Last updated: July 3, 2026
This Privacy Policy explains what information Gloam collects, how we use and share it, and the choices you have. Gloam is designed to be local-first: most of what it does happens on your device, and we collect as little as we reasonably can to run the Service.
This policy applies to personal information we process through the Gloam iPhone application and its related server. It does not apply to third-party services that have their own privacy policies (such as Apple), which we describe below.
Account information. To sign you in, we collect your email address (used to send a one-time sign-in code) or, if you use Sign in with Apple, the account identifier Apple provides. This is the only account identifier we require. We assign your account an internal identifier that we use in place of your email wherever possible.
Product analytics. We use PostHog, a
product-analytics service hosted in the United States
(us.i.posthog.com), to understand how the app is used and to improve
it. We send interaction events (for example, completing an onboarding step or
opening a feature) associated with your internal account identifier. If you sign
in by email, that email address is also sent to PostHog to help us
recognize your account across sessions; if you use Sign in with Apple,
no email address is sent to PostHog. We do not collect
advertising identifiers (no IDFA), we do not track you across
other companies' apps or websites, and we do not sell your data
or share it with data brokers. Analytics are used solely for first-party product
measurement, never for advertising.
Screen Time data. App selections and usage measured through Apple's Screen Time and Family Controls frameworks are processed on your device. Only a budget-normalized score — a single comparative number, not your raw app usage and not the identity of the apps you use — is sent to our server, and only to operate the friends leaderboard.
Health data (HealthKit). If you grant permission, Gloam reads step and activity data from Apple Health and can write mood check-ins and breathing-session minutes back to Apple Health. This Health data stays on your device and within Apple's Health ecosystem — it is never sent to our servers or to PostHog, and it is never used for advertising.
Subscription information. If you purchase a subscription, it is billed by Apple through In-App Purchase. We do not receive or store your payment card details; we receive only what is needed to confirm your entitlement to paid features.
Support communications. If you email us, we receive your message and contact details so we can respond.
Technical information. Like any online service, our server records limited technical information (such as IP address and timestamps) in its logs, which we use to operate, secure, and troubleshoot the Service.
Where the laws of your jurisdiction require a legal basis, we rely on: performance of a contract (to provide the account, sync, and social features you request); your consent (for Health and Screen Time permissions, which you grant and can withdraw in iOS Settings); and our legitimate interests (to measure and improve the app, and to keep it secure), balanced against your rights.
We do not sell your personal information. We share it only as follows:
We and our service providers may process your information in the United States and in other countries where we or they operate. These countries may have data protection laws that differ from those in your country. Where required, we take steps to ensure your information receives an adequate level of protection when it is transferred.
We retain personal information only as long as needed to provide the Service and for the purposes described here, unless a longer period is required by law. You can request deletion of your account at any time from within the app (Settings → Delete account) or by emailing contact@gloam.works. When you do, your account is signed out and scheduled for permanent deletion; your account and associated server-side data are permanently deleted within 7 days of the request. Certain records may be retained where required by law, and routine backups or provider logs may persist for a limited additional period before they expire.
We use reasonable technical and organizational measures to protect your information, including encryption of traffic in transit (HTTPS/TLS) and token-based authentication. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.
Gloam is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, please contact us and we will delete it.
Depending on where you live, you may have the right to access, correct, delete, or export your personal information, to object to or restrict certain processing, and to withdraw consent. To exercise these rights, email contact@gloam.works; we will respond as required by applicable law and will not discriminate against you for exercising them.
You can also control key data flows directly:
California residents. We do not sell or "share" personal information as those terms are defined under California law, and we do not use it for cross-context behavioral advertising. You have the right to know, access, and delete your personal information and to be free from discrimination for exercising your rights; contact us at the address above to do so.
Gloam relies on Apple (sign-in, In-App Purchase, HealthKit, and Screen Time), PostHog (analytics), our email provider (sign-in codes), and our hosting provider. These parties process information under their own privacy policies. We encourage you to review Apple's privacy policy for information handled by Apple's platform features.
We may update this Privacy Policy from time to time. Material changes will be reflected in the "Last updated" date above and, where appropriate, communicated in the app. Your continued use of the Service after an update takes effect constitutes acceptance of the revised policy.
Questions about this policy or about your personal information? Email contact@gloam.works.