Privacy Policy

Account information. When you create an account, we collect your email address and a hashed password (or a federated identifier if you sign in with Apple or Google). When you use Apple or Google sign-in, we may also receive your name and profile picture as provided by Apple or Google (Apple lets you hide your name). Account services are provided by Clerk, Inc.

Payment information. Payments on the web are processed by Paddle.com Inc. and Paddle.com Market Ltd., acting as merchant of record. Descreened receives only payment metadata (transaction id, plan, status, billing country, last four digits of the card brand) — not your full card details. Mobile in-app subscriptions, when offered, are processed by Apple or Google and Descreened receives only the resulting receipt.

Subscription state. We use RevenueCat, Inc. to keep your entitlement consistent across devices. RevenueCat stores a per-user record keyed to your account id.

Blocklists, focus settings, and activity data. The lists of apps and sites you choose to block, your focus-mode configuration, and on-device usage data are stored on the device you set them on. On Apple devices (iPhone, iPad, Mac, and the Safari extension), this data syncs between your devices via Apple iCloud (CloudKit). Apple operates iCloud and applies its standard encryption in transit and at rest; we do not have access to your iCloud-stored data. On Android, sync (when offered) goes through our backend at Supabase, Inc., encrypted in transit (TLS) and at rest, with access gated by your account credentials. You can disable sync at any time.

App diagnostics and analytics. In our iOS, iPadOS, macOS, and Android apps we use TelemetryDeck for anonymous usage analytics (aggregate counts of which features are used; no personal identifiers) and Sentry for crash and error reporting. Neither includes your blocklists, browsing history, or personal identifiers beyond what is needed to describe a crash.

Website. The Descreened website (descreened.com) uses Vercel Web Analytics for aggregate page-view and referrer counts. Vercel Web Analytics is cookieless and does not collect personal identifiers. The website does not run third-party advertising trackers. The support-chat widget is provided by Crisp — messages you send through it are processed by Crisp.

We do not collect or transmit your full browsing history, the contents of pages you visit, the content of messages on your device, your contacts, or your photos. We do not actively track your location, though some sub-processors may derive a coarse country or region from your IP address (notably Sentry when reporting a crash and Crisp when you open the support chat). Per-domain time-spent stats collected by our Safari and Chrome extensions stay on your device — on Apple devices they sync between your devices via iCloud, and on Mac the Chrome extension also syncs with the Descreened Mac app locally. Those stats never reach our servers. The blocking that Descreened performs happens on your device.

We do not sell your personal information. We do not use your personal information for advertising or share it with advertising networks.

We use the information we collect to:

• provide the service you signed up for;
• bill, refund, and answer questions about your subscription;
• keep your blocking and focus settings consistent across your devices when you opt into sync;
• diagnose crashes and improve reliability;
• improve the application based on aggregate, anonymous usage patterns;
• comply with legal obligations and prevent abuse of the service.

If you're in the EU, EEA, or UK, we process your personal data on the following bases:

• Contract — to provide the Service you subscribed to.
• Legitimate interest — to keep the Service working, debug crashes, and prevent abuse.
• Consent — for cross-device sync and any optional analytics where you have opted in.
• Legal obligation — to retain billing records as required by tax and consumer law.

We use a small set of trusted vendors as sub-processors to operate the service:

• Clerk — account, authentication, and session management.
• Supabase — encrypted backend storage for the account mirror table and, on Android (opt-in), synced settings.
• Apple iCloud (CloudKit) — cross-device sync of blocklists, focus settings, and on-device usage data for users on Apple platforms (iPhone, iPad, Mac, and the Safari extension). Apple operates iCloud; we don't have access to the data stored there.
• Paddle — merchant of record for web payments.
• Apple, Google — in-app purchase processing on their respective platforms; subscription receipts are forwarded to RevenueCat for cross-device entitlement.
• RevenueCat — aggregates entitlements from web (Paddle) and in-app (Apple, Google) purchases and serves the unified subscription state across platforms keyed to your Clerk user id.
• TelemetryDeck — anonymous usage analytics in our apps (aggregate counts; no personal identifiers).
• Sentry — crash and error reporting in our apps.
• Crisp — support chat widget on the website. If you type into the chat, those messages are processed by Crisp.
• Vercel — website hosting and privacy-respecting web analytics (page views, referrer; cookieless, no personal identifiers).

Each of these companies receives only the information it needs to do its job and is bound by its own privacy obligations.

We use a small number of cookies and similar storage to operate the Service: authentication cookies set by Clerk to keep you signed in, session cookies set by Crisp for the support chat widget if you open it, and minimal local storage on your device for your preferences. Vercel Web Analytics is cookieless. We do not use third-party advertising or tracking cookies.

We keep account information for as long as your account is active. If you cancel and delete your account, we delete your account record and any synced settings within 30 days, except where we are required by law to retain billing records (Paddle retains payment records as required by tax and consumer law). Anonymous diagnostics are retained for up to 90 days.

To delete your account, email support@descreened.com from the address associated with the account. Cancellation alone (e.g., from the Paddle customer portal) stops billing but does not delete your account; deletion requires the email request.

To access, correct, export, or delete your personal information — or limit how we use it — email support@descreened.com from your account address. We respond within 30 days.

EU/EEA/UK residents may also complain to their local data protection authority. California residents have additional rights under the CCPA/CPRA, including no retaliation for exercising them.

Descreened is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it.

We use industry-standard practices to protect your data, including encryption in transit (TLS) and at rest, scoped access for our team, and the principle of least privilege. No system is perfectly secure; if a breach occurs, we will notify affected users and the appropriate authorities as required by law.

Descreened is operated from the United States. If you use the service from outside the United States, your information will be transferred to and processed in the United States. We rely on the data-protection safeguards each sub-processor provides under their own data processing agreements (which typically include standard contractual clauses where required by EU/UK law).

We may update this Privacy Policy from time to time for any reason. When we do, we will update the "Last updated" date at the top of this page. Material changes take effect when posted unless a different effective date is stated. You are responsible for reviewing this Policy periodically; your continued use of the Service after changes are posted constitutes your acceptance of the updated Policy. We may also notify you of significant changes by email, in-app notice, or banner where reasonably practical, but we are not obligated to do so.

Descreened is a product of Hayden Rhodea LLC, a limited liability company organized in the United States. For privacy questions, email support@descreened.com.