Good Enough ngzhongwei.com / apps
Privacy

How Good Enough handles your data.

Last updated 29 April 2026

The short version

Good Enough does not have user accounts, does not run analytics, does not show ads, and does not share your data with third parties for advertising or profiling. Test history and saved places live on your iPhone and sync between your own Apple devices through iCloud. Speed tests are run against Cloudflare's public infrastructure.

One feature — a shared map of public Wi-Fi quality across cafés and coworking spaces — is off by default. If you turn it on, the app sends anonymized, location-rounded data to a database we run. The detail is in §7.

What follows is the full picture. It's longer than the summary because privacy disclosures need to be specific. The summary is accurate; the rest is precise.

What stays on your device

The vast majority of what Good Enough knows about you never leaves your phone. The app uses Apple's SwiftData framework to persist data locally:

  • Test history — every connection check you've run, with timestamp, location (if you allowed Location Services), the verdict, and the underlying download / upload / ping / jitter measurements.
  • Saved places — the cafés, offices, and other spots you've named and starred.
  • Settings & preferences — notification toggles, theme, and which features you've enabled.
  • Purchase status — whether you own Better, are subscribed to Way Better, and your subscription expiration date (a copy of what Apple's StoreKit reports).

Deleting the app removes all of this from your phone. If you've enabled iCloud sync, the next section covers what happens to the cloud copy.

What syncs through iCloud

If you have iCloud Drive enabled in iOS, Good Enough uses Apple's CloudKit to sync your test history, saved places, and settings between your own Apple devices — your iPhone, iPad, and any other device signed into the same Apple ID.

iCloud sync uses Apple's CloudKit, which encrypts data in transit and at rest within Apple's infrastructure. The sync happens directly between your devices and Apple's servers; we are not in the loop and never see your synced data. Apple's handling of CloudKit data — including whether it's end-to-end encrypted — is governed by Apple's privacy policy and your iCloud account settings (such as Advanced Data Protection, if you've enabled it).

You can turn iCloud sync off in iOS Settings → [your name] → iCloud → Apps Using iCloud → Good Enough. Turning it off does not delete your local data.

Data security

On-device data benefits from iOS's standard data protection. When your device is locked, the data store is encrypted at rest using keys derived from your device passcode. iCloud sync uses Apple's CloudKit, which encrypts data both in transit and at rest within Apple's infrastructure.

The optional shared map's endpoint is served over TLS; no contributions are accepted over plaintext.

We do not store payment information. Apple's StoreKit handles all of that on our behalf — we receive only a binary "active subscription / not active" signal.

Speed tests & Cloudflare

To measure your connection's actual performance, the app needs to send and receive real data over the network. Good Enough uses Cloudflare's public speed test endpoints, the same infrastructure that powers their own free Speed Test tool.

This means each time you tap "Check this spot":

  • Your phone briefly opens connections to Cloudflare's servers.
  • Cloudflare receives your IP address (as any web request does), the size and timing of the test transfers, standard HTTP request metadata, and TLS handshake metadata visible to any web destination (cipher suites, SNI hostname).
  • Cloudflare's privacy practices govern that interaction. See their privacy policy at https://www.cloudflare.com/privacypolicy/.

We don't see, log, or relay any of this. The measurements come back to your phone, get interpreted into a verdict, and that's the end of the round trip.

In-app purchases

Better and Way Better are sold through the App Store. Apple's StoreKit framework handles the purchase, the payment, and the receipt verification. We are told only what the framework reports back: whether each purchase or subscription is active, the product ID of any active subscription (so we can show "Monthly" vs "Yearly" on the paywall), and the expiration date of an active subscription (so we can render renewal copy correctly).

We do not see your Apple ID, your name, your email, your billing address, or your payment method. Refunds and subscription management are handled by Apple — we cannot process either ourselves.

The optional shared map

This is the only feature in Good Enough that ever sends data anywhere on our side. It is off by default, and most users will never turn it on.

What it is

A long-running goal of the app is a community-built map of which public spots actually have working internet — cafés, coworking offices, hotel lobbies, libraries. To build it, the app asks anyone who's willing to contribute a few small details from each check, with all personally-identifying parts stripped before they leave your phone.

What gets sent if you opt in

  • A geographic coordinate, rounded to a 50-metre grid. The check might have happened anywhere within that 50m square — the exact point isn't stored or transmitted.
  • The name of the place, only when it has been resolved by Apple Maps to a public venue (e.g. Blue Bottle Coffee — Mint Plaza). Spots you've named privately ("home", "mom's house"), and any check that didn't resolve to a public Apple Maps venue, are excluded entirely.
  • The test measurements: download speed (Mbps), upload speed (Mbps), ping (ms), and jitter (ms).
  • The verdict tier (Great / Good / OK / Slow / Very Slow) and the per-activity verdicts (e.g. "video calls: good, streaming: great").
  • Connection type — Wi-Fi, cellular, wired, or unknown.
  • The hour of day (0–23) and day of week the test was run — no minute-level precision and no calendar date.
  • The version of the app the test came from.

