Trust
Version 1 · 2026-07-03
The short version
There is no Bloom cloud. Your profile, your documents, and your audit log live on your Mac. When something does leave your Mac — a form fill, a voice request, a meeting brief — it’s because you triggered it, you can see it happening, and it’s recorded locally.
What we promise
-
No Bloom cloud. Bloom has no server that stores your data. There is no account, no sync, no backend database of users.
-
Fills are per-request, consented, and audited. When you ask Bloom to fill a form, it sends the profile of the person you selected — and only that person — along with the form’s structure, to the AI for that one fill. You see the proposed values in a consent window before anything is written into the form. Every send is recorded in the local audit log first.
-
One audited exit door. Every network request Bloom makes goes through a single code path that writes an audit log entry before sending. You can open the audit log and see every request that ever left.
-
The proxy is stateless by design. AI requests pass through a relay that logs no request content, caches nothing, and runs no analytics on what passes through. Live audio never touches it at all — voice and transcription streams go directly from your Mac to the provider, authorized by short-lived tokens the relay mints.
-
Documents leave once. A document image is sent for extraction exactly once — at the moment you upload it. After that, only the structured fields are ever used. The image never leaves your Mac again.
-
Consent before action. Before Bloom fills a form, runs a script, sends a message as you, or reads a connected service for a brief, you see what it’s about to do and approve or cancel. Where you’ve explicitly granted hands-free control in Settings, every action still shows a live indicator, is recorded in the audit log, and can be killed with Esc.
-
One-button delete. A single action erases the profile database, your document files, the audit log, the database encryption key, and any connected-service tokens (deleted from your Keychain and, where the provider supports it, revoked). No retention.
-
Encrypted at rest. The profile database is encrypted (SQLCipher) with a key held in the macOS Keychain, accessible only when your Mac is unlocked.
-
Connected services are read on your command. Calendar, Notion, Slack and friends are read when you ask for a brief — a consent sheet names exactly what will be read before it happens. Raw data comes straight to your Mac; only a minimized summary is sent onward, once, through the audited exit door.
What we don’t claim
Honesty cuts both ways, so here is what this is not:
- Not “complete privacy.” Live features stream your audio (and, in meetings, other participants’ speech) directly to transcription and AI providers for processing. Processing happens in their clouds; storage doesn’t happen in ours — because there isn’t one.
- Not “fortress-level encryption” or “zero-knowledge.” Those terms have precise cryptographic meanings Bloom doesn’t meet. The database encryption protects your aggregated profile from casual file-system access by other software. It does not defend against malware running as you, someone logged into your unlocked Mac, or forensic acquisition of memory.
- Not immune to mistakes. AI can mis-hear and mis-judge. That’s why writes are gated by consent windows, hands-free actions show a kill switch, and everything is audited — so a mistake is visible and reversible, not silent.
Versioning
This page is versioned. Any change to these promises bumps the version number and date at the top, so you can tell exactly what changed and when.