slowbloom is operated by Novyra UG (haftungsbeschränkt), Penzberg, Germany — the data controller for the hosted service. Contact: mail@novyra.com (see Impressum).
slowbloom is a zero-knowledge journal. Your entries are encrypted in your browser with a key derived from your password. We never receive your password or that key, so we cannot read your entries — not for support, not for analytics, not on subpoena.
What we store
- Your email address (for sign-in and, if you opt in, reminders).
- Encrypted entry data (ciphertext we cannot decrypt) and a mood colour per entry.
- Uploaded images — encrypted in your browser before upload; we store only ciphertext.
Newsletter
If you subscribe to our blog newsletter, we store your email address — and only after you confirm it by clicking the link we send (double opt-in). It's used solely to email you when there's a new post, is kept separate from any slowbloom account, and you can unsubscribe with one click from any newsletter email. It's delivered via the same email provider listed in our DPA — no new third party.
AI features
AI is off by default and per-feature: you switch it on with an explicit consent step, and even then text is sent only when you invoke an AI action — nothing is sent silently. The text you choose is sent to our AI provider, Mistral, an EU company, and is processed within the EU — it never leaves for the US. Mistral does not use your text to train AI models. Because the AI must read the text, this is the one feature not covered by end-to-end encryption — which is why it is opt-in.
Social features
Friends and shared streaks are off by default. When you turn them on, some account details become visible to us and to people you add as friends — so this part of slowbloom is not zero-knowledge. Your journal entries and images stay end-to-end encrypted either way.
- We store, in plaintext, your username, your generated flowery-name (the shareable handle others use to add you), and your friend graph — friend requests, friendships, and the people you block.
- A friend can see only your username and your shared-streak number with them — never your entry content, how many entries you've written, your moods, or your dates.
- Shared streaks are worked out from the entry dates we already keep to draw your flower; we never read entry content to compute them.
Other services we use
- Payments — subscriptions are handled by Stripe (United States; Standard Contractual Clauses). We never see your full card details.
- Password safety — at sign-up we check your password against known breaches via Have I Been Pwned, sending only a short, irreversible hash prefix (k-anonymity). Your password itself never leaves your device.
- Notifications — if you enable push reminders, your device's push service (Apple, Google, or Mozilla) relays them.
Your rights
You can delete your account at any time from Settings — which permanently erases your entries and images. Because every entry is decrypted only on your device, your data already lives with you; deletion covers GDPR/CCPA erasure.