Privacy & local-first

Trade-offs

The honest cost of local-first is that your data is on the device you knit on. Clearing your browser data, deleting the app, or losing your phone means losing your patterns and progress. Use the export feature in Settings to back up to a JSON file you can restore on any device, or set up Cloud Sync to keep multiple devices in step automatically.

What we collect

Whether the app sends usage and error data by default depends on where you're connecting from. In the EEA, the United Kingdom, and Switzerland, nothing is sent until you grant consent through the banner or Settings. Everywhere else, anonymous events go to PostHog and crash reports to Sentry by default, and you can opt out any time in Settings. See Analytics & error reporting below for the full picture.

The site is served via Cloudflare, which records standard server-log information (IP address, user-agent, request path) for caching and abuse protection — the same kind of request metadata that any website's edge or CDN sees.

If you turn on Cloud Sync, the app talks to api.github.com on your behalf using a token you provide. Nothing else is sent to a third party.

Analytics & error reporting

knittime sends anonymous usage data to PostHog and crash reports to Sentry. The default depends on where you're connecting from: in the EEA, the United Kingdom, and Switzerland, analytics are off until you explicitly opt in through the consent banner or Settings. Everywhere else, anonymous analytics are on by default and you can turn them off any time in Settings → Analytics.

How the default is chosen

To decide which default to apply, the app makes a single request to Cloudflare's /cdn-cgi/trace endpoint, which returns a country code derived from the IP address Cloudflare already sees for your request. No third-party geolocation service is involved, and the lookup is cached for 24 hours. If the lookup fails for any reason, we fall back to the consent-required default (banner shown, analytics off) — the safer option. The mandatory-consent regions are the EEA member states, the United Kingdom, and Switzerland.

What we collect

• ✦Anonymous usage events about how you use the app — for example, which parts of the app you visit, when sessions run, and high-level metadata about your activity.
• ✦Uncaught errors and crash reports, plus standard device and app context (such as app version, viewport size, and language).

What we never collect

• ✦Pattern names, instructions, notes, or any text you typed.
• ✦Counter names or values.
• ✦Identifiers that can be tied back to your specific patterns or sessions on another device or account.

How to disable

Go to Settings → Analytics and turn off "Send anonymous analytics." To erase data already sent, use "Delete my analytics data" in the same place.

Global Privacy Control

If your browser sends a Global Privacy Control (GPC) signal, we treat it as a declined default — the consent banner stays hidden and analytics stay off until you explicitly turn them on in Settings. This applies regardless of where you're connecting from.

Storage on your device

When analytics are enabled, PostHog stores a random identifier in your browser's localStorage (not cookies) so events from the same install can be grouped together. The identifier resets when you revoke and re-grant consent, and is unrelated to any identifier on another device.

Legal basis (GDPR / UK GDPR / FADP)

For users in the EEA, the United Kingdom, and Switzerland, our legal basis for processing analytics and crash data is your consent (GDPR Art. 6(1)(a), and the equivalent provisions of the UK GDPR and the Swiss FADP). Outside those regions, we rely on legitimate interest in understanding how the app is used (Art. 6(1)(f)) and provide an always-available opt-out in Settings. Cloudflare request logging — including the country-code lookup described above — is processed under legitimate interest in operating the site securely (Art. 6(1)(f)).

Who's responsible

Knit in Time is built and operated by Will Gunther (Pittsburgh, PA, USA). For privacy questions or data requests, email [email protected].

Third-party processors

When the app sends data off your device, it goes to one of the following processors. We don't share data with anyone else.

• ✦Cloudflare — CDN. Sees request metadata (IP, user-agent, path) for every page load. Always-on.
• ✦PostHog (US region) — anonymous product analytics. On by default outside the EEA, UK, and Switzerland; consent-gated inside those regions; always opt-out in Settings.
• ✦Sentry — crash and error reporting. On by default outside the EEA, UK, and Switzerland; consent-gated inside those regions; always opt-out in Settings.
• ✦GitHub — only if you enable Cloud Sync. Your patterns and sessions go to a private Gist on your own GitHub account, using a token you provide. In this flow GitHub is acting under your account and your terms with GitHub — not as a processor we've engaged on your behalf.

Retention & deletion

Analytics and error data are retained by PostHog and Sentry under their default retention for our plan; we do not maintain a separate copy. You can erase your analytics data at any time via Settings → Analytics → "Delete my analytics data." Cloud Sync data lives in your own GitHub Gist for as long as you keep it; revoking the token and deleting the Gist removes it. Patterns and sessions stored locally remain on your device until you clear browser data or uninstall the app.

Your rights

Analytics are anonymous, and you can turn them off any time in Settings → Analytics — whether you originally opted in via the banner or were opted in by default. Use "Delete my analytics data" to remove what's been sent. For anything else (questions, complaints, requests for access or deletion of data you believe relates to you), email [email protected]. If you're in the EU, UK, or Switzerland, you also have the right to lodge a complaint with your local data protection authority.