Bloomora Join Early Access
Legal

Privacy Policy

Effective Date: June 10, 2026

Versión en español →

← Back to Bloomora

Bloomora is a product developed and operated by Didiersoft ("we," "us," or "our"). Bloomora helps you reflect on your values, track check-ins, review decisions, and use AI-assisted prompts for personal growth. This Privacy Policy explains what information Bloomora collects or processes, where it is stored, and the choices you have.

Bloomora is available to users in the United States and Latin American countries. This policy addresses applicable laws in those regions, including the California Consumer Privacy Act (CCPA/CPRA), Brazil's Lei Geral de Proteção de Dados (LGPD), Mexico's Ley Federal de Protección de Dados Personales en Posesión de los Particulares (LFPDPPP), Colombia's Ley 1581 de 2012, and Argentina's Ley 25.326.

Short version: Most of your data lives on your device. When you use AI features, some data is sent to OpenAI under your explicit consent — not automatically. We do not sell your personal data. You can export or delete your data at any time from the Profile screen. A Spanish-language version of this policy is available at privacy-es.html.

1. Who We Are

The data controller and responsible party for personal data processed through Bloomora is:

Didiersoft
Email: founder@didiersoft.com

References to "Bloomora," "we," "us," or "our" in this policy refer to Didiersoft as the developer and operator of the Bloomora application.

2. Information We Collect

Information You Provide

Bloomora may collect information you enter into the app, including:

  • Profile information: name, age, gender, profession, relationship status, location, life goal, life focus areas, and coaching preferences.
  • Reflection and questionnaire responses: value scores, top values, session progress, and answered questions.
  • Daily check-ins: mood, energy, and stress ratings, dates, and timestamps.
  • Decisions, action steps, due dates, action statuses, and AI-generated responses you choose to save.
  • AI Companion messages and decision prompts you submit while using AI-powered features.
  • Your first name, entered during onboarding and stored locally on your device. The app does not currently require or offer account sign-up as part of the main user journey. See Section 9 for details on authentication features.
  • App preferences: theme, reminder settings, notification time, and related settings.

Sensitive Personal Information

Daily check-in data (mood, energy, stress ratings) and personal reflection responses may qualify as sensitive personal information under certain applicable laws, including the CCPA/CPRA and Brazil's LGPD. We collect and use this data solely to provide the app's features and generate your personalized insights. We do not use sensitive personal information for advertising profiling or disclose it to third parties for purposes unrelated to providing the service.

Information Collected Automatically

Bloomora itself does not use a separate analytics or crash reporting SDK. However, some third-party services used in the app may automatically process technical information, including:

  • Device type, operating system, app interactions, diagnostic information, IP address, approximate location derived from IP address, and advertising identifiers — through Google Mobile Ads.
  • Notification permission status and local timezone information for reminder scheduling.

Information Processed by Third-Party Services

Bloomora uses the following third-party services to provide specific features:

  • OpenAI API — for AI-powered companion responses, decision alignment, daily insights, and value-based quotes (consent-gated).
  • Google Mobile Ads / AdMob — for banner and interstitial advertising.

These services process information under their own privacy practices, linked in the relevant sections below.

3. Legal Basis for Processing

United States

We collect and process personal information based on: your consent (for AI features and account creation), contractual necessity (to deliver the app's core functionality), and legitimate interest (app security, fraud prevention, and service improvement). For California residents, additional rights and disclosures are described in Section 12.

Brazil (LGPD — Lei Geral de Proteção de Dados)

Under Brazil's LGPD, we process your personal data on the following legal bases:

  • Consent (Art. 7, I): AI features, advertising, and account creation. You may withdraw consent at any time without affecting processing already performed.
  • Contract performance (Art. 7, V): Core app features including reflection sessions, check-ins, and value discovery.
  • Legitimate interest (Art. 7, IX): App security, fraud prevention, and de-identified service improvement, subject to a proportionality assessment.
  • Legal obligation (Art. 7, II): Compliance with applicable law or regulatory requirements.

