Privacy

Privacy Policy

Short version: Barista doesn't collect anything about you.

The short version

Barista collects nothing about you. There is no account, no sign-in, no analytics, no telemetry, no crash reporting, no advertising, no tracking, and no "phone home" of any kind. The developer of Barista has no servers that receive your data, because none of your data is ever sent anywhere by the app.

Everything Barista shows you is computed on your Mac, from data that already lives on your Mac or that your Mac fetches directly from the public services you choose to enable (weather, stocks, news feeds, the URLs you pin, your own email provider). The developer is not in the middle of any of that.

It's your Mac, your data, your choice. Barista is just a viewer.

What Barista collects about you

Nothing. To be specific:

No personal information, no name, email, address, phone number, device identifier, advertising ID, or anything else.

No usage analytics: Barista does not record which widgets you use, how often you open them, what you click, or how long you spend in the app.

No crash reports sent to the developer: if Barista crashes, the macOS system crash reporter may show you a dialog offering to send the report to Apple. That's between you and Apple. The developer of Barista does not receive crash data.

No diagnostic logs: Barista does not write logs that get uploaded anywhere.

Your data, on your Mac

Barista handles a few categories of information so the widgets can do their job. All of it stays on your Mac:

Settings and preferences: which widgets you've enabled, the order you've put them in, your appearance choices, the URLs you've pinned, the tickers you've added, and so on. Stored in standard macOS preference files inside your user library.

Account credentials: for the Email widget, your IMAP/SMTP app-specific password is stored in the macOS Keychain, the same secure store the system itself uses. The developer never sees it.

Cached content: recently fetched headlines, prices, weather, etc. may be cached briefly on disk so widgets feel instant. This cache lives only on your Mac and is cleared when you quit or when the cache expires.

Uninstalling Barista, or deleting its preference and cache files, removes everything. There is no remote copy because nothing was ever uploaded.

Permissions Barista asks for

The first time you enable certain widgets, macOS will prompt you to grant a permission. These are used only on your Mac, by the widget, to render what you asked it to render. Nothing read via these permissions is sent off your machine by Barista.

Calendar: to show and manage your events for the Calendar widget (view, create, and edit).

Reminders: to show and edit your reminders for the Reminders widget.

Contacts: to suggest recipients as you type while composing in the Email widget. Read-only; addresses are matched on your Mac and never leave it.

Automation (Spotify, Music, Shortcuts): to read and control what's currently playing for the Now Playing widget, and to list and run your Shortcuts in the Shortcuts Runner widget.

Location: for local-weather auto-detect in the Weather widget and the current Wi-Fi network name in the Network widget. macOS gates the network name behind Location; Barista does not record or transmit your coordinates.

Notifications: to display timer alerts (Timers) and the Battery low-charge alert.

You can decline any prompt, the widget falls back gracefully, and you can change your grants at any time in System Settings → Privacy & Security.

Network connections Barista makes

Some widgets pull live data from the public internet. When they do, your Mac contacts the relevant service directly. The developer of Barista runs no proxy, no relay, and no intermediate server; those requests never touch the developer's infrastructure (because there isn't any).

Weather: your Mac requests current conditions and forecasts from the configured weather data provider.

Stocks, Crypto, Currency: your Mac requests prices and chart data from the configured market data provider.

News: your Mac fetches RSS / Atom feeds from the news sources you've selected.

Webpage widget: your Mac loads the URLs you add, the same way a browser would.

Email widget: your Mac speaks IMAP and SMTP directly to your email provider (e.g. Gmail, iCloud).

Email sender avatars (optional): to show an avatar or logo next to a message, the Email widget can look an avatar up online. That sends a hashed form of the sender's address to Gravatar, and the sender's domain to a DNS-over-HTTPS resolver (for any published brand logo) and to DuckDuckGo's icon service (for a site favicon). It reveals who is emailing you to those services, so it's a setting you can switch off; with it off, only your local Contacts is used.

Each of those third-party services has its own privacy policy and may log the request as any web service does. Barista cannot disable that logging; it's between you and that service. If you don't want a particular service contacted, don't enable that widget.

Email accounts

The Email widget connects from your Mac directly to your email provider over standard IMAP and SMTP. There is no intermediate server.

Your email address and app-specific password are stored locally: credentials in the macOS Keychain, address in app preferences.

Message contents (subject lines, bodies, attachments) are fetched from your provider and held in memory and a local cache only. They are never sent anywhere else.

Removing an account from the Email widget deletes those credentials and clears the local cache for it.

Sender avatars are matched against your Contacts on your Mac first. Looking them up online (see the network section above) is optional and can be turned off in the Email widget's settings.

Clipboard history

The optional Clipboard widget keeps a short history of what you copy so you can paste it again later. Everything it stores stays on your Mac.

Stored encrypted on disk: the history, including any entries you have named, is written to an encrypted file, sealed with a key kept in the macOS Keychain. Reading the file directly, in a backup or with another tool, reveals nothing.

Password managers are skipped: content that 1Password, KeePassXC and similar tools mark as concealed is never recorded, and a per-app blocklist lets you exclude any other app. Apple's Passwords app is offered there by default.

You stay in control: choose how long items are kept, pause capture whenever you want, or clear the history outright. Pinned items survive a clear until you remove them.

You decide what gets copied: anything you copy while capture is on, and that the filters above don't catch, may be stored in history. Treat it like any other place sensitive text can land, and clear it when you need to.

Nothing you copy is ever uploaded. The history lives only on your Mac and is gone when you clear it or uninstall Barista.

What Barista does not do

No accounts, no sign-up, no sign-in.

No analytics or telemetry of any kind.

No crash reports sent to the developer.

No advertising and no advertising identifiers.

No third-party SDKs that collect or transmit user data.

No license checks, activation pings, or "phone home" of any kind.

No selling, sharing, renting, or trading of personal information: there is no personal information to sell, share, rent, or trade.

Children's privacy

Barista is a general-audience macOS utility and is not directed at children under 13. Because Barista does not collect any personal information from anyone, it does not collect personal information from children either.

Changes to this policy

If anything material about how Barista handles data changes (for example, if a future version added a feature that required transmitting data), this policy will be updated and the effective date below will be revised. The current version always lives at this URL.

Effective date: 15 May 2026.