Summary
- Core app data is stored locally on the device by default.
- Cloud Save is optional and user-initiated.
- Cloud Save packages are encrypted on the device before upload.
- The Cloud Save recovery key is not sent to All Of Me Cloud.
- All Of Me does not use third-party advertising.
- All Of Me does not track users across apps or websites.
- All Of Me does not currently include analytics.
Data stored by the app
All Of Me stores the information a user enters or chooses inside the app. This may include system profile details, member names, roles, notes, colors, groups, profile images, fronting state, fronting sessions, timeline entries, recently deleted items, local settings, local backups, and Cloud Save connection settings.
On iOS and other device builds, this data is stored in app-owned local storage, including a local SQLite database and app-owned image and backup files.
Optional Cloud Save
Cloud Save is a manual backup and restore feature. It is not live sync, and it does not make the server the source of truth. A user must connect Cloud Save and choose to save or restore.
When a user connects Cloud Save to All Of Me Cloud, the service may process and store encrypted Cloud Save packages, save metadata, random account and device identifiers, hashed device access tokens, link-code metadata, and standard service logs such as request time, request path, status code, IP address, request ID, and error ID.
The recovery key used to encrypt and decrypt a Cloud Save package is entered on the device and is not sent to All Of Me Cloud. The server is not designed to decrypt Cloud Save package contents.
Photos and profile images
All Of Me may request access to the photo library so a user can choose a member profile image. Chosen images are copied into app-owned local storage and may be included in user-created backups or encrypted Cloud Save packages.
App lock and biometrics
All Of Me may use Face ID or the device passcode to unlock local app data when app lock is enabled. Biometric authentication is handled by the operating system. All Of Me does not receive or store Face ID biometric data.
Backups, imports, and sharing
Users can export a readable JSON backup and import that backup later. Exported backup files are controlled by the user after export. If a user shares a backup through the system share sheet, saves it somewhere else, or sends it to someone else, that copy is outside All Of Me's app-owned storage.
Retention and deletion
Local app data remains on the device until the user deletes it, clears local app data inside All Of Me, removes specific records, deletes exported backups, or uninstalls the app.
Disconnecting Cloud Save removes the saved Cloud Save session and access token from the current device. It does not automatically delete encrypted restore points already stored on the configured server. Users can request deletion of All Of Me Cloud data through support.
Third parties
The current app build does not include third-party advertising, third-party analytics, or a bundled third-party sync service. If a user configures a self-hosted or third-party Cloud Save server, that server operator's privacy and security practices apply.
Security
All Of Me is designed to keep app data local by default and can hide local app data behind device authentication when app lock is enabled. No storage or security system can be guaranteed to be perfect, especially once a user exports files, shares backup files, connects a server, or stores recovery keys outside the app.
Contact
For support, email support@allofmeapp.com. For bug reports, email bugreports@allofmeapp.com.