Stet Privacy Policy

Privacy Policy

Effective date: March 2, 2026

Stet is a writing app for publishing to Jekyll sites hosted on GitHub. This policy explains what data Stet handles, where it goes, and what we don’t do.

The Short Version

Stet does not collect, store, or transmit your personal data to us. Your content stays on your devices and in your personal iCloud account. We have no servers that hold your data, no analytics, and no tracking.

What Stet Stores on Your Device

Stet stores your blog drafts, site configurations, and front matter templates locally using Apple’s SwiftData framework. This includes the text you write, the site names and settings you configure, and any GitHub repository names you associate with a site.

If you connect a GitHub account, your OAuth access token is stored in the device Keychain, which is managed and encrypted by Apple’s operating system.

iCloud Sync

If you use Stet on multiple devices, your drafts and site configurations sync automatically through Apple’s CloudKit service. This data is stored in your private iCloud database, associated with your Apple ID. Stet uses only your private CloudKit container — no data is shared publicly or with other users.

Image assets associated with drafts are synced separately through iCloud Drive’s file sync layer, not through the CloudKit database.

Apple’s handling of your iCloud data is governed by Apple’s own privacy policy. We do not have access to your iCloud data.

GitHub Authentication

Stet connects to GitHub so you can publish content to your repositories. The authentication flow works as follows:

1. You sign in to GitHub through a browser (the system browser on Mac, or an in-app browser session on iOS).
2. GitHub issues a temporary authorization code.
3. That code is sent to a Cloudflare Worker we operate, which exchanges it for an access token and returns the token to the app. The Worker processes this request transiently in memory and does not store, log, or retain any user data, tokens, or request information.
4. The access token is stored in your device Keychain. It is used only to make API calls to GitHub on your behalf.

We do not store your GitHub password. We do not have ongoing access to your GitHub account. The Cloudflare Worker has no persistent storage or logging enabled.

What We Do Not Do

• We do not collect analytics or usage data.
• We do not use third-party analytics, advertising, or tracking SDKs.
• We do not serve ads or share data with advertisers.
• We do not sell or share your data with any third party.
• We do not collect your name, email address, or any personal identifiers beyond what is inherent in iCloud sync (your Apple ID) and GitHub authentication (your GitHub username).

Third-Party Services

Stet relies on the following third-party services, each governed by their own privacy policies:

• Apple iCloud / CloudKit — syncs your drafts and site settings across your devices. See Apple’s Privacy Policy.
• GitHub — provides authentication and repository access for publishing. See GitHub’s Privacy Statement.
• Cloudflare — hosts the stateless authentication proxy described above. See Cloudflare’s Privacy Policy.

In-App Purchases

Stet offers in-app purchases processed entirely through Apple’s StoreKit framework. Purchase transactions are handled by Apple. We do not receive or store your payment information.

Data Retention and Deletion

Your data lives on your devices and in your iCloud account. Deleting the app removes all local data. To remove synced data from iCloud, you can delete Stet’s data through your device’s iCloud storage settings. Disconnecting your GitHub account within the app removes the stored access token from your Keychain.

Children’s Privacy

Stet is not directed at children under 13 and does not knowingly collect data from children.

Changes to This Policy

If this policy changes, the updated version will be posted at this URL with a revised effective date.

Contact

If you have questions about this policy, contact us at privacy@almostrightcreative.com.