The question that changed how we built Guard

A privacy score isn't enough if you don't know what you're scoring

When we launched Guard in its earliest form, we were confident about one thing: the privacy risk score. It made sense. You could see that Instagram had high risk, Twitter had moderate risk, and your weather app had low risk. Simple.

But Sarah's question exposed something we'd overlooked. Users don't just want to know an app is risky. They want to know why, and more importantly, they want to know which app is the actual privacy problem in their phone.

A privacy score tells you there's a fire. The data exposure profile tells you which room it's in.

We spent weeks pulling apart the permissions landscape. Not just the on-paper permissions iOS hands to developers, but the actual data categories those permissions unlock. Location access isn't just location access. Depending on the app and the permission combination, it's your home address, your work address, your movement patterns, your travel history. We mapped those relationships.

Building something that doesn't feel like homework

The risk with privacy tools is that they can become overwhelming. Show someone a spreadsheet of permissions and you've lost them. We kept thinking about our own parents, how they'd use this, and whether they'd actually sit down and read what we built.

The data exposure profile in Personal Pro needed to do heavy lifting without feeling like work. So we built it as a simple narrative: here's what data this app can see, here's how it stacks against other apps you've installed, and here's the one permission that matters most if you want to reduce that exposure.

We tested it with about forty people before launch. The moment we knew we'd gotten it right was when someone said, 'Oh, I didn't know my notes app could see that.' Not panic. Not confusion. Just recognition. That's what we were aiming for.

Where it sits in the bigger picture

The data exposure profile lives inside Personal Pro because it represents a shift from awareness to action. The free tier of Guard gives you the foundation: here are twelve common apps, here's what they could access, here's your risk score. That's education.

Personal Pro is where you get serious. Real-time alerts tell you when an app changes its permissions. The clipboard safety check watches for apps trying to read what you've copied. The tracking breakdown shows you exactly how many trackers each app is loaded with. And the data exposure profile sits at the centre of it all, showing you the cumulative picture.

For parents on the Family tier, it becomes a conversation starter. You can see what your child's apps are accessing, and instead of just saying 'don't install that', you can actually explain why it matters.

The thing we learned about how people actually think about privacy

Three months after Sarah's question, we were deep in the data exposure profile work when something unexpected happened. A customer wrote in to say they'd kept using Guard even after revoking the worst permissions because they wanted to 'keep an eye on their app ecosystem'. They weren't scared anymore, just aware.

That's when privacy work started feeling different to us. We weren't building Guard to terrify people or to be yet another doomsday app. We were building it as a form of literacy. Most people aren't trying to hide from their phones. They just want to know what's actually happening on them.

The data exposure profile does that. It translates the abstract concept of 'permissions' into something tangible: your notes app can read all your notes, Spotify knows every song you've ever searched for, your maps history is available to five different apps.

Once you know that, you make different decisions. Not necessarily fewer downloads. Just more intentional ones.

Why this still matters, even if iOS seems to care

Apple's made real progress on privacy. App Tracking Transparency forces apps to ask permission. Privacy labels tell you what data is collected. The system is better than it was.

But there's a gap between what iOS shows you and what you actually understand about your exposure. Apple's privacy labels are designed for developers, not users. The permission system is fragmented across Settings, app notifications, and system alerts. Most people have never looked.

The data exposure profile sits in that gap. It's the conversation that iOS doesn't have with you. It's the moment when you realise that twenty different apps have access to your location, and that maybe you meant to revoke that on eighteen of them.

It's not replacing iOS's built-in privacy features. It's making them visible, comparable, and actionable all in one place.