Privacy Policy

At Mindful Journal AI, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our application.

1. Information We Collect

Personal Information

• Account Information: Email address, display name, and encrypted password for account creation and authentication
• Profile Data: Optional profile information you choose to provide
• Authentication Data: Login sessions, authentication tokens, and device information for security purposes

Journal Content

• Diary Entries: Your personal journal entries, including text content, timestamps, and associated metadata
• Mood Data: Mood ratings, emotional tracking data, and wellness indicators you choose to record
• AI Interactions: Your interactions with our AI assistant, including prompts and generated responses

Technical Information

• Usage Analytics: Application usage patterns, feature interaction data, and performance metrics (only with your consent)
• Device Information: Browser type, operating system, IP address, and device identifiers for security and optimization
• Local Storage: Preferences, settings, and consent choices stored in your browser

2. How We Use Your Information

Core Service Functionality

• Providing secure access to your personal journaling space
• Generating AI-powered insights and reflections on your entries
• Synchronizing your data across devices and sessions
• Enabling data export and backup functionality

Account Management

• Creating and maintaining your user account
• Authenticating your identity and securing your sessions
• Processing subscription and payment information
• Providing customer support and technical assistance

Service Improvement

• Analyzing usage patterns to improve app functionality (anonymized data only)
• Optimizing AI model performance and accuracy
• Identifying and fixing technical issues
• Developing new features based on user needs

3. Data Storage and Security

Infrastructure

Your data is stored using Google Firebase, a secure cloud platform that provides:

• Enterprise-grade security and encryption
• Automatic backups and disaster recovery
• Global data centers with 99.9% uptime reliability
• GDPR and SOC 2 compliance

Encryption

Access Controls

• Multi-factor authentication options for enhanced security
• Session management and automatic logout features
• Device-specific access controls and monitoring
• Regular security audits and vulnerability assessments

4. Third-Party Services

AI Processing

We use Google Gemini AI to generate insights and reflections on your journal entries. Your content is processed according to Google's privacy policies and security standards.

Analytics (Optional)

With your explicit consent, we may use analytics services to understand how our application is used. This data is anonymized and used solely for improving the user experience.

Payment Processing

Payment information is processed by secure third-party payment processors (Paddle and FreeKassa). We do not store your payment card details on our servers.

5. Your Privacy Rights

Data Access and Control

• Access: View and download all your personal data at any time
• Correction: Update or correct any inaccurate personal information
• Deletion: Request complete deletion of your account and all associated data
• Portability: Export your data in standard formats (JSON, Markdown, PDF)

Consent Management

• Opt-in consent for analytics and non-essential features
• Granular control over data processing preferences
• Easy withdrawal of consent at any time
• Clear notification of any privacy policy changes

6. Data Retention and Deletion

Retention Periods

• Active Accounts: Data retained while your account is active
• Inactive Accounts: Data may be deleted after 3 years of inactivity (with prior notice)
• Deleted Accounts: All personal data permanently deleted within 30 days
• Backup Systems: Deleted data removed from backups within 90 days

Account Deletion Process

7. International Data Transfers

Your data may be processed and stored in data centers located in different countries, including the United States and European Union. We ensure that all international transfers comply with applicable data protection laws and maintain the same level of security.

8. Children's Privacy

Mindful Journal AI is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Updating the "Last Updated" date at the top of this policy
• Sending an email notification to your registered email address
• Displaying a prominent notice in the application
• Requesting renewed consent for any new data processing activities

10. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Support: Through the in-app support system
• Data Protection: For privacy-specific inquiries and rights requests
• Security: For reporting security vulnerabilities