Frequently Asked Questions

PrivacyInsights helps you understand what data apps and websites can collect about you, detect potential tracking devices nearby, and improve your overall privacy posture on iOS. All analysis happens locally on your device.

Most features work offline, including permission scanning, Bluetooth device detection, Security Check, GeoIP lookups, speech transcription, photo privacy analysis, clipboard monitoring, calendar audit, and keyboard extension detection. Features like URL security checking, Domain Security Checker, Cookie Inspector, and traceroute require an internet connection.

iOS 26.0 or later is required. The app works on both iPhone and iPad.

No. All analysis happens locally on your device. We have no servers, no analytics, and no way to see your data. Everything stays on your device.

Each permission enables a specific privacy analysis feature. For example, Bluetooth permission lets us detect tracking devices nearby, Camera enables QR code scanning, and Location helps correlate tracker detection. You can deny any permission and still use other features.

Scan results are stored only on your device. They are never uploaded anywhere. Uninstalling the app deletes all data. Some features like Tracker Monitoring store history locally to detect patterns over time.

No. When you check a URL's security, your device connects directly to that website. We never see the URL or the results.

AirTags paired with your iPhone advertise minimally and are designed to be invisible to their owner. The app is optimised to detect unknown trackers that might be following you, especially those in "separated mode" (not paired with a nearby phone).

We can detect 40+ tracker types including Apple AirTag, Samsung SmartTag, Tile, Chipolo, Pebblebee, and many others. The app also identifies 170+ Bluetooth device manufacturers.

Many Bluetooth devices don't broadcast identifying information. We can only identify devices that advertise recognisable signatures or manufacturer IDs.

The app uses iOS's optimised Bluetooth scanning APIs. Short scans have minimal battery impact. We recommend scanning for 10-30 seconds rather than leaving it running continuously.

This feature tracks a Bluetooth device's signal strength (RSSI) over time and correlates it with your GPS location to detect if a device is following you. It uses sophisticated algorithms to calculate a "following score" based on signal stability and location patterns.

Traceroute shows the path your internet traffic takes to reach a destination, revealing all the servers (hops) in between. This helps you understand where your data travels. The app includes geolocation data to show where each hop is located on a map.

Many routers are configured to not respond to traceroute packets for security reasons. This is normal behaviour and doesn't indicate a problem.

GeoIP provides approximate locations based on IP address databases. It's typically accurate to the city level but can be off, especially for mobile networks and VPNs. The app uses an offline database bundled with the app.

The Network Scanner discovers devices on your local network, identifies manufacturers using OUI (Organisationally Unique Identifier) lookups, and can detect IoT devices. All scanning happens locally on your network.

Go to Settings → Safari → Extensions → Enable both "PrivacyInsights Content Blocker" and "PrivacyInsights". The Content Blocker blocks trackers, while the Web Extension allows you to block domains from Cookie Inspector.

It blocks known tracking scripts, advertising networks, and analytics services based on a curated blocklist. You can also add custom domains from the Cookie Inspector.

Most websites work normally. If a site doesn't work correctly, you can disable the blocker for that site in Safari settings or remove specific domains from your block list.

Custom rules are domains you've blocked from Cookie Inspector. If you haven't blocked any domains yet, this will show 0. The extensions cache rules locally to persist between sessions.

Yes. Apple's Safari extension APIs are still evolving, and functionality may change in future iOS updates. The extensions work well currently but may require updates as Apple refines the APIs.

It analyses URLs for phishing patterns, homoglyph attacks (lookalike characters), tracking parameters, redirect chains, and suspicious patterns. It also checks SSL certificates and domain age.

The app can scan URLs, WiFi credentials, contact information (vCard), calendar events, email addresses, phone numbers, SMS messages, geographic locations, and plain text. Each type is analysed for privacy and security risks.

No. QR codes are processed in real-time using your camera and immediately discarded. No images or QR data are stored or transmitted.

It scans for 40+ jailbreak indicators including suspicious files, modified system paths, unauthorised app installations, and security vulnerabilities. All checks happen locally without internet access.

The app detects most common jailbreak methods, but sophisticated jailbreaks may evade detection. A clean scan doesn't guarantee the device isn't jailbroken, but it's a strong indicator.

The Privacy Score is a calculated metric based on your device's security settings, granted permissions, detected trackers, and other privacy factors. It helps you understand your overall privacy posture.

The specific feature requiring that permission won't work, but all other features remain available. For example, denying Bluetooth permission disables tracker detection but URL scanning still works.

Yes. Go to Settings → PrivacyInsights to manage all permissions at any time. You can also access iOS privacy settings directly from the app.

The permission scanner shows all iOS permissions and their current status across all apps, helping you understand your overall privacy posture. It's not just showing PrivacyInsights permissions.

