Privacy Policy

Guardrail ("the App") is developed by Nigelware ("we", "our", "us"). We are committed to protecting your privacy. This Privacy Policy explains what information the App accesses, how it is used, and your rights.

1. Data We Do Not Collect

Guardrail is designed to be private by default. We do not collect, store, transmit, or have access to:

• Your browsing history or app usage data
• The names of apps you select for blocking
• Your location, contacts, photos, or other personal files
• Analytics, advertising identifiers, or tracking data

2. Data Stored on Your Device

All data created by the App is stored locally on your device and is never transmitted to our servers:

• Blocklist: The domains and apps you choose to block are stored in the App's local database and a shared App Group container (for the DNS filtering extension).
• PIN: If you set a PIN, a salted SHA-256 hash is stored in the iOS Keychain. The plaintext PIN is never stored.
• Recovery phone number: If you add a recovery phone number, it is stored in the iOS Keychain on your device.
• Streak and usage data: Your streak count, urge events, and block events are stored in the App's local SwiftData database.
• Preferences: Your notification schedule, cooldown duration, and other settings are stored locally.

3. Firebase Services

The App uses the following Firebase services:

• Firebase Authentication (Phone Auth): If you choose to add a recovery phone number, Firebase sends a one-time SMS verification code to your phone number. Firebase processes the phone number solely for verification purposes. We do not maintain Firebase user sessions — authentication is used only for one-time verification.
• Firebase Firestore: The App downloads a curated blocklist of gambling domains from Firestore. This is a read-only operation and does not transmit any personal data.

Firebase services are governed by Google's Privacy Policy.

4. Screen Time and Family Controls

The App uses Apple's FamilyControls framework with the .individual authorization type. This means:

• You are blocking apps and websites on your own device, for yourself.
• Apple's Screen Time API uses opaque tokens — the App cannot see which specific apps you selected.
• No Screen Time data is transmitted to us or any third party.

5. DNS Filtering

The App includes an on-device DNS proxy network extension that filters gambling domains. DNS queries for blocked domains are answered locally with an NXDOMAIN response. Non-blocked queries are forwarded to a public DNS resolver (Cloudflare 1.1.1.1). No DNS query data is logged, stored, or transmitted to our servers.

6. Notifications

The App may send local notifications (daily nudges, high-risk window alerts) if you enable them. These are scheduled and delivered entirely on your device and are not sent through our servers.

7. Children's Privacy

Guardrail is designed for adults and is not directed at children under 17. We do not knowingly collect information from children.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the App after changes constitutes acceptance of the revised policy.

9. Contact Us

If you have questions about this Privacy Policy, please contact us at:

support@nigelware.com