Bonfiyah Get the app

Privacy

Privacy Policy

This is the actual policy, not a summary. We've kept the language plain. If anything in here is unclear, email privacy@bonfiyah.com and we'll fix the wording.

Last updated: 2026-05-05

The short version

  • We do not train any AI model on your transcripts or audio. Ever.
  • Your audio and transcripts live on your iPhone by default. They only leave your device if you opt into iCloud sync (which goes to your iCloud, not ours).
  • We collect the minimum needed to operate the app. Email for your account. Subscription identifier from Apple. Crash reports if you opt in. That's it.
  • You can export everything we have on you, and you can delete everything we have on you. Both flows are inside the app, in Settings → Privacy.

1. What Bonfiyah collects, where it lives, and why

Account data. Email address (you provide it at signup), Apple ID identifier (only the opaque token Apple gives us via Sign in with Apple, not your real Apple ID). Used to sign you in and link your subscription. Stored on our backend (Railway-hosted FastAPI + SQLite) for as long as you have an active account, then deleted within 30 days of account deletion.

Subscription data. Your tier (Free / Pro / Pro AI), trial status, renewal date. Sourced from Apple's StoreKit transactions. We do not see your Apple Pay details or credit card.

Recordings, transcripts, speaker profiles, consent logs, People Memory profiles, Promise Tracker entries, Truth Layer flags. These live on your iPhone, iPad, and Mac, in a local SQLite store inside the app's sandbox. They sync between your devices via iCloud (encrypted by Apple at rest and in transit) only if you turn on iCloud sync in Settings. They never travel to Bonfiyah's servers.

Crash and diagnostic data. If you opt in, Bonfiyah collects MetricKit-format crash reports (Apple-provided, no PII) and forwards them to our backend so we can fix bugs. You can opt out in Settings → Privacy → Diagnostic Data.

Product analytics. If you opt in, Bonfiyah uses PostHog Cloud to record anonymized usage events (which features you tap, paywall views, signup funnels). We do not record any audio, transcript content, or identifying information through analytics. You can opt out in Settings → Privacy → Product Analytics.

2. What Bonfiyah does NOT collect or do

  • We do not train AI models on your audio or transcripts.
  • We do not sell, rent, or trade your data to anyone.
  • We do not use third-party advertising trackers.
  • We do not transcribe your audio in the cloud unless you explicitly enable cloud transcription (off by default; iOS Speech and on-device Whisper handle local transcription).
  • We do not have access to your iCloud-synced data — Apple's encryption keeps it out of our reach.

3. Third parties

Bonfiyah uses these third-party services to operate. Each has its own privacy policy.

  • Apple — App Store, StoreKit, iCloud, Speech framework, MetricKit. Apple's privacy policy at apple.com/legal/privacy.
  • Railway — backend hosting. Railway's privacy policy at railway.com/legal/privacy.
  • RevenueCat — subscription analytics + receipt validation. RevenueCat's policy at revenuecat.com/privacy.
  • PostHog — product analytics, opt-in only. PostHog's policy at posthog.com/privacy.
  • ConvertKit — newsletter/marketing email, only if you sign up for the email list. ConvertKit's policy at convertkit.com/privacy.

4. Your rights

Wherever you live, you have the right to (a) export the data we have about you, (b) delete the data we have about you, (c) correct anything inaccurate, (d) ask us what we do with your data and why. The export and delete flows are in the app at Settings → Privacy.

If you're in the EU/UK (GDPR/UK GDPR), California (CCPA/CPRA), Colorado, Connecticut, Utah, Virginia, or any other jurisdiction with specific data protection rights, those rights apply to you, and the in-app flows satisfy them. If you'd rather email us, write to privacy@bonfiyah.com and we'll respond within 30 days (faster, usually).

5. Children

Bonfiyah is not directed at children under 13. If you're a parent and you believe your child has signed up for Bonfiyah, email us and we'll delete the account.

6. Security

Account credentials are hashed with bcrypt. Backend traffic is HTTPS-only. iCloud sync uses Apple's encryption. The local app database is protected by iOS file protection (NSFileProtectionComplete when locked, NSFileProtectionCompleteUntilFirstUserAuthentication when in use). Audio files use the same protection class.

If we ever discover a security incident affecting your data, we'll notify you within 72 hours of confirming the scope, in writing, with what happened and what you should do.

7. Changes to this policy

If we change anything material about how we handle your data, we'll notify you through the app and email at least 14 days before the change takes effect. The "Last updated" date at the top of this page reflects the most recent revision.

8. Contact

Privacy questions: privacy@bonfiyah.com.
General support: support@bonfiyah.com.