Privacy Policy

Last updated: January 2026

Overview

Pledgely is designed with privacy as a core principle. Unlike other services, we collect zero browsing data. Our blocker operates entirely on your deviceā€”no domains, URLs, or browsing history ever leave your phone.

What We Collect

Account Information

Email address and password (hashed) for authentication.

Payment Information

Payment details are processed securely by Stripe. We do not store your full card number on our servers.

Blocker Status

What we collect: Only whether the blocker is active or has been deactivated/paused. This is a simple on/off status.

What we don't collect: Any browsing data whatsoever. No domains, no URLs, no page content, no browsing history. The blocker operates entirely on your device.

How it works: The blocker runs on-device using a locally-stored blacklist. Blocked content never loads. We are only notified when the blocker is deactivated, which triggers your pledge charge.

How We Use Your Data

  • To authenticate your account
  • To process pledge charges when the blocker is deactivated
  • To send important service communications

Data Sharing

We do not sell your data. We share data only with:

  • Stripe: For pledge payment processing
  • Apple/Google: For subscription processing through App Store/Play Store

Data Retention

We retain data for the following periods:

During Active Use

  • Account information: While your account is active
  • Deactivation records: Duration of active pledge plus 120 days (to resolve billing disputes)
  • Device information: While devices are registered to your account

Financial Records

We are legally required to retain billing and transaction records for 7 years to comply with tax and financial regulations in the UK and EU. This data may be anonymized after account deletion (removing name and email while retaining transaction amounts and dates).

Automatic Deletion

Activity records from closed billing cycles are automatically deleted 120 days after the billing cycle ends, unless required for active disputes or legal obligations.

Account Deletion

You can request deletion of your account and associated data at any time. Visit our account deletion page for instructions.

What Gets Deleted

  • Your account and login credentials
  • Blocker deactivation records (after billing disputes are resolved)
  • Device associations
  • Personal information (name, email)

What We Must Retain

Financial transaction records must be retained for 7 years to comply with UK and EU tax regulations. This data will be anonymized (name and email removed) after your account deletion, retaining only transaction amounts and dates for regulatory compliance.

Deletion Timeline

Account deletion requests are processed within 30 days. Some data may be retained longer where we have a legal obligation or legitimate interest (such as resolving active billing disputes).

Your Rights

Under GDPR and UK data protection laws, you have the right to:

  • Access your data: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your account and data (subject to legal retention requirements)
  • Data portability: Request your data in a machine-readable format
  • Restriction: Request temporary restriction of processing
  • Objection: Object to processing based on legitimate interests

To exercise these rights, visit our account deletion page or contact us at [email protected].

Security

We use industry-standard security measures including encrypted connections (HTTPS), hashed passwords, and secure payment processing through Stripe.

Changes to This Policy

We may update this policy. Significant changes will be communicated via email.

Contact

Questions? Email us at [email protected]