For sensitive personal data (mood, energy, and stress check-ins), we process solely on the basis of your specific, highlighted consent (Art. 11, I). You may revoke this consent at any time in Profile > Coaching & AI settings.

Mexico (LFPDPPP)

Under Mexico's LFPDPPP, Didiersoft acts as the responsable (responsible party). We process your personal data based on your consent. For sensitive personal data (datos sensibles), including mood, energy, and stress check-ins, we require your express, written consent before collection. You may revoke consent at any time as described in Section 12.

This Privacy Policy serves as the Aviso de Privacidad required by the LFPDPPP. A Spanish-language version is available at privacy-es.html.

4. Primary and Secondary Purposes

Primary Purposes

We collect and use your personal information to provide the Bloomora application, which includes:

  • Reflection sessions, values discovery, and Wheel of Life visualisation.
  • Daily check-in tracking and personalized growth insights.
  • AI Companion responses and decision support (with your consent).
  • Configurable notifications and reminders.
  • Account authentication and data portability.

Secondary Purposes

We may use aggregated, de-identified information — from which individual users cannot be identified — to improve app reliability, performance, and develop new features. Secondary uses do not involve selling or sharing your individually identifiable information.

You may opt out of secondary purposes at any time by contacting us at founder@didiersoft.com.

5. How We Use Information

We use the information we collect to:

  • Provide reflection, values, wheel, check-in, profile, and reminder features.
  • Generate personalized insights, AI Companion responses, decision reflections, action suggestions, and daily quotes.
  • Save your progress and preferences locally on your device.
  • Enable you to export or delete your local app data from the Profile screen.
  • Authenticate users who choose to create an account.
  • Display ads and support ad delivery, measurement, analytics, and fraud prevention.
  • Improve app reliability and security using de-identified, aggregated data.

6. Local Storage and Data Retention

Most Bloomora data is stored locally on your device using Isar and SharedPreferences. This includes profile data, reflection responses, value scores, daily check-ins, decision logs, app preferences, and reminder settings. Bloomora does not maintain a central server database for your reflection, profile, decision, or check-in data.

Local app data remains on your device until you delete it in-app, uninstall the app, or clear app data through your device settings. Local storage is protected by your device's operating system. Bloomora does not add a separate encryption layer to local Isar or SharedPreferences data beyond device OS protections.

Retention Periods

Data Storage Location Retention Period
Profile, check-ins, reflections, decisions, preferences Device (Isar / SharedPreferences) Until deleted in-app or app is uninstalled
AI Companion session messages Device memory (not persisted to disk) Current session only; cleared when app is closed
Accepted AI-suggested actions Device (Isar) Until deleted in-app or app is uninstalled
Inputs sent to AI features OpenAI API Up to 30 days per OpenAI's data policy
Advertising and analytics data Google Mobile Ads / AdMob Per Google's data retention policy

7. AI Features

Bloomora includes AI-powered reflection and companion features. AI features are consent-gated — no data is sent to OpenAI until you explicitly opt in within the app. When you use AI features, Bloomora transmits the following to the OpenAI API depending on the feature used:

  • Your message or decision prompt.
  • Recent conversation history for the current AI Companion session.
  • A context summary based on your top values, low-scoring value areas, and coaching preferences.
  • Profile details used for decision-alignment prompts: name, age, gender, profession, relationship status, location, life goal, life focus, and coaching style.
  • Recent check-in scores and top values for daily insights.
  • Top values for quote generation.

AI Companion conversation history is held in app memory for the current session only and is not saved as a transcript by Bloomora. If you accept or edit an AI-suggested action, only the accepted action text is saved locally as a decision or action log.

You may revoke your AI consent at any time in Profile > Coaching & AI settings. After revocation, no further data will be sent to OpenAI from the app. Revocation does not affect data already transmitted during prior sessions.

