Privacy by design: why Skyty has zero analytics, zero accounts, zero excuses

April 23, 2026 · Kim Engels

Travel data is some of the most revealing data you generate. Where you go, how often, with whom, when you’ll be away from home. Travel apps know all of it. Most of them sell some of it. I’d rather not name names but if you’ve ever wondered why airline-affiliated free apps exist when they don’t appear to monetize, the answer is in the data they collect about you, mostly silently.

Skyty is built so that we can’t sell your travel data, even if we wanted to. We never have it.

This isn’t a privacy policy. Privacy policies say “we promise not to do X.” This is a privacy architecture — the design makes X impossible. Here’s how.

What never leaves your device

• Your GPS coordinates. Read by Apple’s CoreLocation framework, used by Skyty in memory, never sent to a server.
• Your flight recordings. Stored in a local database. If you enable iCloud, they sync to your private iCloud container — Apple’s own engineers can’t read those, and we have no access either.
• Your settings, your map of the world, your map themes, the airport you marked as “destination.” All on-device.
• Crash reports. We don’t run a crash-reporting SDK. Apple’s TestFlight aggregates crashes from beta testers if they opt in; that’s it.
• Analytics events. None. Zero. Not “anonymized,” not “aggregated” — just none.

What we don’t have, that other apps do

• No account system. You don’t create one. There’s no email field, no password, no Sign-in-with-Apple, no anything. The app launches and works.
• No third-party SDKs. No Firebase, no Google Analytics, no Sentry, no Branch, no Adjust, no Facebook SDK. Some apps embed twenty of these. Skyty embeds zero.
• No advertising IDs. We don’t read Apple’s IDFA. We don’t ask for tracking permission, because we have nothing to track.

You can verify this by looking at the App Store privacy nutrition label for Skyty. It’s empty. That’s by design.

What about the website?

You’re reading this on skyty.app. The site uses Cloudflare Web Analytics — a privacy-respecting analytics product that does not use cookies, does not track users across sites, and does not use a unique identifier. Cloudflare aggregates page-load metrics (popular pages, country-level geography, browser stats) without tying anything to you. There’s no consent banner because there’s nothing to consent to.

If you’d prefer not to be counted at all, ad-blockers and privacy extensions block the Cloudflare beacon. Skyty’s site works identically with it blocked.

The trade-offs we accept

This stance comes with real costs:

• We can’t tell you what flights other Skyty users record over your route. That’d be a fun feature. It would also require us to collect everyone’s flights to a server. We’d rather not.
• We can’t show you “people like you also flew to…” We have no notion of “you” or “people like you.”
• We can’t fine-tune the product based on detailed usage telemetry. We watch App Store reviews and answer email at [email protected] instead. Slower, but it’s enough.
• We can’t show you targeted ads. We don’t show ads at all.

How we make money

Skyty is a one-time purchase for Premium features. No subscription, no in-app advertising, no data sales. You buy it once, you own it. Apple takes a cut and sends us the rest.

That’s the whole business model. It’s almost unfashionably simple.

A small principle

If we ever feel pressure to soften any of this, you’ll see it announced here, on the changelog page, with a date and a reason. We won’t update a privacy policy quietly at 2 AM and hope nobody notices. That’s the deal.