in screen. This section describes exactly what Pulse does with Google user data.

OAuth scopes requested — Pulse requests access to Gmail (gmail.modify), Google Calendar (calendar), and your account identity (openid, userinfo.email). Authentication uses Google’s standard OAuth 2.0 flow in your own browser; Pulse never sees your Google password.
What Pulse accesses — recent email threads from your inbox (senders, subjects, snippets, and message text) and events from your primary calendar.
Actions Pulse can take, only at your direction — when you explicitly ask it to, Pulse can apply labels to messages, create email drafts, send replies, and create calendar events. Every outgoing email is shown to you for confirmation before it is sent, and events are created only in response to your explicit request. Pulse never sends email, modifies your inbox, or changes your calendar on its own initiative, and it never permanently deletes email.
How it is used — exclusively to power user-facing features you see in the app: the morning brief, the evening reflection, relevance cards that surface email or events related to what you are currently working on, unread/priority counts, and the user-directed reply, labeling, and event-creation actions described above. Promotional, social, and bulk email categories are filtered out on-device.
Where it is stored — synced Google data is stored in a local SQLite database on your Mac. OAuth tokens are stored in the macOS Keychain. We operate no servers, so no Google user data is ever stored on our infrastructure, and no human other than you can see it.
AI processing — to generate summaries and relevance cards, Pulse may transmit limited portions of your email and calendar content to Anthropic’s Claude API for processing. This happens solely to provide the user-facing features described above. Under the commercial API terms governing these requests, the content is not used to train AI models. Pulse does not use, and does not allow any third party to use, Google user data to develop, improve, or train generalized artificial-intelligence or machine-learning models.
No sharing, sale, or advertising — Google user data is never sold, never used for advertising, never used to determine creditworthiness or for lending purposes, and never transferred to third parties except to Anthropic as a data processor for the features above, when required for security investigations, or when required by law.
Retention and deletion — synced Google data follows the same local retention window as all other Pulse data (Section 11). You can delete it at any time by deleting the Pulse database on your Mac. Disconnecting your Google account in Pulse stops all further access immediately.
Revoking access — you can revoke Pulse’s access at any time from within the app or at myaccount.google.com/permissions.

Pulse’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

5. Where Your Data Is Stored

All data collected by Pulse is stored locally on your devices:

macOS data — including any synced Google data — is stored in a SQLite database on your local filesystem. No cloud backup or sync is performed.
Credentials — OAuth tokens and API keys are stored in the macOS Keychain, protected by your device’s hardware security.
iOS Screen Time data remains within the app's sandboxed container on your iPhone. Aggregate focus metrics may be synced to the macOS app over your local network.
Screenshots are stored as image files on your Mac's local filesystem and are not included in any database or sync mechanism.

Pulse does not operate cloud servers, remote databases, or any server-side infrastructure. Your data exists only on hardware you physically control.

6. What Pulse Does Not Do

No data sale or sharing — Pulse does not sell, license, rent, or share your data with any third party.
No advertising — Pulse contains no advertising SDKs, ad networks, or tracking pixels.
No analytics or telemetry — Pulse does not contain crash reporting, usage analytics, or A/B testing frameworks.
No MDM or configuration profiles — Pulse does not install or require any MDM profiles, VPN configurations, or root certificates.
No VPN or network interception — Pulse does not intercept, inspect, or log network traffic.
No keylogging — Pulse does not capture keystrokes or keyboard input.
No cross-device tracking identifiers — Pulse does not generate or transmit any identifiers for cross-app or cross-device tracking.
No cloud accounts — Pulse does not require user accounts, login credentials, or email registration.
No off-device Screen Time data transmission — Screen Time tokens never leave your iPhone.

7. User Control

macOS permissions — Accessibility and Screen Recording permissions can be revoked at any time in System Settings > Privacy & Security.
Google account — you can disconnect your Google account in Pulse’s settings or revoke access at myaccount.google.com/permissions at any time.
iOS Screen Time authorization — you can revoke Pulse's Screen Time access at any time in Settings > Screen Time.
Monitoring scope — on iOS, you explicitly choose which app categories to include in focus monitoring.
Data deletion — you can delete all Pulse data at any time. On macOS, remove the local database file. On iOS, deleting the app removes all locally stored data.
Pause or quit — you can quit Pulse at any time to stop all data capture immediately.

8. Apple Screen Time API Technical Details

The Pulse iOS companion uses Apple's official Screen Time frameworks under the individual authorization model introduced in iOS 16.

Application identifiers are cryptographically opaque tokens that Pulse cannot decode.
The DeviceActivityMonitor extension runs in an isolated 6 MB sandbox with no network access.
All Screen Time UI rendering is performed by Apple-provided SwiftUI views in a separate process.
Authorization is requested via AuthorizationCenter.requestAuthorization(for: .individual).

