Here's a question almost no one asks before downloading a couples app: when you write something inside it — a note to your partner, a memory, a daily mood — where does that data actually go?
We were curious, so we read the privacy policies of every couples app we could find. Most of them follow one of three patterns. None of them describe it this clearly.
Pattern 1: Stored in the clear, monetized
The free apps. Your messages, photos, and entries land on their server in plaintext. The company can read them. Their employees with admin access can read them. Their analytics tools can read them. If a third party buys the company, the new owner can read them.
How do they make money? Some sell ads against your activity. Some sell anonymized "engagement signals" to data brokers. Some are loss leaders for upsells. The exact model varies, but if you're not paying, your data is paying instead.
The privacy policies are usually 4,000 words long and bury this in section 7.
Pattern 2: Encrypted-at-rest, but they have the key
A step better. The data on the server is encrypted, so a casual breach exposes ciphertext instead of plaintext.
But the encryption key sits on the same server, or at least on infrastructure the company controls. Internally, they can decrypt anything they want — the encryption is mostly for "data at rest" compliance, not for keeping the company itself out.
This is the most common setup for paid apps that don't advertise end-to-end encryption. It protects against a thief stealing a hard drive. It does not protect against a subpoena, a curious engineer, or a future change in the company's business model.
Pattern 3: End-to-end encrypted, keys on your devices
The rare model. The encryption key is generated on your phone when you sign up and never leaves it. Anything you save is encrypted before it's sent. The server stores ciphertext. The company genuinely cannot read what's there.
The cost: if you lose your phone and don't have a backup of your key, your data is gone. The company can't recover it because they don't have the key. Some apps mitigate this with social recovery (your partner can re-grant access) or recovery phrases stored offline.
This is the pattern we picked for Arcov, and we wrote about why in more detail.
What to actually ask before you trust an app
If you're reading a couples app's privacy policy and want to figure out which pattern they use, three questions cut through the marketing:
- "Can your employees read my messages and photos if they wanted to?" A clear "no" with technical detail (e.g., "the keys are on your device") = pattern 3. Anything hedged, vague, or about "policies and access controls" = pattern 1 or 2.
- "What happens if a court orders you to hand over my account contents?" If they say "we'd comply with the order and provide what we have," they have the data. If they say "we don't have the keys, so we can't decrypt — we'd hand over ciphertext," that's pattern 3.
- "How are you funded?" If the answer is ads or "data partnerships," the business model is at odds with your privacy. If it's a small subscription fee, the incentives line up.
Most apps will dance around these. The ones that answer plainly are the ones worth trusting.
Why this matters for couples specifically
For most apps, "your data" is browsing history or step counts. For a couples app, your data is the most intimate stuff you've ever written down — moods, fears, photos you wouldn't share with anyone else, the specific texture of your relationship.
That deserves a different bar.
If you're choosing a couples app, ask the three questions above before you put six months of your life inside it. And if your current app's privacy policy is vague on any of them, that's worth knowing.