Privacy Policy

Bloom ("we", "us", "our") is committed to protecting your privacy. This policy explains how we handle your data.

1. Your Data Stays on Your Device

Bloom stores your health data (cycle logs, symptoms, mood, appointments, medications, BBT, blood pressure, weight, and notes) in your browser's local storage. We cannot access, read, or sell this data.

If you create an account and use cloud backup, your data is encrypted with AES-256-GCM before leaving your device. The encryption key is derived from your password — we cannot decrypt your backup even if compelled.

2. What We Collect

Account information (if you sign up):

• Email address — used for account identification, premium status sync, and partner sharing
• Password — stored as a SHA-256 hash, never in plain text

AI chat queries:

• When you ask Bloom AI a question, your query is sent to our Cloudflare Worker which forwards it to Google Gemini or OpenRouter (OpenAI gpt-4o-mini)
• These providers process your query to generate a response. They may retain queries per their own privacy policies
• We do not store your AI conversations on our servers. Conversation history is stored locally on your device only

Analytics (privacy-friendly):

• We use Plausible Analytics — no cookies, no personal data, no tracking across sites
• We collect: page views, country (approximate), device type. That's it.

3. What We Do NOT Collect

• We do NOT read your health data (cycle, symptoms, mood, etc.)
• We do NOT sell any data to third parties
• We do NOT show ads
• We do NOT use cookies or tracking pixels
• We do NOT share data with insurance companies, employers, or data brokers
• We do NOT fingerprint your browser

4. Third-Party Services

• Google Gemini — processes AI chat queries. Google AI Terms
• OpenRouter / OpenAI — processes AI chat queries (fallback). OpenRouter Privacy
• Polar.sh — handles subscription payments. Polar Privacy
• Cloudflare — hosts our backend worker and KV storage. Cloudflare Privacy
• Railway — hosts the web application. Railway Privacy
• Plausible — privacy-friendly analytics. Plausible Privacy

5. Data Encryption

Cloud backups use AES-256-GCM encryption with PBKDF2 key derivation (100,000 iterations). Your password is the encryption key — without it, your data cannot be decrypted by anyone, including us.

Passwords are hashed with SHA-256 before storage. We never store or transmit plain-text passwords.

6. Your Rights

• Access: All your data is on your device — you have full access at all times
• Export: You can export all data as JSON from the Account tab
• Delete: You can delete all data from Account → Settings → Delete All Data
• Portability: Export your data and use it however you wish

7. Children's Privacy

Bloom is not intended for children under 13. We do not knowingly collect data from children.

8. Medical Disclaimer

Bloom is a health tracking tool, not a medical device. AI responses are for informational purposes only and should not replace professional medical advice. Always consult your healthcare provider for medical decisions.

9. Changes to This Policy

We may update this policy. Changes will be posted here with an updated date. Continued use of Bloom after changes constitutes acceptance.

10. Contact

Questions about privacy? Email us at [email protected]

Bloom — Your body. Your data. Your phone.