diff --git a/docs/APP_STORE_CONNECT.md b/docs/APP_STORE_CONNECT.md
new file mode 100644
index 0000000..d6c8c4b
--- /dev/null
+++ b/docs/APP_STORE_CONNECT.md
@@ -0,0 +1,270 @@
+# App Store Connect — beenvoice iOS
+
+Copy-paste reference for submitting **beenvoice** (`com.beenvoice.app`, v1.0.0). Update URLs if your production web host differs from `beenvoice.com`.
+
+---
+
+## App Information
+
+| Field | Value |
+|-------|--------|
+| **Name** | beenvoice |
+| **Subtitle** (30 chars max) | Invoices & time tracking |
+| **Bundle ID** | `com.beenvoice.app` |
+| **SKU** | `beenvoice-ios` (your choice; immutable) |
+| **Primary language** | English (U.S.) |
+| **Primary category** | Business |
+| **Secondary category** | Productivity |
+| **Content rights** | Does not contain third-party content |
+| **Age rating** | 4+ (no restricted content; business/finance utility) |
+
+### Copyright
+
+```
+© 2026 beenvoice
+```
+
+---
+
+## URLs
+
+Deploy the Next.js legal pages before submission. Privacy Policy and Terms must load without login.
+
+| Field | URL |
+|-------|-----|
+| **Privacy Policy URL** | `https://beenvoice.com/privacy` |
+| **Terms of Use (EULA)** | Use Apple Standard EULA *or* link `https://beenvoice.com/terms` |
+| **Support URL** | `https://beenvoice.com` (or a dedicated `/support` page when available) |
+| **Marketing URL** (optional) | `https://beenvoice.com` |
+
+If production web is still on `beenvoice.soconnor.dev`, use `https://beenvoice.soconnor.dev/privacy` and `/terms` until `beenvoice.com` is live.
+
+---
+
+## Promotional Text (170 chars max)
+
+Optional; can be changed without a new build.
+
+```
+Track billable hours, manage clients, and send invoices from your phone. Syncs with your beenvoice account. Lock the app with Face ID.
+```
+
+---
+
+## Description (4000 chars max)
+
+```
+beenvoice is the mobile companion for freelancers and small teams who invoice clients and track billable time.
+
+DASHBOARD AT A GLANCE
+See revenue, pending and overdue invoices, and your running timer without opening multiple tools.
+
+TIME CLOCK
+Clock in and out with an optional description, client, invoice, and hourly rate. On iPhone, a Live Activity on the Lock Screen and Dynamic Island shows elapsed time while you work.
+
+INVOICES
+Browse, filter, create, and edit invoices. Update status and keep billing moving from anywhere.
+
+CLIENTS & BUSINESSES
+Maintain client records and business profiles so invoices stay consistent across web and mobile.
+
+MULTI-ACCOUNT
+Switch between beenvoice accounts (e.g. work and personal) with separate sessions, similar to a password manager.
+
+SECURITY
+Optional per-account app lock with PIN and Face ID / Touch ID when returning to the app.
+
+OFFICIAL OR SELF-HOSTED
+Sign in to the official beenvoice cloud or point the app at your own beenvoice server URL.
+
+REQUIREMENTS
+A beenvoice account and network access to your beenvoice server. The mobile app is not a standalone product—it connects to the same API as the beenvoice web app.
+
+Questions or feedback: support via your beenvoice administrator or the contact on beenvoice.com.
+```
+
+---
+
+## Keywords (100 chars max, comma-separated, no spaces after commas)
+
+```
+invoice,time tracking,freelance,billing,clients,timer,accounting,small business,hours,beenvoice
+```
+
+---
+
+## What’s New (Version 1.0.0)
+
+```
+Initial App Store release.
+
+• Dashboard with revenue and invoice summaries
+• Time clock with optional client, invoice, and rate
+• iOS Live Activity for running timers
+• Invoice list, create, and edit
+• Clients and businesses management
+• Multi-account support with secure sign-in
+• Per-account app lock (PIN and Face ID)
+• Light and dark appearance
+```
+
+---
+
+## App Review Information
+
+### Sign-in required
+
+**Yes** — the app requires a beenvoice account.
+
+### Demo account (production server)
+
+Ensure migration `0014_seed_demo_account` has run on the server reviewers will hit.
+
+| Field | Value |
+|-------|--------|
+| **Username** | `demo@example.com` |
+| **Password** | `demo123` |
+
+### Notes for Review
+
+```
+beenvoice is a client for the beenvoice invoicing and time-tracking platform (web + API).
+
+SIGN IN
+1. Open the app.
+2. Leave "Official" server selected (https://beenvoice.soconnor.dev) unless we specify otherwise in this note.
+3. Sign in with the demo account above.
+
+WHAT TO TEST
+• Dashboard — sample invoices and stats are pre-seeded.
