SimpleFT8 is designed with privacy as a core principle. The app is fully self-contained by default — only NTP for UTC clock sync — and every external-service feature is strict opt-in.
Microphone — required to receive FT8 audio from your radio. Audio is processed locally to decode FT8 messages. Captured audio is never recorded, stored, or transmitted.
System Audio Capture (macOS only) — optional. Lets you decode FT8 audio played by another app (SDR software, WebSDR in a browser) without a virtual audio cable. Uses Apple's ScreenCaptureKit; granting Screen Recording is required by Apple for any app that captures system audio.
Location (one-shot) — optional. The "Use GPS" button in Settings reads your location once to fill in your Maidenhead grid locator. Triggered only when you tap the button.
File Access (User-Selected) — required to export ADIF logbook files via the system save dialog. The app only writes to the file you pick.
Your QSO log lives at ~/Library/Application Support/SimpleFT8/qsolog.json on your device. It's never transmitted unless you opt in to the community features below.
By default the app makes zero network calls except SNTP queries to time.apple.com for accurate UTC.
In Settings → Community there are two independent opt-in toggles:
Share decodes with PSK Reporter opt-in
When on, decoded callsigns + grids + signal reports are forwarded to PSK Reporter (a long-running ham-community reception-report database) via our proxy at simpleft8.strangeloop.nl. We proxy rather than letting the app hit PSK Reporter directly so we can rate-limit a misconfigured client and stop it from flooding the upstream. When on, we also fetch reception reports for your callsign every five minutes so the map can show who heard you.
Show me on the SimpleFT8 online map opt-in
When on, the app posts your callsign + Maidenhead grid to our backend every 2–4 minutes so other SimpleFT8 users can see you on the "online now" layer of the map. We store nothing beyond callsign, grid, last-seen timestamp, and a per-install device identifier (used internally for rate limiting). Entries that haven't pinged in 15 minutes drop off the map.
Each toggle gates its own periodic task. You can have either on without the other.
When you opt into either community feature, the app completes a one-time Apple App Attest handshake with our backend. App Attest is Apple's hardware-backed proof that a request comes from a genuine SimpleFT8 install on real Apple hardware, not a script or simulator.
We store the public key Apple gives us, the per-install device identifier, and a monotonic request counter (used to reject replays). We do not store your Apple ID, payment info, or any other Apple-account data — App Attest is per-install, not per-user, and contains no personally identifying information.
Our backend keeps a per-request log (path, status code, IP, device identifier, app version, platform, timing) so we can spot a misbehaving client or service abuse. These logs are not exposed via the API, are not shared with third parties, and contain no message content — just request metadata. Used for anomaly detection only.
Amateur radio licenses are typically granted to teenagers and adults, but there is no age gate. The app collects no personal information from anyone, including children. Community-feature toggles are off by default.
time.apple.com) — used for UTC clock sync. No data sent beyond the SNTP packet itself.Email jeroen@strangeloop.nl to:
Questions about this privacy policy: jeroen@strangeloop.nl
Any changes to this policy will be reflected in app updates with an updated "Last updated" date.