Trust
Privacy
How the iOS app and this static marketing site handle credentials, PostHog data, local caches, and measurement.
The short version
PostHog Pocket Dashboard has no app-owned backend, proxy, telemetry SDK, remote configuration, push service, cloud sync, or crash-reporting SDK. The iOS app sends API requests directly to the PostHog host you configure.
The personal API key is stored in iOS Keychain. Query results and local definitions may be stored in the app's SQLite database when caching is enabled, but the API key is not stored there.
iOS app data flow
Personal API key in iOS Keychain with device-only accessibility after first unlock.
Direct HTTPS calls from the device to the selected US, EU, or custom PostHog host.
Optional cached responses and saved definitions in a local SQLite database.
What the app does not include
- No PostHog analytics SDK inside the app itself.
- No Firebase, Supabase, Sentry, Amplitude, Segment, or equivalent telemetry service.
- No app-owned server receiving the API key, query text, dashboards, replay snapshots, or results.
- No iCloud synchronization of app data.
- No enabled PostHog write operations in the mobile client.
This marketing site
The repository ships this site as static HTML, CSS, and a small first-party interaction script. No analytics library, advertising pixel, cookie banner, form, or external font is bundled.
The interaction script records events in an in-memory browser array and emits a custom browser event for QA. It can forward the same event to an explicitly supplied dataLayer or PostHog browser object if the site owner later adds one. Without such a provider, it does not send analytics over the network or persist them between page loads.
Control your local data
Settings includes separate controls to delete the saved API key and to delete local SQLite data and saved definitions.