Legal

Privacy Policy

Last updated April 2026

Your personal content — journals, voice recordings, mood entries — is never sold or used for advertising. It stays yours.

Overview

This Privacy Policy explains how we collect, use, and protect your personal information when you use this Service. We take your privacy seriously — this is a space for personal healing, and your data belongs to you.

Information We Collect

Information you provide directly

Email address and display name (for account creation)
Journal entries, voice recordings, and mood check-ins you create
Profile information you choose to add (age range, pronouns, location)
Content you post in community areas
Messages sent through the accountability partner feature

Collected automatically

Basic usage patterns (pages visited, features used) for improving the Service
Device and browser type for compatibility purposes

How We Use Your Information

We use your information solely to:

Provide and maintain the Service
Personalize your experience within the app
Store and retrieve your content on your behalf
Respond to safety reports and enforce our Terms of Service
Send account-related notifications (e.g., password resets)

We do not use your journal entries, voice recordings, or personal healing data for advertising, marketing profiling, or sale to third parties.

Cookies & Local Storage

We use cookies and local storage for the following purposes only:

Authentication — keeping you signed in between sessions (essential)
Preferences — remembering your app settings and consent choices (essential)
Session state — maintaining your current session securely (essential)

We do not use advertising cookies, third-party tracking cookies, or analytics cookies that send your data to external services.

You can decline non-essential cookies via the cookie banner when you first visit. Declining will not prevent you from using the app.

Data Storage and Security

Your data is stored securely using Supabase, a cloud database provider with industry-standard encryption at rest and in transit. Row-level security policies ensure that each user can only access their own data.

While we implement reasonable security measures, no system is completely secure. We cannot guarantee absolute security of your data.

Data Sharing

We do not sell your personal data. We may share information only in the following limited circumstances:

With service providers who help us operate the Service (e.g., database hosting), under strict confidentiality obligations
When required by law, court order, or to protect the safety of users or the public
In connection with a merger, acquisition, or sale of assets, in which case you will be notified

Community Content

Content you post in community areas (support feed, replies) is visible to other authenticated users of the Service. Posts marked as anonymous will not display your name, but metadata such as timing may still be associated with your account internally for moderation purposes.

Therapist Share Links

When you generate a therapist share link, the linked content becomes accessible to anyone who holds that link for the duration of its validity period. You are responsible for sharing these links only with individuals you trust. You can revoke any share link at any time from within the app.

AI Features

Some features use AI to generate responses, insights, and coaching content. Interactions with AI features may be processed by third-party AI providers. We take reasonable steps to minimize the personal information sent to these services and do not send your full journal history without your explicit action (such as requesting an AI reflection).

10.

Your Rights

You have the right to:

Access the personal data we hold about you (via the Data Export feature)
Correct inaccurate personal information
Delete your account and associated data (via Settings)
Withdraw consent at any time where processing is based on consent
Lodge a complaint with a data protection authority if applicable in your jurisdiction

11.

Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law or for legitimate safety purposes (e.g., records of resolved safety reports).

12.

Children

The Service is not directed at children under 18. We do not knowingly collect personal data from anyone under 18. If you believe a minor has created an account, please contact us and we will promptly delete the account.

13.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by updating the date at the top of this page. Continued use of the Service after changes are posted constitutes your acceptance.