Seven privacy tools in one app. Monitor breaches, encrypt your notes, scan suspicious links, and strip hidden metadata — all behind biometric lock.
NightMare bundles the essential privacy tools most people don't know they need into a single, approachable app.
We check your email addresses against known data breaches and alert you the moment your data shows up. Know what was exposed and what to do about it.
Free — 3 emailsStore recovery codes, passwords, and sensitive text behind AES-256 encryption with biometric lock. Your notes never leave your device unencrypted.
Free — 10 notesPaste a suspicious URL before clicking it. We follow every redirect, check SSL certificates, and scan against malware databases so you don't have to.
Free — UnlimitedYour photos carry hidden GPS coordinates, camera info, and timestamps. Strip it all before sharing — see exactly what was removed in a before-and-after view.
Free — 5/dayA guided audit of your phone settings, social media exposure, and data broker presence. Get an actionable checklist to tighten your digital footprint.
ProSee what your device is connecting to in real time. Flag suspicious outbound connections, identify chatty apps, and block known trackers.
ProThe free tier is genuinely useful. Pro unlocks the full toolkit for people who take privacy seriously.
Last updated: April 1, 2026
NightMare ("we," "our," or "the app") is a privacy toolkit built by NorseHorse. We built this app to protect your privacy, and we practice what we preach. This policy explains what data we collect, why, and how we handle it.
Account information: When you create an account, we store your email address and a bcrypt-hashed password. We never store your password in plain text.
Monitored emails: Email addresses you add to Breach Monitor are stored on our server so we can check them against the HaveIBeenPwned database on your behalf.
Link scan history: URLs you scan are stored on our server to provide you with scan history. You can delete your scan history at any time.
Encrypted notes (Pro): If you enable cloud sync, your notes are encrypted on your device before being transmitted. We store only ciphertext — we cannot read your notes. The encryption key never leaves your device.
Device tokens: If you enable push notifications, we store your device token to send you breach alerts.
HaveIBeenPwned: We send monitored email addresses to the HaveIBeenPwned API to check for data breaches. Their privacy policy is available at haveibeenpwned.com.
Google Safe Browsing: URLs submitted to Link Scanner are checked against the Google Safe Browsing API. Google's privacy policy applies to their processing of this data.
Apple: Subscription purchases are processed by Apple through the App Store. Apple's privacy policy governs payment processing.
All communication between the app and our servers uses TLS 1.3 encryption. Secure Notes use AES-256-GCM encryption with keys stored in your device's Secure Enclave via the iOS Keychain. Passwords are hashed using bcrypt with a cost factor of 12.
You can delete your account and all associated data at any time. When you delete your account, all monitored emails, breach alerts, scan history, encrypted notes, and device tokens are permanently removed from our servers.
NightMare is not intended for use by children under 13. We do not knowingly collect information from children under 13.
We may update this privacy policy from time to time. We will notify you of significant changes through the app or via email.
Questions about this policy? Email us at support@norsehor.se
Last updated: April 1, 2026
By downloading, installing, or using NightMare ("the app"), you agree to these Terms of Use. If you do not agree, do not use the app.
NightMare is a privacy toolkit that provides data breach monitoring, encrypted note storage, URL scanning, metadata removal, privacy auditing, email alias management, and network monitoring tools. The app is provided "as is" and is intended for personal, non-commercial use.
You must provide accurate information when creating an account. You are responsible for maintaining the security of your account credentials. You must notify us immediately if you suspect unauthorized access to your account.
NightMare offers free and paid subscription tiers. Paid subscriptions are billed through Apple's App Store. Subscriptions auto-renew unless cancelled at least 24 hours before the end of the current billing period. You can manage or cancel your subscription through your Apple ID settings. Refunds are handled by Apple in accordance with their refund policy.
The Iron Stallion (Lifetime) purchase is a one-time, non-recurring payment that grants permanent access to all Pro features.
You agree not to:
NightMare, its logo, and all associated branding are the intellectual property of NorseHorse. You may not use our trademarks without written permission.
NightMare is provided "as is" without warranties of any kind, express or implied. We do not guarantee that the app will detect all data breaches, identify all malicious URLs, or remove all metadata from files. The app is a tool to assist with privacy — it is not a substitute for comprehensive security practices.
To the maximum extent permitted by law, NorseHorse shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of the app, including but not limited to loss of data, unauthorized access to your accounts, or failure to detect a security threat.
We reserve the right to suspend or terminate your account if you violate these Terms. You may delete your account at any time through the app's settings.
These Terms are governed by the laws of the State of Alabama, United States, without regard to conflict of law principles.
We may modify these Terms at any time. Continued use of the app after changes constitutes acceptance of the updated Terms.
Questions about these Terms? Email us at support@norsehor.se