PinkyBloom, a product of Veronata, Inc. (“we,” “our,” or “us”), is built on a simple principle: your health data belongs to you. This Privacy Policy explains what data the app handles, how it’s stored, and how we protect your privacy using zero-knowledge architecture.

1. Data Collected & Stored on Your Device

PinkyBloom stores all health data locally on your iPhone using encrypted on-device storage. This includes:

Menstrual cycle dates and predictions
Symptoms you log (cramps, headaches, bloating, etc.)
Mood and energy entries
Journal entries and notes
AI conversation history with Pinky

Voice recordings are processed entirely on-device using Apple’s speech recognition framework. Audio data is never stored, transmitted, or retained after processing.

2. Data We Do NOT Collect

PinkyBloom does not collect, transmit, or have access to:

Personally identifiable information (PII) — no names, no emails, no phone numbers
Account credentials — there are no accounts or logins
Location data or GPS coordinates
Browsing history or web activity
Advertising identifiers (IDFA) or tracking pixels
Contacts, photos, or other device data

3. Anonymous Analytics (Opt-In Only)

If you choose to opt in, PinkyBloom collects minimal, anonymous behavioral telemetry to help us improve the app. This includes:

App open events
Feature usage counts (e.g., how often the journal is used)
An anonymous device UUID generated via the iOS Keychain (not tied to your Apple ID or any personal identifier)

This data contains no personally identifiable information and is processed by our Convex backend. Analytics are entirely opt-in — the app works identically whether you enable them or not.

4. End-to-End Encrypted Partner Sharing

PinkyBloom offers optional partner sharing through PinkyBond, our companion app. This connection uses end-to-end encryption that the developer cannot decrypt:

Key exchange: Curve25519 ECDH — key pairs are generated on each device and exchanged via in-person QR code scanning
Data encryption: AES-256-GCM — all shared data is encrypted before leaving your device
Blind relay architecture: Our server acts as a mailbox, passing sealed encrypted blobs it cannot read or decrypt

Data shared with your partner is limited to:

Cycle phase (e.g., Follicular, Luteal)
Mood summary
Energy level
Optional custom status message

The following is never shared:

Raw symptoms or symptom details
Journal entries
AI conversations
Medical records or HealthKit data
Voice recordings

5. iCloud Backup

PinkyBloom offers optional iCloud backup using Apple’s CloudKit Private Database. This feature is entirely user-controlled:

Backup is off by default and must be explicitly enabled
Data is encrypted by Apple and stored in your personal iCloud account
PinkyBloom developers have no access to your CloudKit Private Database
You can delete your iCloud backup at any time from your iCloud settings

6. Apple Health (HealthKit)

With your explicit permission, PinkyBloom can read and write menstrual cycle data to Apple Health. This includes:

Menstrual flow (start/end dates, flow level)
Cycle length and predictions

HealthKit integration requires your permission and can be revoked at any time in iOS Settings. PinkyBloom does not read or write any other HealthKit data categories.

7. Data Retention

Local health data: Stored on your device indefinitely. Permanently deleted when you uninstall the app.
iCloud backup: Retained in your personal iCloud account until you delete it. Controlled entirely by you.
Convex relay data: Encrypted partner-sharing blobs are purged from our servers after 30 days. We cannot read this data at any point during retention.
Anonymous analytics: Aggregated telemetry is retained for product improvement. No PII is ever stored.

8. Data Export

You can export your health data at any time from the Settings screen within the app. Export formats include:

JSON — Machine-readable, suitable for data portability
CSV — Spreadsheet-compatible format
PDF — Formatted report suitable for sharing with your healthcare provider

9. Data Deletion

Because your data is stored locally, deleting the PinkyBloom app from your iPhone permanently removes all local health data. There is no account to delete and no server-side data to request removal of.

If you have enabled iCloud backup, you can delete your backup data separately from Settings → [Your Name] → iCloud → Manage Storage on your iPhone.

10. Children’s Privacy

PinkyBloom is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided data through the app, please contact us and we will take appropriate steps.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last Updated” date. We encourage you to review this policy periodically.

12. Contact Us

If you have questions or concerns about this Privacy Policy or your data, please reach out through our contact form.

Veronata, Inc.
2261 Market Street STE 22406
San Francisco, CA 94114