Disclaimer: AI responses are generated automatically and may be incomplete, inaccurate, or unsuitable for your situation. Bloomora's AI features are for personal reflection and organisation only. They are not professional, medical, mental health, therapeutic, financial, legal, or crisis advice. Bloomora does not diagnose, treat, cure, or prevent any medical or mental health condition and does not guarantee any well-being, health, relationship, career, or life outcome. Consult a qualified professional for medical, mental health, legal, or financial concerns. If you are experiencing a crisis or need immediate support, contact a local emergency service or crisis helpline.

Do not submit information to AI features that you do not want processed by OpenAI.

OpenAI's data controls for API usage: platform.openai.com/docs/guides/your-data
OpenAI's privacy policy: openai.com/policies/privacy-policy

8. Advertising

Bloomora uses Google Mobile Ads / AdMob to display ads. Google Mobile Ads may collect and process data such as IP address, user product interactions, diagnostic information, device identifiers, account identifiers, advertising identifiers, and approximate location derived from IP address for advertising, analytics, and fraud prevention purposes.

California residents: Sharing advertising identifiers and behavioral data with Google for cross-context behavioral advertising constitutes "sharing" of personal information under the CCPA/CPRA, even without a monetary exchange. You have the right to opt out of this sharing. See Section 12 for how to exercise this right.

You can limit or reset advertising identifiers and opt out of personalized ads through your device settings (iOS: Settings > Privacy & Security > Tracking; Android: Settings > Privacy > Ads) and through Google's ad settings.

Google's advertising privacy information: policies.google.com/technologies/ads
Google Mobile Ads data disclosure: developers.google.com/admob/android/privacy/play-data-disclosure

9. Authentication

Bloomora does not use account-based authentication. Users are identified by a first name entered during onboarding, which is stored locally on the device only. No email address, password, or third-party authentication service is used. No authentication data is transmitted to any external service.

10. Notifications and Permissions

Bloomora may request notification permission to schedule reminders such as daily check-ins and action follow-ups. Reminders are scheduled locally on your device and do not require a server connection. You can disable or adjust notifications at any time in the app or through your device settings.

Bloomora does not request camera, microphone, contacts, photo library, or precise location permissions for its current core features.

11. Data Sharing

Bloomora does not sell your personal data for monetary consideration.

We may share or allow processing of information with:

  • OpenAI — when you use AI-powered features and have provided explicit in-app consent.
  • Google Mobile Ads / AdMob — to display, measure, and protect ads. For California residents, this may constitute "sharing" under CCPA/CPRA (see Section 12).
  • Your device's system share interface — if you choose to export your data using the in-app export feature.
  • Law enforcement or regulatory authorities — if required by applicable law, court order, or to protect the rights, safety, or property of Bloomora, its users, or the public.

12. Your Rights

All Users

Regardless of where you live, you can:

  • Export your local app data: Profile > Privacy & Data > Export Data.
  • Delete your local app data: Profile > Privacy & Data > Delete All Data.
  • Revoke AI consent: Profile > Coaching & AI settings.
  • Disable notifications: Profile > Reminders or your device settings.
  • Limit ad tracking: your device advertising settings or Google ad settings.

California Residents (CCPA / CPRA)

California residents have the following rights:

  • Right to Know: Request disclosure of the categories and specific pieces of personal information collected, the purposes for collection, and the categories of third parties with whom it is shared.
  • Right to Delete: Request deletion of personal information we have collected, subject to certain exceptions.
  • Right to Correct: Request correction of inaccurate personal information we hold about you.
  • Right to Opt Out of Sale / Sharing: Opt out of the sharing of your personal information with Google Mobile Ads for cross-context behavioral advertising. Exercise this right by adjusting your device advertising settings, visiting Google's ad settings, or contacting us. We do not sell personal information for monetary consideration.
  • Right to Limit Use of Sensitive Personal Information: Request that we limit use of your sensitive personal information (including mood, energy, and stress data) to purposes necessary to provide the app's services.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.

To submit a request, contact us at founder@didiersoft.com. We will respond within 45 days. We may need to verify your identity before processing your request.

