Privacy Policy

Last updated: March 27, 2026

The Short Version

AdErasr is designed to protect your privacy, not compromise it. We do not collect, transmit, or sell your personal data. All blocking, analytics, and reporting happen entirely on your device.

1. Data We Do Not Collect

AdErasr does not collect any data from you. There are no analytics, no telemetry, no crash reporting, and no usage tracking built into the app. We do not know who you are, what sites you visit, or how you use the app. We do not sell, share, or monetize any user data.

2. Safari Content Blocking

AdErasr uses Safari's Content Blocker API to block ads, trackers, and annoyances. All content blocking happens entirely on your device using rules compiled by Safari's WebKit engine. Your browsing data is not accessible to AdErasr or its developers. The Content Blocker API is privacy-by-design — Apple does not allow content blockers to access page content or browsing history.

3. Safari Web Extension

AdErasr includes a Safari Web Extension that provides additional protection beyond Content Blockers:

• Cosmetic filtering — hides ad elements that Content Blockers cannot remove, using CSS injection and DOM manipulation. This happens locally in the browser tab.
• Cookie consent auto-dismissal — automatically clicks "Reject All" on cookie consent banners to protect your privacy. This action is taken on your behalf without per-instance confirmation.
• Scriptlet injection — neutralizes anti-adblock detection scripts so websites cannot detect that you are using a content blocker.
• Block counting — counts blocked resources per page for display in the extension popup and app dashboard. These counts are sent from the extension to the main app via native messaging and stored locally on your device.

The Web Extension processes page content locally. No browsing data, page content, or URLs are transmitted to AdErasr's servers.

4. Aegis — System-Wide URL Filtering

Aegis uses Apple's iOS 26 NEURLFilter API to block ad and tracker domains across all apps on your device, not just Safari. This is an opt-in feature that you must explicitly enable.

How it works:

• A Bloom filter (a compact data structure) is stored locally on your device. When any app makes a network request, iOS checks the URL against this local filter. No URLs leave your device for this check.
• If the Bloom filter indicates a potential match, iOS consults a Private Information Retrieval (PIR) server to confirm. The PIR protocol uses homomorphic encryption — the server processes your query without being able to decrypt it or learn which URL you are checking.
• Apple operates an Oblivious HTTP (OHTTP) relay between your device and our PIR server. This relay strips your IP address from the request, so our server cannot identify which device made the query.

What this means for your privacy:

• AdErasr's servers cannot see which URLs you visit or which apps you use.
• Apple's relay cannot see the content of your query (it is encrypted).
• No browsing history, URL data, or app usage data is collected, stored, or transmitted in a way that identifies you.

5. Data Stored Locally on Your Device

AdErasr stores the following data locally on your device to provide its features. This data is never transmitted to AdErasr's servers:

• Block statistics — per-domain block counts and category breakdowns, used to display your Dashboard and Daily Intelligence Report.
• Tracker records — per-tracker, per-site, per-day blocking records stored in an on-device database (SwiftData). These power the Daily Report, Site Report Cards, and privacy grades.
• Whitelist — domains you have chosen to exclude from blocking.
• Custom rules — any custom blocking rules you create.
• Achievement progress — milestones and achievement data for the gamified privacy experience.
• App settings — your preferences for which filter categories are enabled.

You can delete all locally stored data at any time by uninstalling the app or using the "Reset Statistics" option in Settings.

6. iCloud Sync

Your whitelist entries are synced across your Apple devices using Apple's NSUbiquitousKeyValueStore (iCloud key-value storage). This means your whitelisted domain names are stored on Apple's iCloud servers, governed by Apple's Privacy Policy. No other data (block statistics, tracker records, browsing history) is synced to iCloud. You can disable iCloud sync for AdErasr in iOS Settings → [Your Name] → iCloud.

7. Filter List Updates

AdErasr periodically downloads updated filter lists to keep blocking rules current. These updates are fetched through a Cloudflare proxy server from a GitHub repository. These downloads include a static API key for rate limiting but do not include cookies, user tokens, device identifiers, or any data that identifies you. As with any HTTPS request, your IP address is visible to Cloudflare's infrastructure.

8. Tracker Intelligence

The Daily Intelligence Report includes descriptions of tracker companies and their data practices. These descriptions are informational and based on publicly available information. They do not constitute legal claims or factual assertions about those companies. AdErasr is not responsible for the accuracy of these descriptions.

9. Third-Party Services

AdErasr uses the following third-party services:

• Apple — Content Blocker API, Web Extension API, NEURLFilter API, iCloud (whitelist sync), PIR OHTTP relay, App Store. Apple Privacy Policy
• Cloudflare — CDN and proxy for filter list delivery and website hosting. Cloudflare Privacy Policy
• GitHub — Hosts upstream filter list repository. GitHub Privacy Statement
• Resend — Email delivery for the contact form on this website. Resend Privacy Policy

AdErasr does not integrate with any advertising, analytics, or data broker services.

10. This Website

This website (aderasr.com) does not use cookies, analytics services, or tracking scripts. All fonts are self-hosted. The only data transmitted from this site is through the contact form, which collects the name, email address, subject, and message you provide, sent via Resend to our support inbox. We use this information solely to respond to your inquiry and do not add you to any mailing list.

11. Your Rights (GDPR & CCPA)

For EU/EEA residents (GDPR): You have the right to access, rectify, erase, restrict processing, and port your data. Since AdErasr stores data locally on your device and does not collect it on our servers, you exercise these rights directly: uninstalling the app deletes all local data, and iCloud data can be managed via iOS Settings.

For California residents (CCPA): AdErasr does not sell personal information. We do not share personal information with third parties for their direct marketing purposes. You have the right to know what data is collected (none, beyond the local storage described above) and to request deletion (uninstall the app).

12. Apple Privacy Manifest

AdErasr's PrivacyInfo.xcprivacy declares:

• NSPrivacyTracking: false
• NSPrivacyTrackingDomains: none
• NSPrivacyCollectedDataTypes: none
• NSPrivacyAccessedAPITypes: UserDefaults (reason CA92.1 — app functionality)

13. On-Device Inter-Process Communication

The main app and its 7 extensions (6 Content Blockers + 1 Web Extension) share data through an App Group container (group.io.joshuahart.AdErasr). This is on-device inter-process communication via shared UserDefaults and a local SwiftData database. No network transmission is involved.

14. Live Activity, Dynamic Island & Widgets

Block count statistics may be displayed on your Lock Screen (Live Activity), Dynamic Island, and Home Screen widgets. All data shown is computed locally from on-device statistics and is never transmitted to any server.

15. Security

All on-device data is protected by iOS device encryption. There are no server-side databases to breach. The Cloudflare Worker proxy uses HTTPS for all communications. The GitHub authentication token used for filter list delivery is stored server-side only and never appears in the app binary.

16. Data Retention

Block statistics and tracker records are retained for 90 days and then automatically pruned. Whitelist entries and custom rules are retained until you remove them. Achievement progress is retained until you reset it. No data is retained on any server.

17. Children's Privacy

AdErasr does not knowingly collect personal information from children under 13. If we learn that we have inadvertently collected such information, we will delete it promptly. Since AdErasr does not collect any personal information from any user, this provision is precautionary.

18. Changes

If this policy changes, the updated version will be posted here with a new date.

19. Contact

Questions about this policy can be sent through our contact form.