+• Timer tab — clock in, optionally pick client/description; on a physical device, Lock Screen Live Activity appears while a timer runs.
+• Invoices — list includes draft, sent, and paid examples.
+• Settings — profile, theme, optional app lock (PIN / Face ID).
+
+APP LOCK
+Optional. Enable in Settings → App Lock. Face ID uses on-device biometrics only; no biometric data is sent to our servers.
+
+LIVE ACTIVITY
+Requires a physical iPhone (not available in Simulator). Start a timer, lock the device, and check the Lock Screen / Dynamic Island.
+
+SELF-HOSTED SERVERS
+Users may enter a custom server URL on sign-in. Review uses the official server only.
+
+No in-app purchases. No ads.
+```
+
+Update the official server URL in the note if you change `DEFAULT_API_URL` in `lib/config.ts`.
+
+---
+
+## App Privacy (Privacy Nutrition Labels)
+
+Answer in App Store Connect → App Privacy. Adjust if you add analytics later.
+
+### Data linked to the user
+
+| Data type | Purpose | Collected | Linked | Tracking |
+|-----------|---------|-----------|--------|----------|
+| **Email address** | App functionality, account | Yes | Yes | No |
+| **Name** | App functionality, account | Yes | Yes | No |
+| **Other user content** (clients, invoices, time entries, business details) | App functionality | Yes | Yes | No |
+| **User ID** | App functionality | Yes | Yes | No |
+
+### Data not collected for tracking
+
+The app does **not** use data for tracking across apps/websites. No third-party analytics SDKs in the current build.
+
+### Data collected but not linked (typically none)
+
+If you only use on-device Face ID via `expo-local-authentication`, Apple treats biometrics as **not** collected by the developer—do **not** declare Face ID templates as collected data.
+
+### Practice to select
+
+- **Data Used to Track You:** None
+- **Data Linked to You:** Contact info, identifiers, user content (as above)
+- **Data Not Linked to You:** None (unless you add crash logs without account linkage)
+
+---
+
+## Age Rating Questionnaire (typical answers)
+
+| Topic | Answer |
+|-------|--------|
+| Cartoon / fantasy violence | None |
+| Realistic violence | None |
+| Sexual content | None |
+| Profanity | None |
+| Drugs, alcohol, tobacco | None |
+| Gambling | None |
+| Horror | None |
+| Mature / suggestive themes | None |
+| Unrestricted web access | No (in-app browser not used for open web) |
+| User-generated content broadly distributed | No (invoice data is private to the account) |
+
+Expected result: **4+**.
+
+---
+
+## Export Compliance
+
+In App Store Connect encryption questions:
+
+- **Uses encryption:** Yes (HTTPS/TLS for API)
+- **Exempt:** Yes — standard HTTPS only, qualify for exemption under mass-market encryption rules (same as most apps using TLS)
+
+Confirm annually in Connect; no separate ERN needed for standard TLS-only apps in most cases.
+
+---
+
+## Screenshots (required sizes)
+
+Capture from **iPhone 6.7"** (e.g. iPhone 15 Pro Max) and **6.5"** if you support older requirements. Xcode Simulator → Save Screenshot, or physical device.
+
+Suggested screens (portrait):
+
+1. **Sign-in** — brand, clean auth (optional; some teams skip)
+2. **Dashboard** — stats + recent invoices (demo account)
+3. **Timer** — running or ready to clock in
+4. **Invoices** — list with statuses
+5. **Invoice detail / edit** — line items
+6. **Settings** — theme + app lock (shows polish)
+
+Minimum: **3 screenshots** per required device size.
+
+Optional: iPad 12.9" if `supportsTablet: true` — use iPad simulator or “Run on iPad” with scaled iPhone UI.
+
+---
+
+## Build & submit (EAS)
+
+```bash
+cd beenvoice-app
+
+# Production iOS build (auto-increments build number)
+eas build --platform ios --profile production
+
+# Submit latest build to App Store Connect
+eas submit --platform ios --profile production
+```
+
+Prerequisites:
+
+- Apple Developer Program membership
+- App record created in App Store Connect with bundle ID `com.beenvoice.app`
+- EAS credentials configured (`eas credentials`)
+- Privacy Policy URL live and reachable
+
+---
+
+## Pre-submission checklist
+
+- [ ] Legal pages live at Privacy Policy URL (HTTP 200, no auth wall)
+- [ ] Demo account works on production API (`demo@example.com` / `demo123`)
+- [ ] `eas build --profile production` succeeds
+- [ ] TestFlight smoke test on device (login, timer, invoices, app lock)
+- [ ] Live Activity tested on physical iPhone
+- [ ] App Privacy answers match actual data flows
+- [ ] Screenshots uploaded for required device sizes
+- [ ] Review notes include demo credentials and server URL
+- [ ] Export compliance answered
+- [ ] Version `1.0.0` matches `app.json` / Connect version field