Meridian requests access to three data sources. All processing happens locally on your device.
| Source | Permission | Purpose | Leaves device? |
|---|---|---|---|
| Photo Library | Read-only (Limited mode available) | Extracts GPS coordinates and timestamps from photo EXIF data to reconstruct past journeys | Never |
| Apple Health | Workout Routes (read-only) | Reads running, cycling, and hiking routes to enrich the daily timeline | Never |
| Location | When In Use or Always (optional) | Continuous tracking when you choose to enable it, to log new routes automatically | Never |
| Reverse geocoding | CLGeocoder (Apple system) | Converts coordinates to place names ("Blue Bottle Coffee") for display | Via Apple system only |
Note on reverse geocoding: CLGeocoder is an Apple system service. Coordinate data passes through Apple's servers to return a place name — Meridian itself does not send your data to any third-party service. Apple's privacy policy applies to this lookup.
The only external service Meridian interacts with is Apple's CLGeocoder for reverse geocoding (coordinates → place names). This is an Apple system API — not a third-party company. Meridian does not integrate any SDKs from companies outside of Apple's own frameworks.
Apple's privacy policy: apple.com/legal/privacy
Meridian qualifies for Apple's "Data Not Collected" App Privacy label. Because no personal data leaves your device, Meridian falls outside the scope of GDPR's data controller requirements, and meets the local processing requirements of China's Personal Information Protection Law (PIPL).
Meridian is not directed at children under 13. Since we collect no data from anyone, children are not at risk of data exposure through this app.
If we add features that require new data handling — for example, optional iCloud backup — this page will be updated with a new date and announced via the app's release notes. We will not introduce data collection silently.