Why We Built a Privacy-First Shared Task App
Your to-do list is a map of your life: what you buy, where you go, what you worry about. We decided that map should stay yours.
The problem with most task apps
Task management apps know a lot about you. They know what you need to buy, when your appointments are, what errands you run, what medications you take, what your partner's name is, and how you divide responsibilities. This is some of the most intimate data an app can collect.
And yet, most task apps treat this data the way most apps treat all data: they collect as much as possible, store it on their servers, use it for analytics, and monetize it through advertising or growth metrics. Even apps that do not sell your data outright often use third-party analytics SDKs that phone home to Google, Facebook, or Amplitude.
When we started building Halves, we made a decision early: the app would collect the absolute minimum data needed to function, and nothing more.
Our architecture, simply explained
Here is how data flows in Halves and where it lives at each stage.
On-device storage (Core Data)
All tasks, preferences, and app state are stored locally on your iPhone using Core Data, Apple's native persistence framework. This data lives in your app sandbox and is not accessible to other apps or to us. When you delete the app, this data is deleted. If you have iCloud backup enabled, this data is included in your encrypted iCloud backup, under your control.
Sync layer (Supabase)
To sync tasks between two partners, we need a server. We use Supabase (an open-source Firebase alternative built on PostgreSQL). Shared tasks are synced through Supabase so both partners see the same list. But Supabase is used strictly as a sync relay. We do not query your data for analytics, we do not run reports on it, and we do not use it to build user profiles.
Private tasks (never synced)
Halves has a private tasks feature. Tasks marked as private are stored only in Core Data on your device. They are never sent to Supabase, never synced, and never visible to your partner. There is no server-side record that a private task exists. This is architecturally enforced, not just a UI toggle.
What we do not collect
It is easier to list what Halves does not do than what it does, because the list of things we skip is long:
- No analytics SDKs. We do not use Google Analytics, Mixpanel, Amplitude, Firebase Analytics, or any other third-party analytics service. We have no event tracking, no funnel analysis, no retention metrics derived from your usage data.
- No advertising. There are no ads in Halves and no advertising SDKs. Your data is never shared with ad networks.
- No cookies or web tracking. The Halves website does not use cookies, tracking pixels, or any form of cross-site tracking.
- No crash reporting with personal data. If we add crash reporting in the future, it will be anonymized and will not include task content.
- No email collection beyond sign-up. We do not harvest email addresses for marketing lists from app usage.
Sign in with Apple
Halves uses Sign in with Apple as its authentication method. This matters for privacy because Apple's implementation allows users to hide their real email address. When you sign in, Apple generates a unique relay address that forwards to your real email. We never see your actual email address unless you choose to share it.
This means your Halves account is effectively anonymous. We have a unique identifier for syncing purposes, but we do not know who you are, what your email is, or any other personal information beyond what you voluntarily put into task titles.
Why this matters for a couples app
Privacy in a shared task app is not just about protecting data from advertisers. It is about trust between partners.
When both people know that the app is not reading, analyzing, or sharing their task data, they are more likely to use it honestly. You will add "research therapists" or "buy pregnancy test" without worrying about who might see that data besides your partner. You will use the private tasks feature for genuinely private things without wondering if the server is logging them anyway.
A task app that partners actually trust is a task app that partners actually use. And a task app that partners actually use is one that can genuinely help distribute the mental load.
The trade-offs we accept
Building privacy-first comes with real trade-offs, and we want to be honest about them:
- We have limited visibility into how people use the app. Without analytics, we rely on direct feedback, App Store reviews, and TestFlight surveys to understand what works and what does not. This makes product decisions slower and less data-driven.
- We cannot do server-side features easily. Features like smart suggestions ("you usually buy groceries on Saturdays") would require analyzing your task history on our servers. We do not do this, which limits the intelligence we can build.
- Debugging is harder. When users report bugs, we cannot look up their account and see what went wrong. We have to reproduce issues locally or ask users to share information voluntarily.
We accept these trade-offs because we believe they are the right ones for an app that handles intimate household data.
Read the full policy
Our complete privacy policy is written in plain language, not legal jargon. It explains exactly what data we collect, why, and how it is stored. If you have questions, email us at hello@halves.app.
Halves is coming soon.
A shared task manager built for two. Sign up to be an early tester.