Plain-English summary
- Your clipboard history lives only on this Mac. We never receive it.
- The app reads the system pasteboard so it can show you a history of what you've copied. Nothing about that history leaves the Mac.
- The app refuses to capture items that another app has marked as sensitive (e.g. passwords from 1Password) — and you can extend the ignore list.
- We use Sentry for crash reports and PostHog for product analytics — both off by default, both anonymous, both togglable in Settings.
- We use Apple's StoreKit for subscriptions. Apple, not us, processes payments.
- We use a Google Form for feedback you choose to send.
- There is no cloud sync today. If we ever add one, it will be opt-in, end-to-end encrypted, and described here before it ships.
Data we receive about your clipboard: none. Data we receive if you opt in: anonymous crash reports and feature-usage counts. Never the content of any clipboard item.
Geographic scope
Pica Clipper is available only in App Store regions where we have published it. See the app's App Store listing for the current list of supported countries. We do not offer the app in the European Economic Area, and this policy is not designed to satisfy the EU General Data Protection Regulation.
For users in the United Kingdom and Switzerland, we comply with the UK GDPR and the Swiss Federal Act on Data Protection respectively to the extent each applies to a data controller in our position; the rights described below extend to UK and Swiss users alongside the US-state rights set out in Section 10.
This policy is governed by the laws of the State of Israel.
What we collect
What we do not collect
We do not collect, transmit, or have any access to:
- The text, images, files, or other items in your clipboard history
- The applications you copy from or paste into
- Your name, photo, or contact details
- Your precise location
- Your IDFA (Apple's Identifier for Advertisers)
- Any keystroke or system event other than pasteboard changes
What we may collect if you opt in
The following are collected only if you explicitly opt in during onboarding or via Settings → Privacy. Both default to off and can be turned off at any time:
Crash reports (Sentry). A description of the crash, the call stack, the file and line that crashed, and the macOS version. A randomly-generated installation ID. Breadcrumbs we record at key state changes (e.g. "history opened", "preferences saved") — never the content of clipboard items.
Product analytics (PostHog, EU hosting). Counts of feature use, e.g. how often the history panel is opened, how often an item is pasted, which keyboard shortcut is used. Anonymous metadata: app version, macOS version, device model, locale. A random installation ID. No IP address is stored in identifiable form. Never: the content of any clipboard item or any field of any clipboard item.
What we collect if you submit feedback
If you tap "Send feedback" in Settings, your message goes to a Google Form we own. The form captures the text you type, the category you select, the email you optionally provide, and a short context block (app version, macOS version, device model, locale, opt-in state). We use feedback solely to fix bugs, prioritise features, and reply to you.
What Apple collects on our behalf
When you buy a subscription, Apple — not us — handles the entire transaction through StoreKit. Apple gives us only a transaction ID, the product identifier, and the renewal status.
What Pica Clipper captures locally (and never transmits)
When the app is running and you copy something, Pica Clipper writes the following to a local SQLite database inside the app's sandboxed macOS application support container:
- Plain text copied from any app
- Rich text / styled text (RTF and attributed strings, so paste preserves formatting)
- Images copied to the clipboard (e.g. screenshots)
- File paths for files copied via Finder. The file contents are not stored — only the path
- The bundle identifier and name of the app you copied from (for the "Source: Safari" label)
- The timestamp of when the copy happened
The most recent 1,000 items are kept. When the cap is exceeded, the oldest item is dropped. You can clear the entire history at any time from Pica Clipper → History → Clear All.
Sensitive types are skipped. Before writing anything, Pica Clipper inspects the pasteboard's declared types and refuses to capture if any of these markers are present:
org.nspasteboard.ConcealedTypeorg.nspasteboard.TransientTypeorg.nspasteboard.AutoGeneratedTypecom.agilebits.onepassword(1Password)de.petermaurer.TransientPasteboardTypenet.antelle.keeweb(KeeWeb)com.typeit4me.clipping"Pasteboard generator type"
You can extend or shrink this list in Pica Clipper → Settings → Ignore. Items skipped this way are never written to history — the app sees the marker and returns before reading the underlying content.
