Privacy policy

Last updated: 12 April 2026

cmdock is a sync server and native iOS app for TaskWarrior. This policy covers the cmdock iOS app and the cmdock.dev website. It is published by Kellgari Pty Ltd (ABN 26 616 591 419) trading as 10fifteen.

The short version

• Your task data stays on your device (standalone mode) or on your self-hosted server (connected mode). We don't sell, share, or mine it.
• No advertising identifiers. No tracking SDKs. No third-party analytics in the app.
• If you self-host, your data never touches our infrastructure.
• Deleting the app removes all local data. Self-hosted users control their own server data.

What the app accesses

Task data

The app stores task data (descriptions, projects, tags, priorities, due dates, annotations) locally on your device and syncs it with your configured server. In standalone mode (no server configured), task data stays on-device only.

Server credentials

Your server URL is stored in the app's shared container (UserDefaults). Your API token and sync encryption secret are stored in the iOS Keychain, protected by the device's Secure Enclave. Credentials are transmitted to your server over HTTPS and are never sent anywhere else.

Location (geofencing)

If you configure geofence regions (e.g., "show shopping list when near Coles"), the app uses iOS region monitoring to detect when you enter or leave those areas. The app does not track your precise location, does not record a location history, and does not send location data to any server. Geofence region names and coordinates are stored in your server's configuration — on your server, not ours (unless you use the hosted service). Location access is optional and requires your explicit permission.

Notifications

The app schedules local notifications for task due dates and morning briefings. These are processed entirely on your device. No push notification infrastructure is used in the current version — notifications are local only.

Spotlight and Siri

The app indexes your tasks in iOS Spotlight and registers Siri Shortcuts so you can search for tasks and use voice commands. This data stays on your device and is managed by iOS. It is not sent to any server.

On-device logging

The app writes debug logs to a file in the app's container for troubleshooting. Logs contain timestamps, sync status, and error messages. They do not contain task content. Logs stay on your device and are only shared if you explicitly export them via the diagnostics screen.

What the app does NOT access

• No advertising identifiers (IDFA) or App Tracking Transparency prompts
• No third-party analytics SDKs (no Firebase, Crashlytics, Mixpanel, Amplitude, or similar)
• No contacts, photos, camera, microphone, or health data
• No precise location tracking — geofencing uses coarse region monitoring only
• No cookies or cross-app/cross-site tracking
• No fingerprinting or device identification beyond what iOS provides to the app

Self-hosted servers

If you run your own cmdock server (the server is AGPL-3.0 open source), your task data, credentials, geofence configuration, and all server-side state remain entirely on your infrastructure. We have no access to it, cannot read it, and never receive it. The app communicates only with the server URL you configure.

Data retention and deletion

Self-hosted users control their own data retention. Deleting the server's data directory removes all data. The app's local data can be removed by deleting the app from your device.

Third-party services

The cmdock app contains no third-party SDKs. The cmdock.dev website uses:

• Cloudflare: for DNS and website hosting
• Plausible Analytics: on the cmdock.dev website only (privacy-friendly, no cookies, GDPR-compliant). Not in the app.

Children

cmdock is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at [email protected].

Changes to this policy

We may update this policy from time to time. Material changes will be announced via the app or the cmdock.dev blog. The "last updated" date at the top reflects the most recent revision.

Contact

Questions about this privacy policy? Contact us at [email protected].

Kellgari Pty Ltd (ABN 26 616 591 419)
Trading as 10fifteen
Brisbane, Queensland, Australia