Brazilian Residents (LGPD)

Brazilian residents have the following rights under LGPD Art. 18:

  • Confirmation and Access: Confirm whether we process your personal data and access a copy of it.
  • Correction: Request correction of incomplete, inaccurate, or outdated data.
  • Anonymization, Blocking, or Deletion: Request anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed data.
  • Portability: Receive your personal data in a structured, machine-readable format for transfer to another service provider.
  • Deletion of Consented Data: Request deletion of personal data processed on the basis of your consent.
  • Information About Sharing: Obtain information about which public or private entities we have shared your data with.
  • Revocation of Consent: Revoke your consent at any time. Revocation does not affect the lawfulness of processing performed before revocation.

To exercise your LGPD rights, contact us at founder@didiersoft.com. We will respond within 15 days as required by the LGPD.

Mexican Residents — Derechos ARCO (LFPDPPP)

Mexican residents have the right to exercise ARCO rights with respect to their personal data:

  • Acceso (Access): Know what personal data we hold and how it is being used.
  • Rectificación (Rectification): Correct inaccurate or incomplete personal data.
  • Cancelación (Cancellation): Request deletion of your personal data when it is no longer necessary for the purpose for which it was collected, has been processed unlawfully, or you have revoked consent.
  • Oposición (Objection): Object to the processing of your personal data for specific purposes, including secondary purposes.

You may also revoke your consent at any time without retroactive effect.

To exercise your ARCO rights, send a written request to founder@didiersoft.com including: your full name, a description of the right you wish to exercise, and documentation to help us verify your identity. We will respond within 20 business days of receipt of a complete request.

Colombian and Argentine Residents

Residents of Colombia (Ley 1581 de 2012) and Argentina (Ley 25.326) have rights to access, correct, and request deletion of their personal data. To exercise these rights, contact us at founder@didiersoft.com. We will respond within 30 days.

13. Account and Data Deletion

Local app data: Go to Profile > Privacy & Data > Delete All Data to permanently delete local profile data, decisions/actions, check-ins, reflections, reminders, and preferences stored by Bloomora on your device. You may also uninstall the app or clear app data through your device settings.

Third-party data: Data already processed by OpenAI or Google Mobile Ads / AdMob may also be subject to those providers' own retention, deletion, security, and legal obligations.

14. Security and Breach Notification

We use reasonable technical and organisational measures to protect your information, including:

  • TLS/HTTPS encrypted communication for all data transmitted to OpenAI and Google APIs.
  • Device-level operating system protections for locally stored data. Bloomora does not currently add an additional encryption layer beyond OS protections for local Isar and SharedPreferences data.
  • In-app consent gating for AI features, which limits the personal data transmitted to third-party services.

No method of storage or transmission is completely secure, and we cannot guarantee absolute security.

Breach notification: In the event of a security incident that affects your personal information, we will notify you as required by applicable law. For Brazilian residents, we will notify the Autoridade Nacional de Proteção de Dados (ANPD) and affected individuals within a reasonable timeframe — and no later than 2 business days for high-risk incidents per ANPD guidance. Notifications will be sent to your registered email address or delivered via in-app notice.

15. Children's Privacy

Bloomora is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal information through Bloomora, please contact us at founder@didiersoft.com and we will take prompt steps to delete that information.

16. Changes to This Policy

We may update this Privacy Policy from time to time. If we make minor changes, we will update the effective date above. For significant changes that affect how we process your personal data or introduce new processing activities, we will notify you through the app or by email and, where required by applicable law, seek your consent before the changes take effect.

17. Contact Us

If you have questions, requests, or concerns about this Privacy Policy or Bloomora's privacy practices, contact us at:

Didiersoft — Bloomora
founder@didiersoft.com

We will acknowledge your request promptly and respond within the timeframe required by the law applicable to your jurisdiction: 15 days for Brazil, 20 business days for Mexico, 45 days for California, and 30 days for all other jurisdictions.