What is never sent

  • No user ID, no device ID, no Apple ID, no email.
  • No IP address is ever stored. The endpoint sees your IP only transiently to enforce a per-IP rate limit, and never writes it to the database.
  • No raw coordinates, no street address, no GPS accuracy radius.
  • No test history — only the single completed check at the moment you ran it, never your archive.
  • No Wi-Fi network name (SSID), no carrier name, no signal strength readings.
  • Nothing from places that aren't a public Apple Maps venue.

Where it goes

Contributions are stored in a Supabase project we operate, encrypted in transit via TLS. Retention is 24 months; older entries are deleted automatically.

How to opt in or out

The toggle lives in Settings → Contribute → "Help others discover good work spots". Off by default. Turning it off stops new contributions immediately. To request deletion of contributions you've already made, email us — since contributions carry no user ID, you'll need to tell us roughly when and where so we can scope the deletion.

Current status

As of this writing the shared map is in pre-release. The dataset is small to non-existent. We mention this so you know what the feature actually does today, not what we hope it'll become.

What we never collect

Some things are common in mobile apps that aren't in Good Enough at all. None of these exist in the codebase, and none are planned.

  • No user accounts. The app does not have a signup, login, email field, password, or "sign in with…" flow.
  • No analytics SDKs. No Mixpanel, Amplitude, Firebase Analytics, Segment, or equivalent. We do not log feature usage, screen views, taps, sessions, or funnels.
  • No advertising identifiers. The app does not request or use IDFA. The IDFV is not used to identify you across sessions.
  • No third-party trackers, pixels, or fingerprinting. No tracking SDKs of any kind.
  • No cross-app or cross-website tracking. Good Enough does not track you across apps or websites owned by other companies. The app does not call iOS's AppTrackingTransparency framework because there is nothing to track.
  • No crash reporters that send symbolic stack traces with personal context. Crash logs that Apple itself collects (and which you can opt out of in iOS Settings → Privacy & Security → Analytics & Improvements) are governed by Apple, not us.
  • No data sales. There's no data to sell — but to be explicit: even if there were, we wouldn't.

Children

Good Enough is not directed at children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal data from children. The app's nature — a network speed measurement tool — makes it unlikely to be of interest to young users, and the App Store age rating reflects this.

If you are a parent or guardian and believe your child has used the app and has data stored as a result, email us at the address in §14 and we will delete it. Because the app does not require an account, you may need to confirm which device the data is on (or, for the optional shared map, the rough time and location of any contributions) so we can scope the deletion correctly.

Your rights

Because the app holds so little, most data-rights requests are things you can do yourself in a few taps:

  • See your data. Everything the app knows is visible inside the app — test history in Trends, saved places in Places, settings in Settings.
  • Export your data. Settings → Data → Export gives you a choice of PDF or CSV containing every test in your history.
  • Delete some of it. You can wipe everything via Settings → Data → Clear all data, or clear just your test history via Settings → History → Clear all history. Individual tests and individual places can be deleted from inside the History and Places tabs respectively.
  • Delete all of it. Removing the app deletes the local store. To also remove the iCloud copy, on iPhone go to Settings → [your name] → iCloud → Manage Account Storage → Good Enough → Delete Data.
  • Withdraw shared-map consent. Toggle "Help others discover good work spots" off in Settings → Contribute. To request deletion of past contributions, email us.

Third parties referenced

The complete list of services the app interacts with:

  • Apple Inc. — provides iCloud, CloudKit, StoreKit, and the iOS frameworks the app is built on. Governed by Apple's privacy policy.
  • Cloudflare, Inc. — provides the public speed test endpoints used to measure your connection. Governed by Cloudflare's privacy policy.
  • Supabase, Inc. — hosts the database for the optional shared map. Only contacted if you've enabled that feature. Governed by Supabase's privacy policy.

Singapore PDPA & EU GDPR

Good Enough is operated from Singapore. We comply with the Personal Data Protection Act 2012 (PDPA). The Data Protection Officer for the app is the developer (contact below).

Because the App Store distributes globally, the app is also accessible to users in the European Union. To the extent any of the limited data described above falls within scope of the General Data Protection Regulation (GDPR), we rely on:

  • Performance of a contract as the legal basis for storing your test history and saved places (i.e. delivering the app's core function).
  • Explicit consent as the legal basis for the optional shared map. You can withdraw consent at any time in Settings.

We do not transfer personal data internationally for processing — the data either stays on your device, syncs through your own Apple iCloud account, or (for the optional shared map only) goes to a Supabase project that does not store IP addresses or any personal identifiers.

Changes to this policy

If we make material changes — adding a new third party, broadening what gets shared in the optional map, anything that meaningfully alters the picture above — we'll bump the "Last updated" date at the top of this page and post a one-screen notice the next time you open the app. Continuing to use the app after a material change means you accept it; if you don't, the app's data can be removed in any of the ways described in §10.

Contact

Questions, requests, or concerns about how Good Enough handles data: support@ngzhongwei.com.