Privacy Policy

Last updated: April 7, 2026

Overview

Paladin ("we," "our," or "the app") is a content filtering application for iOS. We are committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights regarding that data.

The short version: Your browsing data never leaves your device. We do not monitor, log, or transmit your browsing activity. All content filtering happens locally on your iPhone.

Data We Collect

Data stored on your device only

The following data is stored exclusively on your device using Apple's on-device storage frameworks. We never have access to this data, and it is never transmitted to any server:

  • Streak and progress tracking data
  • Identity declarations and personal reflections
  • Emotional check-in responses
  • Energy investment tracking entries
  • Daily challenge completion history
  • Custom blocklist domains you add
  • App preferences and settings

Data transmitted to our servers

If you choose to enable the accountability partner feature, we collect and transmit the following limited data to our server (hosted on Cloudflare Workers):

  • Hashed device identifier — a one-way cryptographic hash of your device's vendor ID, used to identify your device for heartbeat monitoring. This cannot be reversed to identify you personally.
  • Filter status — whether content filtering is currently enabled or disabled on your device.
  • Accountability partner email — the email address of the person you designate as your accountability partner, used solely to send them status notifications.
  • Push notification token — an Apple Push Notification Service (APNs) device token, used to deliver accountability alerts.

We never collect, transmit, or store:

  • Browsing history or URLs visited
  • Screenshots or screen recordings
  • Keystrokes or text input
  • Location data
  • Contacts, photos, or other personal files
  • Names of blocked or allowed domains

How Content Filtering Works

Paladin uses Apple's Network Extension framework (NEFilterDataProvider) to filter content at the DNS level. All filtering decisions happen entirely on your device. Domain lookups are checked against a locally stored blocklist — no DNS queries or browsing data are sent to our servers or any third party.

The blocklist itself is periodically updated from our server, but this is a one-way download of domain lists. No information about your browsing activity is sent during this process.

Email Collection

If you sign up for early access or updates on our website, we collect your email address through Kit (formerly ConvertKit). Your email is used solely to notify you about Paladin updates and launch information. You can unsubscribe at any time using the link in any email we send. We do not sell or share your email address with third parties.

Third-Party Services

  • Apple Push Notification Service (APNs) — used to deliver accountability partner alerts. Subject to Apple's privacy policy.
  • Cloudflare Workers — hosts our accountability heartbeat API and blocklist sync service. Subject to Cloudflare's privacy policy.
  • Kit (ConvertKit) — used for email list management on our website only. Subject to Kit's privacy policy.

We do not use any analytics SDKs, advertising frameworks, or tracking pixels within the iOS app.

Data Retention & Deletion

All on-device data is deleted when you uninstall the app. There is no cloud backup of your personal data.

If you have registered for the accountability partner feature, you can delete your server-side data by unregistering within the app (Settings → Vault Lock → Unregister). This permanently removes your hashed device ID, partner email, and push token from our server.

To request deletion of your email from our mailing list, use the unsubscribe link in any email or contact us directly.

Children's Privacy

Paladin is designed for adults (18+) and is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete it.

Your Rights

You have the right to:

  • Access the personal data we hold about you (limited to hashed device ID and partner email if accountability is enabled)
  • Request deletion of your data from our servers
  • Unsubscribe from marketing communications at any time
  • Use the app without the accountability feature, in which case no data is transmitted to our servers

Changes to This Policy

We may update this privacy policy from time to time. We will notify users of material changes through the app or via email. Continued use of the app after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this privacy policy or your data, contact us at:

support@getpaladinapp.com