Privacy

Your safety data stays on your Mac.

Photanchor needs enough backend data to sell and activate licenses. It does not need your iCloud paths, Photos library details, backup manifests, checksums, reports, files, or photos.

Never uploaded

Local safety data never leaves for licensing.

  • iCloud file paths or folder names
  • Photos metadata, counts, albums, or thumbnails
  • scan results or safety findings
  • backup manifests or destination paths
  • checksums or file hashes
  • local reports
  • files or photos

iCloud scans

File state checks run on your Mac and stay in the local SQLite database.

Photos scans

PhotoKit metadata is read locally only after you choose to scan Photos.

Backup and verification

Second-copy manifests, copied-file status, checksums, and restore-test results stay local.

Reports

Report exports are created on your Mac and are not uploaded by Photanchor.

Licensing

Email if provided, license key during activation, app/macOS version, device nickname, and a hashed local install identifier.

Support

Email, your message, optional app version, OS version, license status, and only sanitized diagnostics you choose to send.

Recovery

Receipt email is used to look for a paid license and send an additional replacement key. Existing keys are not deactivated, repeated requests are throttled, and the response never reveals whether an account exists.

Diagnostics

Support stays opt-in.

Photanchor does not upload diagnostics automatically. Support tickets accept only privacy-safe fields, and the app diagnostics export omits file paths, Photos metadata, backup manifests, checksums, reports, files, and photos by default.

Need help with a purchase? Use license recovery or contact beta support.