Privacy Policy

Last updated Jun 20, 2026

The short version

We never sell your data. Not to advertisers, not to data brokers, not to anyone. The only circumstance in which your data could ever change hands is if Petals itself is sold or transferred as a whole — and only to a successor bound by this same policy.
We don’t track you around the web. Petals only sees what you connect or share into it.
Sensitive data is encrypted at rest. Your passwords are hashed; your connected-account tokens are encrypted with a key held outside the database.
Your private notes are encrypted with your password. They’re readable only while you’re signed in — we can’t read them, and neither can anyone who steals the database.
You’re in control. Disconnect an account, delete a post, or close your account whenever you like.

What we collect

Account details you give us: name, username, email, and (optionally) a phone number for SMS sign-in codes.
Content you bring in: posts you connect from other networks or add with the extension, your commentary, comments, notes, and profile links.
Connection credentials: tokens for the accounts you link, so Petals can fetch your public posts.
Operational records: an audit log of account activity (sign-ins, posts, comments, connections) and the IP address / user agent tied to an invite or sign-in, used for security and abuse prevention.

How we use it

To run Petals: gather your posts into your garden, build your feed, deliver friend requests and messages, and keep accounts secure. That’s it. We don’t profile you for advertising and we don’t sell or rent your information.

How your data is protected

We use two layers of encryption beyond TLS in transit:

Encryption at rest (server key). Passwords are one-way hashed. Connected-account access/refresh tokens and two-factor secrets are encrypted with an application key kept outside the database, so a stolen database dump doesn’t expose them. This data is decryptable by the service because background jobs need it to fetch your posts while you’re offline.
Your password-derived private vault. Your private content — your private notes, your private journal, and any private notes you keep on a connection — is encrypted with a key derived from your password and unlocked only into your session when you sign in. We never store that key, so we cannot read your vault content, and neither can anyone with database access. The trade-off: if you reset a forgotten password without your old one, that vault content cannot be recovered and is rotated away.

Two-factor authentication (authenticator app, SMS, or a passkey/security key such as a YubiKey) is available to further protect your account.

What we never do

We never sell, rent, or trade your personal data.
We don’t run third-party advertising or tracking pixels that follow you across the web.
The browser extension only transmits a post to Petals when you click to share it; it doesn’t monitor your browsing.

Sharing

Posts you mark Public are visible to anyone and to search engines (that’s the point of a public garden). Friends-only and hidden posts are not. We share data with service providers only as needed to operate (e.g. our host and email/SMS delivery), and when legally required.

Content captured from other sites

When you bring a post into Petals, you can also capture the visible comments on it. Those may include other people’s names, profile links, avatars, and words. We display this with attribution back to the source, never use it for advertising or to build profiles, and never sell it. The Petals member can hide captured comments per post or site-wide, and anyone can ask us to remove content that concerns them — use the “Report this post” link on any post or email abuse@petals.blog. We don’t store copies of third-party avatars; they load from the original source and disappear if removed there.

Business transfers

We do not, and will not, sell your personal data on its own. The single exception is a change of ownership: if Petals is acquired, merged, or sold as a whole, user data may transfer to the new owner as part of that sale — but the new owner would be bound by the commitments in this policy (or would have to obtain your consent for any material change). In short: your data is never a product we sell — it only moves if the entire site does.

Your choices

Disconnect any linked account or delete any post at any time.
Edit or clear your private notes whenever you like.
Request deletion of your account and associated data by contacting us.

Contact

Questions about privacy? Email privacy@petals.blog. See also our Help & FAQ.

← Back to Petals