NetVigil Privacy Policy

Last updated · May 25, 2026

NetVigil watches your internet connection, not you. Throughput is read from your Mac's own network counters, Wi-Fi details come from macOS on-device, and your drop log and speed-test history stay on your Mac. We don't run a server that stores your data, and we never see what you browse.

01Who we are

NetVigil is built and operated by Blossomn, a small software studio in India. Under India's Digital Personal Data Protection Act, 2023 (DPDP Act), Blossomn is the data fiduciary for the limited personal data described below; for users in the EEA / UK, we are the data controller for the same.

Questions, requests, or concerns? Email info@blossomn.com. A real person reads every message.

02The short version

• Throughput is computed locally by diffing the operating system's network byte counters (getifaddrs / if_data). NetVigil never inspects packet contents and cannot see which sites or apps generate the traffic.
• Wi-Fi details (SSID, band, channel, signal strength) are read on-device via Apple's CoreWLAN. They are displayed and not transmitted to us.
• Your drop log and speed-test history are stored locally on your Mac using SwiftData. We do not run a NetVigil server that stores them.
• NetVigil initiates network traffic in only two cases: the latency ping to a public server, and the speed test you trigger against Cloudflare.
• We do not use your data to train AI models, and we do not sell, rent, or share it with advertisers. NetVigil contains no ad SDKs and no third-party tracking.

03What data NetVigil processes

Connection metrics (stay on your Mac)

• Per-second download/upload throughput derived from OS byte counters, recent throughput history (the 60-second chart), and the derived connection-quality rating.
• Latency (ping) samples and the derived Excellent / Good / Fair / Poor quality rating.
• Wi-Fi network attributes shown in the header: SSID, band, channel, and signal strength (RSSI).
• Drop events (start time, end time, duration) and saved speed-test results.
• App preferences (display options, units, launch-at-login, etc.).

None of this is transmitted to Blossomn. It lives in NetVigil's local app-sandbox storage on your Mac.

The latency ping & speed test

To measure responsiveness, NetVigil periodically measures round-trip time to a public server. When you tap Run Speed Test, NetVigil downloads and uploads test payloads to Cloudflare's speed.cloudflare.com endpoints to estimate your line's capacity. These requests reveal your IP address to the destination server, as any internet request does; they carry no personal data we attach to you, and the contents are throwaway test bytes. Cloudflare's handling of such requests is governed by Cloudflare's privacy policy.

Purchase & receipt data (handled by Apple)

• NetVigil is free to download with a 7-day trial, then unlocks with a one-time $29.99 non-consumable In-App Purchase. Your card and billing address are handled by Apple — we never see them.
• StoreKit provides an opaque transaction/receipt so the app can verify your unlock on your devices. It does not identify you personally.

Diagnostic data (opt-in only)

• If you opt in to share crash reports, NetVigil sends crash stack traces with PII scrubbed. Crash reports never contain your browsing, Wi-Fi credentials, or connection history.
• If you enabled Apple's system-level "Share with App Developers," we may also receive Apple's aggregated crash reports via App Store Connect. Disable in System Settings → Privacy & Security → Analytics & Improvements.

Support correspondence

• If you email us at info@blossomn.com, we keep the thread so we can help. We delete any diagnostic snippets you voluntarily share once the issue is resolved.

Website analytics

• The NetVigil marketing site uses a privacy-preserving, cookieless analytics tool that records page views and approximate country. It sets no cookies, does not fingerprint you, and does not track you across sites.

04What NetVigil cannot see

Because throughput is computed from system-wide byte counters, NetVigil has no visibility into which websites you visit, which apps are using the network, or what any of that traffic contains. It only knows "this many bytes moved in the last second."

05App Sandbox & entitlements

NetVigil is distributed through the Mac App Store with the App Sandbox enabled. It requests only the entitlements it needs to function — outgoing network access (for the ping and speed test) and the system APIs required to read network counters and Wi-Fi status. It does not request access to your files, contacts, camera, microphone, or location beyond what CoreWLAN requires to report Wi-Fi details.

06Why we process the little data we do (legal bases)

• Performance of the contract to operate NetVigil and verify your one-time unlock.
• Legitimate interests in fixing bugs (crash reports, when opted in) and answering support requests.
• Consent for any optional analytics or diagnostic feature you turn on.
• Legal obligation for tax record retention and lawful disclosure requests.

07Retention

• Connection metrics, drop log, speed-test history: on your Mac for as long as you keep them. Delete inside the app or remove the app to clear them.
• Opaque purchase receipts: retained while needed to verify your unlock, plus a short window for refund/dispute handling.
• Crash reports (opt-in): 90 days, then deleted.
• Support emails: 24 months, then deleted unless an open issue or legal hold requires longer.
• Tax / payment records: 7 years, as required by Indian tax law.

08Subprocessors

Because NetVigil is local-first, the list is short. Each is bound by a data-processing agreement where applicable:

• Apple Inc. — Mac App Store distribution and In-App Purchase. Apple is the merchant of record.
• Cloudflare, Inc. — the speed-test endpoints you trigger on demand.
• Amazon Web Services (ap-south-1, Mumbai) — hosts the marketing website.
• Sentry — opt-in crash reporting with PII scrubbed.
• Postmark — transactional email (the occasional support reply).

We will post a notice on this page at least 30 days before adding any new subprocessor that processes personal data.

09International transfers

Marketing-site infrastructure runs in AWS Mumbai (ap-south-1). Where personal data moves out of India or the EEA, we and our subprocessors rely on the appropriate contractual safeguards (Standard Contractual Clauses for EEA data; equivalent safeguards under DPDP rules for Indian data).

10Security

On-device data inherits macOS file-system encryption (FileVault, where enabled) and App Sandbox isolation. All traffic NetVigil initiates uses TLS. If you discover a vulnerability, email info@blossomn.com with "Security" in the subject. We read these within one business day and follow a coordinated-disclosure policy. If a personal-data breach ever affects you, we'll notify you and the Data Protection Board of India within 72 hours of becoming aware.

11Your rights

Wherever you live, you can ask us to confirm what limited personal data we hold (in practice: support emails and any opaque purchase token associated with your contact email), correct it, delete it, withdraw consent for optional features, or nominate another person to exercise these rights on your behalf (DPDP Act §14).

For the connection metrics, drop log, and speed-test history — which live only on your Mac — you control them directly: delete inside the app or remove NetVigil. We have no copy to delete on our end. Email info@blossomn.com; we respond within 7 business days and complete most requests within 30 days. EU/UK residents may complain to their local supervisory authority; Indian residents, to the Data Protection Board of India.

12Children

NetVigil is a general-audience utility, not designed for or directed at children under 13, and we don't knowingly collect personal data from children.

13Changes

If we make a material change to this policy we'll post a notice at the top of this page at least 14 days before it takes effect. Smaller corrections will just bump the "Last updated" date above.

14Contact

Grievance Officer: Blossomn Team · info@blossomn.com · Operated from India. We aim to acknowledge every privacy request within one business day.