This data stays on this Mac. We have no access to it and no way to recover it.
Cloud sync
Pica Clipper does not sync clipboard history to iCloud or any other service today. Clipboard history is one of the most privacy-sensitive data sets a typical user creates — passwords, credit cards, draft messages, addresses, two-factor codes all routinely transit it — and shipping it anywhere over the network has serious implications we don't want to make casually.
If we ever build a cross-Mac sync feature, it will be:
- Opt-in and disabled by default
- Documented here before it ships
- End-to-end encrypted so we never see the contents
You will not be opted in automatically by accepting a future version of this policy.
How we use what we collect
We use the opt-in telemetry only to diagnose and fix crashes, understand which features are used, prioritise bug fixes and new features, and reply to your feedback when you've supplied an email.
We do not sell or rent any of this data, share it with advertisers or data brokers, use it to build a profile of you, use it to train AI models, or combine it with data from any other source.
Third parties
If you opt into telemetry, the following processors handle the relevant subset on our behalf:
| Processor | Data | Purpose | Region |
|---|---|---|---|
| Sentry | Crash reports, breadcrumbs | Crash diagnostics | US |
| PostHog | Product analytics events | Feature usage analysis | EU (Frankfurt) |
| Google LLC | Feedback you submit | Read your feedback | US |
| Apple Inc. | Subscription transactions | Payments | US / global |
Children
Pica Clipper is rated 4+ in the App Store but is designed for general use. We do not knowingly collect personal information from anyone under 13.
Your choices
- Disable telemetry. Settings → Privacy → toggle "Share crash reports & analytics" off.
- Clear clipboard history. Pica Clipper → History → Clear All. The local database is wiped immediately.
- Delete a single history item. Right-click → Delete in the history panel.
- Extend the ignore list. Settings → Ignore. Add any pasteboard type identifier or bundle identifier you want Pica Clipper never to capture from.
- Pause capture. Pica Clipper's menu-bar item → Pause. No new items are written until you resume.
- Delete the app. Removes the local history database and all preferences.
- Request access or deletion of feedback you submitted — email us and we will remove your submissions from the linked Google Sheet within 30 days.
California & other US state privacy laws
If you are a resident of California: we do not sell or share your personal information as those terms are defined under California law. Categories we collect (only if you opt in): identifiers (installation ID) and internet activity (feature events). We collect no sensitive personal information. You have the right to request a copy of personal information about you, request deletion, request correction, opt out of any future sale or sharing, and not be discriminated against for exercising these rights.
If you are a resident of Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, or another US state with a comprehensive privacy law, you have similar rights. Use the same contact email to exercise them.
Data retention
- Local clipboard history — stored on this Mac until you clear it, the rolling 1,000-item cap drops it, you delete the app, or you factory-reset the Mac.
- Crash reports (Sentry) — 90 days by default.
- Analytics events (PostHog) — 12 months by default.
- Feedback (Google Form / Sheet) — indefinitely, unless you request deletion.
Security
Clipboard history is stored in a SQLite database inside Pica Clipper's macOS sandboxed application support container. macOS file permissions prevent other apps from reading it. If you have FileVault enabled, the database is also encrypted at rest by macOS.
Telemetry payloads, if opt-in is enabled, are sent over TLS to Sentry and PostHog. We do not operate any user-data servers ourselves.
If you copy a password, credit card, or 2FA code from an app that does not set one of the standard sensitive-type markers, Pica Clipper will capture it. Treat your clipboard history as containing whatever has passed through your clipboard — and use the ignore list to keep apps you don't trust out of it.
No system is perfectly secure. If you become aware of a vulnerability, please email us at the address below.
Changes
If we make material changes to this policy we'll update the "Effective" date at the top and, where practical, notify you inside the app on next launch. Continued use of the app after a change means you accept the updated policy.
Contact
Privacy questions go to hello@picaapps.com. Security disclosures go to security@picaapps.com.
Any dispute arising out of or relating to this policy or the app will be brought exclusively in the competent courts of Tel Aviv-Jaffa, Israel.