It demonstrates what apps with photo access can learn about you by analysing your photos on-device. This includes location patterns, social connections, activities, vehicles, food preferences, and even sensitive documents. It's an educational tool to help you understand why photo access is a significant privacy consideration.

No. All photo analysis happens entirely on your device using Apple's Vision and CoreML frameworks. No photos or analysis results are ever uploaded or shared. The feature exists purely for privacy education.

The app uses MobileNetV3 Large, a CoreML model bundled directly inside the app. It runs entirely on your iPhone's Neural Engine, processes images at 224×224 pixels, and classifies across 1,000 ImageNet categories. Zero data leaves your device. Read more about Photo Privacy Analysis →

Basic analysis provides a quick overview of metadata, locations, and faces. Extended Profiling performs deep analysis across 12 categories including activities, social patterns, life events, vehicles, food, documents, home content, and work patterns. Extended analysis takes longer but reveals much more about what apps could learn.

Smart sampling limits analysis to 3,000 photos maximum to balance thoroughness with performance. The sampling is distributed evenly across your photo history, so you still get representative results even with large libraries.

Photos of ID cards, credit cards, passports, and other sensitive documents are a significant privacy risk. We recommend reviewing these photos and deleting any that aren't necessary. If you need to keep them, consider moving them to a secure notes app or encrypted storage.

It provides real-time speech-to-text transcription using Apple's on-device speech recognition. You can record meetings, lectures, or conversations and get a full text transcript. The feature includes three audio filters that can all be used simultaneously to improve recognition accuracy in noisy environments.

The app has three audio processing filters that can be toggled on and off independently — even during recording. All three can run at the same time for maximum quality.

🔇 Denoise (LMS Filter) — An adaptive noise cancellation filter that learns the background noise in your environment and subtracts it from the audio in real-time. It works best against constant sounds like fans, air conditioning, traffic hum, or computer noise. The filter uses a 64-tap Least Mean Squares algorithm accelerated by Apple's vDSP framework, so it has minimal impact on battery and performance.

🎤 Clarity (Voice EQ) — A 6-band parametric equaliser tuned specifically for human speech. It cuts low-frequency rumble below 80 Hz, boosts the fundamental voice frequencies (220 Hz and 700 Hz for male voices, 1 kHz for female voices), enhances consonant clarity at 2.8 kHz, and rolls off high-frequency hiss above 8 kHz. The result is clearer, more intelligible speech for the recognition engine.

📊 AGC (Automatic Gain Control) — Dynamically adjusts the microphone sensitivity based on how loud or quiet the speaker is. If someone speaks softly or is far from the device, AGC boosts the signal. If someone speaks loudly, it reduces the gain to prevent distortion. This is particularly useful in meetings where participants sit at different distances from the device, or when recording voices that vary in volume.

When all three are active, the processing chain is: AGC (input level normalisation) → Clarity EQ (voice frequency shaping) → Denoise LMS (background noise removal). A live Signal-to-Noise Ratio (SNR) indicator shows the audio quality in real-time.

No. All speech recognition happens on-device using Apple's local speech recognition engine. No audio or transcription data leaves your device. The app requires the Speech Recognition permission to function.

Yes. You can export transcriptions in four formats: plain text (.txt), Markdown (.md), PDF, and JSON. Meeting minutes get a professional PDF layout with header, summary, key points, decisions, and action items. All exported PDFs include a subtle watermark. You can share via AirDrop, Messages, Mail, or any app that supports the iOS share sheet. Read more about Speech Transcription →

It performs 11 security checks on your current network: DNS leak detection, captive portal detection, router port security, DNS encryption status, network type analysis, ARP spoofing detection, rogue DHCP detection, SSL/TLS MITM detection, latency and stability, IPv6 leak detection, and configuration profile checks. Each check produces a finding with a severity rating (Pass, Info, Warning, or Critical) and an actionable recommendation.

Yes. The router port scan is disabled by default to respect networks you don't own (hotels, cafés, offices). All other checks are passive and don't send any unusual traffic. You can enable the router scan for your own home network. Read more about Network Security Audit →

Every time you visit a website, your device sends a DNS query to translate the domain name into an IP address. Without encryption, your ISP and anyone on the network can see every website you visit. Encrypted DNS (DoH or DoT) encrypts these queries so they can't be snooped on. PrivacyInsights lets you enable this with one tap.

No. Once you activate Encrypted DNS, it's a system-level setting managed by iOS. It works for ALL apps on your device, persists through restarts, and stays active even if you close or delete PrivacyInsights. The app is only needed to configure and change the setting.

It depends on your priorities:

Cloudflare (1.1.1.1) — Best for speed and privacy. No IP logging, independently audited.

