The Cut Download
← Back

Privacy Policy

Last updated: April 2026

The Cut is built by Heftii, Inc. Your privacy matters. This policy explains what data we collect, how we use it, and how we handle data from third-party services.

Data we collect

The Cut does not collect personal data. Your track library, listening decisions, and star ratings are stored locally on your device and synced via your personal iCloud account. Heftii has no access to your iCloud data.

Third-party source connections

The Cut allows you to connect third-party services as track sources. When you connect a service, the app accesses only the data necessary to discover and play audio tracks. Each connection is initiated by you and can be disconnected at any time from the app's settings.

Google Gmail

When you connect a Gmail account, The Cut requests access to your Gmail data via Google's OAuth 2.0 authentication. The app requests the gmail.modify scope, which allows it to read messages and modify message labels.

What we access:

  • Message metadata (sender name, sender email address, subject line, date) in labels you select
  • Message structure to identify audio file attachments
  • Audio file attachments (e.g. MP3, WAV, FLAC) from messages in your selected labels
  • URLs in message bodies to detect links to audio on services like SoundCloud and Dropbox

What we do NOT access:

  • Email body text or conversation content beyond URL extraction
  • Contacts, calendar, or any other Google service data
  • Messages outside of labels you have explicitly selected

How we use Gmail data:

  • Read access: The app scans messages in your chosen labels to discover audio tracks from attachments and links. Only message metadata (sender, subject, date) is stored locally as track context.
  • Write access: When you accept or reject a track, the app can apply or remove Gmail labels and archive emails based on actions you configure per source. These actions are optional and only execute when explicitly set up by you.

Data storage and sharing:

  • Gmail data is processed entirely on your device. Audio files are cached locally.
  • OAuth tokens are stored securely in your device's Keychain and synced via your personal iCloud Keychain. Heftii does not have access to your tokens.
  • We do not send, share, or transfer any Gmail data to Heftii servers or any third party.
  • There is no backend server — all Gmail API requests are made directly from your device to Google's servers.

Revoking access:

  • You can disconnect your Gmail account at any time from the source settings within the app.
  • You can also revoke access from your Google account permissions page.
  • When access is revoked, cached audio files and stored metadata are deleted from your device.

Google API Services — Limited Use Disclosure

The Cut's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Other third-party sources

The Cut may also connect to Dropbox, SoundCloud, and IMAP email servers as track sources. Each connection accesses only audio-related content from services and folders you explicitly choose. Data from these services is processed and stored locally on your device.

Analytics

We may collect anonymised, aggregate crash reports and usage analytics through Apple's standard App Store analytics, which do not identify individual users.

iCloud sync

The Cut uses iCloud for syncing your track library across devices. iCloud is subject to Apple's privacy policy at apple.com/legal/privacy.

Changes to this policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date.

Contact

Questions? Email us at support@heftii.com.