Dashboard
Founding Members
-
Lifetime free access
Newsletter
-
Subscribed
Suggestions
-
Received
Today
-
New signups
Signups - 30 days
Aggregated · no PII
Member types
Founding vs newsletter
Recent sign-ups
| Name | Type | Joined |
|---|
Members
🔒
Personal data - authorised admins only. Do not share outside secure channels.
| # | Name | Type | Use Case | Joined |
|---|
Suggestions
| # | Category | Message | From | Date |
|---|
Growth Analytics
Aggregated counts only · no individual tracking
Total members
-
This week
-
Conversion
-
Gave use case
Pending requests
-
Daily signups - 30 days
Day of week pattern
Security Logs
Auto-refreshes every 30 seconds · all events logged with IP
Live
Threat level
🛡 Secure
Events (24h)
-
Failed logins (24h)
-
Rate limit hits
-
Security checklist
✅Admin credentials - server-side only
✅All admin APIs require Bearer token
✅PBKDF2-SHA256 password hashing
✅Account lockout after 5 failures
✅Rate limiting on all write APIs
✅XSS sanitisation (esc() on all output)
✅7 security headers (CSP, HSTS, X-Frame…)
⏳Checking for suspicious activity…
Recent activity
Loading…
Event log
Complete audit trail
Event
Details
IP Address
Time
Loading…
Retained 90 days
Active Sessions
Revoke any session remotely if you spot an unfamiliar IP
🔒
Revoking a session immediately logs out that browser. Sessions auto-expire after 24 hours.
Loading…
GDPR Compliance
Privacy health score
87
/ 100 · Very good
✅Explicit granular consent per feature
✅Withdrawal without account deletion
✅Health data encrypted at rest
✅No advertising cookies or trackers
✅Data stored globally (Cloudflare)
⚠️Annual DPA audit not yet completed
⚠️Anthropic DPA pending (Bloom Light AI)
Data retention
Account data
While active
Deleted on request
Mood / sleep logs
2 years
Then anonymised
Analytics events
90 days
bloom_uid only
Inactive accounts
2 years
→ anonymised
Journal entries
On-device
Server has none
Data Requests
GDPR Article 12-22 · 30-day SLA
🔒
Respond within 30 days. Complex requests can extend to 60 days with written notice to the data subject.
Loading…