Designing for Privacy

At M Cubed Software we believe that privacy is a fundamental human right. Sadly it isn't one that is universally protected, and it is common in the software industry for some companies and their apps to vacuum up user data left, right, and centre. We prefer to take different approach, so today we'd like to show you how we have built Coppice and our surrounding infrastructure with Privacy in mind.

(All information here is accurate as of the time of writing. If you are reading this at a later date some details may have changed, but our principles will always remain the same.)

Privacy Policy

The key to privacy is transparency. Transparency about what data we collect, how we collect it, and why we collect it. This level of transparency is something now required by law thanks to the EU's General Data Protection Regulation (GDPR) and takes the form of our Privacy Policy. This outlines the data we collect, the reasons we collect it, and what your rights are with respect to your data. We have just updated this to be even more comprehensive and clear, so be sure to check it out.

Data Minimisation

Privacy is fundamentally about protecting data, and the easiest way to protect a piece of data is to not have that data in the first place. As such, when we were building our websites and the infrastructure to support Coppice, we took a long hard look at every piece of data we stored and asked "is this something that we need or merely something that we want to collect?" If it's the latter then we tried to remove it.

Here are a few examples of how we minimise data collection:

M Cubed Accounts

When you sign up for an M Cubed Account we only ask for your email and password. We don't ask for your name, your address, or any other data that is not absolutely necessary to provide you with a secure way to manage your subscription.

The Coppice Mailing List

Similarly, when you sign up to the Coppice Mailing List we only ask for your email. Sure, it would be nice to have any email we send you start with your name but it isn't necessary for the mailing list to work. We have also chosen a mailing list service that allows us to disable tracking when we send out emails. All we need to know is whether the email failed to get to you, we don't need to track what you do with it after it arrives.


We also keep our analytics to the bare minimum. For our websites the story is simple: we only collect essential access logs.

For Coppice, we give you an option to send us some basic analytics data to help us improve the app. This is entirely opt in and is stored anonymously on our servers. You can always change your mind in our Preferences window, and we also give you full details of what information we send, as well as exactly how each piece of data helps us make Coppice better. Below is an example from one of our machines.

We even went an extra step with this. The tool we use to collect and send this data (Sparkle) is used by many apps on the Mac and can collect a lot more data such as how fast your CPU is, how much RAM you have, etc. For some apps this is very useful information, but for us it isn't necessary. Unfortunately it doesn't allow developers to choose what data is sent, so we opted to customise it to let us only send the data we really need to make decisions about Coppice. When Coppice is released we will be offering these changes back to the Sparkle project so other developers can benefit.

A sheet from Coppice's preferences explaining why analytics are collected. Below is a table showing the data that is sent (OS Version, CPU Type, Model, Language, App Version, and Bundle ID). Above the table is a toggle allowing users to switch between the Raw data or a human readable version

A Local App Means Local Data

One of the benefits of writing a native app that runs on your machine is that we don't need to handle your data. In fact, unless you actually send us a document you created with Coppice, we don't know anything about what you create with Coppice. Your documents are stored where you want, and you have control over who you give access to them.

Coppice is Our Product, Not You

Unfortunately there are some companies out there that don't view their app or their service as their main product. Instead, they see it as a way to collect the thing they really make money on: your data.

We take a different, more "traditional" approach: offering you a great product in exchange for a great price. That is how we make our money, and it makes all of the other points we mentioned above so much easier to implement. It also means that you are our number one priority. We don't need to add features and functionality to satisfy some other group of people. Instead we can focus on making sure Coppice keeps providing you value.

So that is a bit about how we view privacy and how it has been designed into Coppice. Privacy is always an ongoing thing, so if we ever need to change something we'll be sure to always be completely transparent with you. If you have any questions related to privacy then please feel free to email at any time.

If you would like to stay up-to-date on Coppice, make sure to subscribe to the Coppice Blog, the Coppice Mailing List, and/or follow @mcubedsw on Mastodon.