9. Network Activity

Pulse’s network activity is limited to the following, each of which serves a feature you explicitly enabled:

Google APIs — only if you connect your Google account (Section 4), to read Gmail and Calendar data over encrypted HTTPS.
Anthropic Claude API — to generate AI summaries, briefs, and relevance cards from your local context (and, if connected, limited Google data), over encrypted HTTPS.
Notion API (planned) — a future version may let you connect a Notion workspace to read pages you select for context; this is not in the current release.
Local device-to-device communication — between the macOS and iOS applications on your local Wi-Fi network, using encrypted transport.

There is no telemetry, analytics, or crash-reporting traffic. Pulse never transmits screenshots, OCR text, or Screen Time data to any external service except as needed to generate the AI features described above.

10. Permissions Required

Accessibility (macOS) — to read window titles and visible interface text.
Screen & System Audio Recording (macOS) — to capture periodic screenshots for on-device OCR.
Screen Time / Family Controls (iOS) — to access aggregate screen time data via Apple's DeviceActivityFramework.
Local Network (iOS) — to communicate with the Pulse macOS app on your local Wi-Fi.

11. Data Retention and Deletion

Pulse retains data according to a configurable retention period (default: 30 days). Screenshots are rotated on a count basis (default: 50 most recent). Synced Google data follows the same local retention window. You can delete all Pulse data at any time by removing the database file (macOS) or deleting the app (iOS). Because Pulse operates no servers, there is no server-side data to request deletion of.

12. Data Pulse Does Not Collect

Unless you explicitly connect your Google account (in which case email and calendar data are handled as described in Section 4), Pulse does not collect:

Passwords or login credentials
Email content, message body text, or chat message content
Calendar events, reminders, or scheduling data
Keystrokes, keyboard input, or text entry events
GPS location, geolocation, or movement data
Contacts, address book entries, or phone numbers
Photos, videos, or media library contents
Biometric data (Face ID, Touch ID, fingerprint data)
Health, fitness, or medical data
Financial information, payment data, or transaction history
Device advertising identifiers (IDFA/IDFV)
Clipboard contents
Microphone audio or camera video
Specific app names or URLs from the iOS Screen Time API

13. Third-Party Services

Pulse integrates with a small number of third-party services, each of which is optional, opt-in, and used only to deliver features you can see in the app:

Google (Gmail, Google Calendar) — opt-in; handled as described in Section 4.
Anthropic (Claude API) — processes content to generate summaries, briefs, and relevance cards. Content sent to this API is governed by commercial terms that prohibit its use for model training.
Notion (planned) — a future opt-in integration to read workspace pages you select; not in the current release.

Pulse contains no advertising, analytics, or tracking SDKs. Beyond the services above, all processing is performed entirely on your devices using Apple system frameworks and locally bundled open-source libraries.

14. Data Security

All Pulse data is protected by your device's built-in security: FileVault on macOS, hardware-level encryption on iOS, device passcodes, and biometric authentication. OAuth tokens are stored in the macOS Keychain. All external API communication uses TLS-encrypted transport, and local network communication between your devices uses encrypted transport.

15. Children's Privacy (COPPA)

Pulse is not directed at children under the age of 13. It operates exclusively under Apple's individual (personal) authorization model.

16. Compliance

Google API Services User Data Policy — Pulse complies with the Google API Services User Data Policy, including the Limited Use requirements, for all data received from Google APIs.
GDPR (EU) — Pulse does not process personal data on any server. All data remains on the user's device.
CCPA/CPRA (California) — Pulse does not sell or share personal information with third parties.
Apple App Store Guidelines (5.1.1, 5.1.2) — Data is collected only with explicit user consent and used solely for the app's stated functionality.

17. This Website and the Waitlist

The pulsevision.tech website is a static informational site with no analytics, advertising, or tracking scripts. The one piece of data it can collect is the email address you choose to submit through the waitlist form on the homepage. That address is stored in a hosted database (Supabase) and is used for exactly one purpose: contacting you about access to Pulse. It is never sold, shared, or used for any other marketing, and is unrelated to the Google user data described in Section 4, which never leaves your device. To have your address removed from the waitlist, email pillicdj@gmail.com.

18. Changes to This Policy

If this privacy policy is updated, the revised version will be posted at this URL with an updated effective date. Material changes to how Pulse handles Google user data will be reflected here before they take effect.

19. Contact

If you have questions about this privacy policy, contact us at pillicdj@gmail.com.

Effective date: May 6, 2026 · Last updated: June 12, 2026