Pagely Privacy Policy
LAST UPDATED · MAY 18, 2026
Pagely is a private journal. Your entries live on your iPhone — and, if you turn on iCloud sync, in your own iCloud account, end-to-end encrypted. We never see what you write.
01Who we are
Pagely is built and operated by Blossomn, a small software studio in India. Under India's Digital Personal Data Protection Act, 2023 (DPDP Act), Blossomn is the data fiduciary for the limited personal data described below; for users in the EEA / UK, we are the data controller for the same.
Questions, requests, or concerns? Email info@blossomn.com. A real person reads every message.
02The short version
- Journal entries, prompts you've answered, photos you attach, and voice transcriptions are stored locally on your iPhone.
- If you enable iCloud sync, entries are stored in your own iCloud account using Apple's CloudKit private database. Blossomn cannot read them. Apple cannot read them when Advanced Data Protection is enabled.
- Voice dictation is transcribed on-device using Apple's Speech framework. Audio never leaves your phone.
- We do not run a Pagely server that stores your entries.
- We do not use your entries to train AI models — ours or anyone else's.
- We do not sell, rent, or share your data with advertisers. Pagely contains no ad SDKs, no tracking pixels, no Facebook SDK.
03What data Pagely processes
Journal content (stays on-device / in your iCloud)
- The text of your entries, the prompts you answered, mood selections, and timestamps.
- Photos and voice recordings you attach. Voice notes are transcribed locally; the audio file lives in your local app sandbox (and your iCloud, if sync is on).
- App preferences — reminder time, theme, font choice, lock settings.
None of this content is transmitted to Blossomn. It moves only between your iPhone and your own iCloud (if you enabled sync) over Apple's encrypted infrastructure.
Subscription & receipt data (handled by Apple)
- Pagely Pro is sold through Apple's In-App Purchase system. Your card and billing address are handled by Apple — we never see them.
- Apple shares with us an opaque receipt token so we can verify your Pro entitlement on a new device. The token does not identify you personally.
Diagnostic data (opt-in only)
- If you opt in to "Share crash reports" in Pagely Settings, the app sends crash stack traces with PII scrubbed. Crash reports never contain entry text.
- If you opted in to Apple's system-level "Share with App Developers" we may also receive Apple's aggregated crash reports through App Store Connect.
- Both can be disabled in Settings → Privacy & Security → Analytics & Improvements (system) and in Pagely → Settings → Privacy (app).
Support correspondence
- If you email us at info@blossomn.com, we keep the thread so we can help. We never ask you to share entry text. If you do voluntarily paste a snippet to describe a bug, we delete it once the issue is resolved.
Website analytics
- The Pagely marketing site uses a privacy-preserving, cookieless analytics tool that records page views and approximate country. It does not set cookies, does not fingerprint you, and does not track you across sites.
04iCloud sync, in detail
Pagely uses Apple's CloudKit private database. Your entries are stored under your Apple ID, in a container Blossomn cannot read.
When sync is on, Pagely writes your entries, attachments, and metadata to your private CloudKit container. Apple encrypts the data in transit and at rest. If you have Advanced Data Protection turned on for your Apple ID (Settings → [your name] → iCloud → Advanced Data Protection), CloudKit data is end-to-end encrypted — even Apple holds no key.
Disabling sync from Pagely → Settings → iCloud removes the data from CloudKit. Local entries on the device are not affected.
05On-device intelligence
Some Pagely features run small models locally on your iPhone:
- Voice dictation: Apple's Speech framework, on-device. Disable in Settings → General → Keyboard if you prefer.
- On This Day: a local query against entries already on the device — no server lookup.
- Prompt selection: the day's prompt is chosen from a fixed catalogue bundled inside the app. We don't fetch prompts from a server, and we don't know which one you saw.
06Why we process the little data we do (legal bases)
- Performance of the contract we have with you to operate Pagely Pro (entitlement verification).
- Legitimate interests in fixing bugs (crash reports, when opted in) and answering support requests.
- Consent for any optional analytics or diagnostic feature you turn on.
- Legal obligation for tax record retention and lawful disclosure requests.
07Retention
- Journal entries: on your device for as long as you keep them. iCloud copies live in your Apple ID until you delete the entry or disable sync.
- Opaque receipt tokens: kept while your Pagely Pro subscription is active, plus 90 days for refund/dispute handling.
- Crash reports (opt-in): 90 days, then deleted.
- Support emails: 24 months, then deleted unless an open issue or legal hold requires longer.
- Tax / payment records: 7 years, as required by Indian tax law.
08Subprocessors
Because Pagely is local-first, the list is short. Each of these is bound by a data-processing agreement where applicable:
- Apple Inc. — App Store distribution, In-App Purchase, CloudKit (your iCloud), Sign in with Apple. Apple is the merchant of record for Pagely Pro.
- Amazon Web Services (ap-south-1, Mumbai) — hosts the marketing website and the receipt-verification endpoint.
- Sentry — opt-in crash reporting with PII scrubbed.
- Postmark — transactional email (the occasional support reply).
We will post a notice on this page at least 30 days before adding any new subprocessor that processes personal data.
09International transfers
Marketing-site infrastructure runs in AWS Mumbai (ap-south-1). Apple's CloudKit infrastructure spans the US, EU and other regions per Apple's published privacy practices. Where personal data moves out of India or the EEA, we and our subprocessors rely on the appropriate contractual safeguards (Standard Contractual Clauses for EEA data; equivalent safeguards under DPDP rules for Indian data).
10Security
On-device data inherits iOS file-system encryption (full-disk encryption, Data Protection class enabled). Pagely also lets you set an app-level lock — Face ID, Touch ID, or a separate passcode — which keeps your journal sealed even if your phone is unlocked.
iCloud sync uses Apple's end-to-end CloudKit private database. All traffic to our receipt-verification endpoint uses TLS 1.2+.
If you discover a vulnerability, email info@blossomn.com with "Security" in the subject. We read these within one business day and follow a coordinated-disclosure policy. If a personal-data breach ever affects you, we'll notify you and the Data Protection Board of India within 72 hours of becoming aware.
11Your rights
Wherever you live, you can ask us to:
- Confirm what limited personal data we hold (in practice: support emails and any opaque subscription token associated with your contact email).
- Correct anything that's wrong.
- Delete that data.
- Withdraw consent for any optional feature (crash reports, support correspondence).
- Nominate another person to exercise these rights on your behalf in case of incapacity or death (DPDP Act §14).
For the entries themselves — which are stored locally on your iPhone and in your own iCloud — you control them directly: delete inside the app, or remove from iCloud via Settings → [your name] → iCloud → Manage Account Storage. We have no copy to delete on our end.
Email info@blossomn.com. We respond within 7 business days and complete most requests within 30 days. If you believe we've mishandled your data, you may complain to the Data Protection Board of India or, for EU/UK residents, your local supervisory authority.
12Children
Pagely is rated 12+ on the App Store and isn't designed for or directed at children under 13. We don't knowingly collect personal data from children. Under India's DPDP Act, processing children's data requires verifiable parental consent, which we don't solicit. If you believe a child has paid for Pro on a managed Family Sharing account and you'd like the receipt token removed, email us and we'll handle it.
13Changes
If we make a material change to this policy we'll post a notice at the top of this page and surface a notice inside Pagely at least 14 days before it takes effect. Smaller corrections (typo fixes, clarifications) will just bump the "Last updated" date above.
14Contact
Grievance Officer: Blossomn Team · info@blossomn.com · Operated from India. We aim to acknowledge every privacy request within one business day.