Privacy Policy

Last updated: December 6, 2025

Introduction

At Journal App, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our journaling application. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

Data Categories We Collect

We collect various types of information to provide and improve our services:

Account Information

  • Name and email address
  • Profile information and preferences
  • Authentication credentials

Journal Content

  • Written journal entries and reflections
  • Goals, milestones, and progress tracking data
  • Categories and tags you create
  • Timestamps and metadata associated with entries

Voice Data

  • Audio recordings when using voice journaling features
  • Transcriptions generated from your voice input
  • Voice interaction data with AI coach features

AI Interaction Data

  • Conversations with AI coaching features
  • AI-generated insights and recommendations
  • Coach personality preferences and settings

Integration Data

  • Google Calendar events and schedule information (when connected)
  • Theme customization preferences
  • Application settings and configurations

Technical Data

  • Usage patterns and feature interactions

Voice Data Collection & Processing

When you use our voice journaling features, we process your audio data as follows:

  • Real-time transcription: Voice recordings are converted to text using secure speech-to-text services
  • Temporary storage: Audio files are processed in real-time and are not permanently stored unless you explicitly save them
  • AI processing: Transcribed text may be processed by our AI systems to provide coaching and insights
  • Voice preferences: We may store voice-related settings such as language preferences and speech patterns to improve transcription accuracy

You can disable voice features at any time through your account settings. When disabled, no audio data will be collected or processed.

Third-Party Integrations

Google Calendar Integration

When you connect your Google Calendar to Journal App:

  • We access your calendar events to provide context-aware coaching
  • Calendar data is used to understand your schedule and commitments
  • We do not modify, create, or delete events in your calendar
  • Calendar access can be revoked at any time through your Google account settings or within our app
  • We only request read-only access to your calendar data

Google Authentication

If you sign in using Google:

  • We receive basic profile information (name, email, profile picture)
  • We use OAuth 2.0 for secure authentication
  • We do not receive or store your Google password
  • You can disconnect Google authentication at any time

AI/ML Data Processing

Our AI-powered features process your data to provide personalized insights and coaching:

  • Personalized insights: Your journal entries are analyzed to identify patterns, themes, and growth opportunities
  • Weekly summaries: AI generates summaries of your reflections to help you track progress
  • Coaching responses: Your journal history provides context for AI coaching conversations
  • Goal recommendations: AI may suggest goals and milestones based on your entries

Important: Your personal journal data is not used to train general AI models. Your data remains private and is only used to provide personalized features within your own account.

We use Google's Gemini AI services. Data sent to these services is processed according to their respective privacy policies and our data processing agreements with them.

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process your transactions and send you related information
  • Send you technical notices, updates, security alerts, and support messages
  • Respond to your comments, questions, and customer service requests
  • Provide personalized AI coaching based on your journal entries
  • Generate insights and summaries from your reflections
  • Sync your data across devices
  • Monitor and analyze trends, usage, and activities in connection with our services
  • Detect, prevent, and address technical issues and protect against fraud

Data Security

We implement robust technical and organizational security measures to protect your personal information:

  • Encryption in transit: All data transmitted between your device and our servers uses TLS/SSL encryption
  • Encryption at rest: Your journal entries and personal data are encrypted when stored
  • Row-level security: Database-level security ensures users can only access their own data
  • Secure authentication: We use industry-standard authentication practices including OAuth 2.0
  • Regular audits: We conduct regular security reviews and vulnerability assessments

However, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

Your Rights & Choices

You have the following rights regarding your personal data:

Access & Portability

  • Request a copy of your personal data
  • Export your journal entries and data in a portable format
  • Access information about how your data is processed

Correction & Deletion

  • Update or correct your personal information
  • Delete your account and associated data
  • Request deletion of specific entries or data

Control & Consent

  • Disable voice features and voice data collection
  • Disconnect third-party integrations (Google Calendar, etc.)
  • Opt out of non-essential communications
  • Withdraw consent for data processing

GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Legal basis: We process your data based on your consent, contractual necessity, and our legitimate interests
  • Right to object: You can object to processing based on legitimate interests
  • Right to restriction: You can request we limit how we use your data
  • Right to lodge a complaint: You can file a complaint with your local data protection authority
  • Data transfers: When data is transferred outside the EEA, we ensure appropriate safeguards are in place

CCPA Compliance (California Users)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know: Request information about what personal data we collect, use, and disclose
  • Right to delete: Request deletion of your personal information
  • Right to opt-out: We do not sell personal information to third parties
  • Right to non-discrimination: We will not discriminate against you for exercising your CCPA rights

To exercise any of these rights, please contact us using the information provided below.

Data Retention

We retain your personal information for as long as necessary to provide you with our services:

  • Active accounts: Data is retained while your account is active
  • Account deletion: Upon account deletion, we remove or anonymize your data within 30 days
  • Backup retention: Encrypted backups may be retained for up to 90 days for disaster recovery
  • Legal requirements: Some data may be retained longer if required by law

Third-Party Services

We use the following third-party services to operate our application:

  • Firebase/Google Cloud: Authentication, database, and hosting services
  • Google Gemini: AI-powered features and insights
  • Google Calendar API: Calendar integration (when enabled)

These third parties have access to your personal information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Children's Privacy

Journal App is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can delete such information.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page, updating the "Last updated" date, and sending you an email notification when appropriate. You are advised to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

Email: wvparrone@gmail.com

For GDPR-related inquiries, you may also contact our Data Protection contact at the email address above.