CanPlan data storage and security

Description

CanPlan is a to-do list application for people who need support to complete tasks independently. Users can create tasks with steps complete with visual and auditory aids in the form of text, text-to-speech, pictures, videos, and recorded audio.

CanPlan has two versions, one for Google’s Android and one for Apple iOS.

Data privacy

CanPlan stores data locally and no user data is sent to servers*. No data is collected by CanAssist or other parties within the released build of the application.

*CanPlan has an option for users to back up their data to iCloud on the iOS version

Data stored

User provided data stored is in the following formats and located in the following locations:

Application package database directory

SQLite database

Much of the data used by CanPlan is stored directly within the local SQLite database, including resources such as images encoded as base64 blobs and regular data objects like tasks and steps.

Tasks and steps contain user provided text and may also have references to resources not stored directly within the database.

Application package documents directory

Step videos

Videos are stored as regular video files, with their paths linked to within the database. More specifically, these files are specifically stored as .mp4 files on Android, and .mov files on iOS.

Step audio

Audio such as voice notes are stored as regular audio files, with their paths linked within the database. More specifically, these files are stored as .wav files on Android and iOS.

Local cache

User preferences and statistics

User preferences such as options set in settings, and statistics such as “Days Active”, are stored within the current platform’s specific persistent storage, these are namely the NSUserDefaults on iOS and SharedPreferences on Android.

Data storage duration

Data is stored on the device for as long as the app is installed. Data is only deleted if it’s deleted within CanPlan or ifCanPlan itself is deleted and the application package is removed from thedevice.

Data security

No specific data protection measures have been implemented for CanPlan, but instead CanPlan’s data is protected by the given platform’s security measures.

Android

Android uses a kernel-level Application Sandbox to isolate apps from each other and the system, this means that apps cannot interact with each other which prevents unauthorized access user information stored within CanPlan.

iOS

Similarly to Android, iOS also employs an Application Sandbox to restrict application access, this is a requirement before it can be put on the app store, and it also prevents unauthorized access of user information stored within CanPlan.