Quad9 (9.9.9.9) — Best for security. Non-profit, blocks malware domains automatically.

AdGuard — Best for ad blocking. Blocks ads and trackers at DNS level.

Cloudflare Family — Best for families. Blocks malware and adult content.

Mullvad — Best for maximum privacy. Swedish jurisdiction, no logging.

Google (8.8.8.8) — Best for reliability. Global infrastructure, but logs are kept for 48 hours.

It shows you exactly what's currently on your clipboard and analyses it for sensitive data like passwords, credit card numbers, email addresses, and phone numbers. Any app on your device can read your clipboard without permission, so this feature helps you understand the risk.

Yes. The app includes a one-tap clipboard clear function. We recommend clearing your clipboard after copying sensitive data like passwords or credit card numbers, since any app can read clipboard contents without asking.

It scans your device for installed third-party keyboards and shows the privacy risks they pose. Third-party keyboards with "Full Access" enabled can capture every keystroke you type, including passwords, credit card numbers, and private messages, and potentially transmit that data to remote servers.

If you don't actively need a third-party keyboard, the safest option is to use Apple's built-in keyboard. If you must use a third-party keyboard, never enable "Full Access" and review the keyboard's privacy policy. Go to Settings → General → Keyboard to manage your installed keyboards.

It reads your device's real advertising identifiers (IDFA and IDFV) and shows your current App Tracking Transparency status. You can see whether apps are allowed to track you across other apps and websites, and understand what data advertisers can collect about you.

IDFA (Identifier for Advertisers) is a unique ID that advertisers use to track you across different apps. You can disable it via App Tracking Transparency. IDFV (Identifier for Vendor) is unique per developer and resets when you remove all apps from that developer. IDFV cannot be disabled.

Go to Settings → Privacy & Security → Tracking and disable "Allow Apps to Request to Track". This zeroes out your IDFA so advertisers cannot link your activity across apps. The app shows your current status and explains what each setting means.

It visits a website you specify and reveals all cookies set, tracker scripts loaded, and network requests made. You can see exactly which third-party domains are tracking you on any website, and optionally block specific domains by adding them to your Safari Content Blocker rules.

Yes. When Cookie Inspector identifies tracking domains, you can block them with one tap. Blocked domains are added to your custom Safari Content Blocker rules, preventing those trackers from loading on any website you visit. Read more about Web & Cookie Tools →

It performs a comprehensive security analysis of any domain, checking SSL/TLS certificate validity, certificate chain, DNS configuration, and security headers. It gives you a security score and highlights potential vulnerabilities or misconfigurations.

The URL Scanner analyses a specific URL for phishing patterns, tracking parameters, and redirect chains. The Domain Security Checker focuses on the domain's infrastructure: SSL certificates, DNS records, and server security configuration. They complement each other. Read more about Network & Security Tools →

Go to iOS Settings → Safari → Extensions → PrivacyInsights Content Blocker, then toggle it off. This will stop blocking trackers but won't remove your custom block rules.

Go to iOS Settings → Safari → Extensions. You'll see both "PrivacyInsights Content Blocker" and "PrivacyInsights" (Web Extension). Toggle both off to disable them. Note: The extensions are part of the app, so they can only be fully removed by uninstalling PrivacyInsights.

Open PrivacyInsights → Safari Tracker Blocker → Custom Rules. You can remove individual domains by swiping left, or use "Clear All" to remove all custom rules. After clearing, tap "Refresh Content Blocker" to apply changes.

Some websites require tracking scripts to function. You can temporarily disable the Content Blocker in Safari settings, or check if you've accidentally blocked a required domain in your custom rules.

Ensure Bluetooth is enabled in Settings and you've granted Bluetooth permission to the app. Some devices only advertise intermittently. Try scanning for 20-30 seconds.

Check your internet connection. Some websites block automated security checks. Try a different URL or check if the website is accessible in Safari.

Avoid leaving Bluetooth or network scans running for extended periods. Close the app when not in use. Continuous monitoring features like Tracker Monitoring will use more battery.

Long-running tasks like photo analysis, speech transcription, Bluetooth scanning, and tracker monitoring keep the screen on to prevent interruption. This is managed by the LongRunningTaskManager and the screen will return to normal when the task completes or is cancelled.

Extended photo profiling analyses up to 3,000 photos across 12 categories using on-device machine learning. This can take several minutes depending on your library size. You can cancel at any time, and partial results will be saved.

Many Bluetooth devices don't allow connections from unknown apps. This is normal security behaviour. The app will timeout after 10 seconds and continue scanning.

Use the feedback form below to send us a bug report or feature request. You can also leave feedback through the App Store. We actively monitor user feedback and regularly update the app.