As we prepare Postiller for general availability, we are focused on a core principle: your data should never leave your device unless you explicitly choose to share it. Here is how we are building that into every layer of the app.
Local-First Architecture
Postiller stores everything—bookmarks, ideas, drafts, and generated content—directly on your iPhone or iPad using SwiftData. There is no cloud database, no sync service, and no server-side storage of your content. When you delete the app, your data goes with it.
This was not the easy path. Building local-first means solving problems that cloud apps outsource: efficient on-device search, managing storage constraints, and ensuring data integrity without a central authority. But it is the right path for a tool that handles your ideas.
Bring Your Own Keys
When you use AI features in Postiller, your prompts go directly from your device to your chosen provider—OpenAI, Anthropic, Google, or xAI. We never see your content. We never touch your API keys. The connection is between you and the AI provider, with Postiller acting as the interface.
Your API keys are stored in the iOS Keychain, the same secure enclave that protects your passwords and payment information. They are encrypted at rest and never transmitted anywhere except to the provider you have configured.
On-Device Intelligence
Not everything requires a cloud API. Postiller uses Apple's on-device foundation models for features like semantic search and content embeddings. These models run entirely on your device's Neural Engine—no network requests, no API costs, no privacy tradeoffs.
This hybrid approach lets us offer powerful AI features while minimizing what leaves your device. Cloud APIs handle complex generation tasks where they excel. On-device models handle everything else.
What We Are Finishing
For general availability, we are focused on polish and reliability:
- Share Extension refinements — Capturing content from Safari and other apps should feel instant and seamless
- Persona system improvements — Your custom voices should produce consistently authentic output
- Performance optimization — The app should feel fast even with thousands of saved items
- Accessibility review — Ensuring the app works well with VoiceOver and other assistive technologies
The Business Model Matters
Postiller is a one-time purchase. No subscriptions, no recurring fees. This is not just a pricing decision—it is an alignment decision. We make money when we build something worth buying, not when we lock you into payments or harvest your data for other purposes.
Your content is yours. Your ideas are yours. We are building a tool that respects that, down to the architecture.
We will share more technical details as we approach launch. If you want to follow along, sign up for updates or reach out at beta@postiller.com if you are interested in early access.