Privacy Policy

We collect only what's necessary to provide our service. Here's exactly what we store:

Account Information: Your email address and authentication credentials. This is stored in plaintext so we can send you notifications and help you recover your account.

Journal Entries & Check-in Notes: Your journal vault entries and encrypted check-in notes are encrypted on your device using AES-256-GCM encryption before being transmitted to our servers. We store only ciphertext. We cannot read these entries.

AI-Generated Summaries & Insights: When you use AI features, Daylogue generates summaries, narratives, and pattern insights from your check-ins. These AI-generated outputs are stored separately and are not end-to-end encrypted, as they power features like your daily narrative, weekly insights, and pattern detection. Your raw words remain encrypted; the AI-generated derivatives are kept in a separate layer.

Structured Metrics & Metadata: Mood scores, energy levels, stress ratings, sleep data, tags, timestamps, and device identifiers. This structured data powers your dashboards, trends, and AI features, and is protected by access controls and row-level security but is not end-to-end encrypted.

Encryption Keys: Your encryption keys are generated and stored on your device. We never have access to them.

We use your information to:

• Provide the core journaling and check-in experience
• Generate AI-powered insights and pattern detection
• Send reminders and notifications (with your permission)
• Respond to support requests
• Improve and maintain our services
• Prevent abuse and ensure security

**We never use your data for:** - Advertising or ad targeting - Selling to third parties - Training AI models - Any purpose you haven't consented to

Your privacy is protected by multiple layers of security:

Device-Side Encryption: Your journal vault entries and encrypted check-in notes are encrypted on your device using AES-256-GCM before transmission. The encryption keys are derived from credentials only you possess. We cannot decrypt this content.

Client-Encrypted Vault: For your journal entries and encrypted notes, our servers store only ciphertext. Even with full database access, these entries remain unreadable to us. Important: AI-generated summaries of your entries are stored separately and are readable by our systems to power features like narratives, insights, and pattern detection. Your original words remain encrypted; the AI-generated derivatives exist in a separate layer.

Transmission Security: All data in transit is protected by TLS 1.3 encryption.

Device-Based Key Management: Your encryption keys live on your devices. Cross-device sync requires explicit device approval.

HIPAA-Aligned Safeguards: Our technical security measures follow HIPAA Security Rule principles, including access controls, audit logging, and integrity verification. Note: We are not HIPAA compliant and do not offer Business Associate Agreements.

AI is core to Daylogue's insights. Here's exactly how it works:

How AI Processing Works: 1. When you use AI features, your content is sent to our AI provider (AWS Bedrock) for processing 2. AI generates insights, summaries, and narratives 3. AI-generated summaries are stored server-side to power features like your daily narrative, pattern detection, and insights 4. Your raw journal vault entries and encrypted notes remain device-encrypted with keys only you hold

Important Disclosures: - During AI processing, your content briefly exists as readable text at AWS Bedrock - Your content is NOT used to train AI models. AWS Bedrock does not store, log, or train on your data - Anthropic (the AI model provider) never sees your data. Bedrock isolates it within our AWS environment - Voice check-ins use Deepgram for speech-to-text and ElevenLabs for conversational voice (both zero data retention per contract) and AWS Bedrock for AI processing (zero data retention, encrypted transit) - AI-generated summaries are not end-to-end encrypted, as they are needed server-side for features you use

We do not sell your data. Period.

Our Data Trust Promise: - We never sell data to third parties, data brokers, or anyone else - We never share with advertisers or marketing platforms - We never use your data for ad targeting - We never train AI models on your personal entries (AWS Bedrock does not store or train on your data) - Our revenue comes from subscriptions only - You can delete your account and all data anytime

Service Providers: We use the following subprocessors to deliver the service. Each is bound by a data processing agreement and only processes your data as necessary for the service they provide:

• **Supabase** — Database hosting and authentication
• **AWS Bedrock** — AI inference (zero data retention, no model training)
• **Deepgram** — Speech-to-text transcription (zero data retention per contract)
• **ElevenLabs** — Conversational AI voice agent for voice check-ins (real-time voice processing; zero data retention per contract)
• **Resend** — Transactional email delivery
• **Stripe** — Payment processing
• **Vercel** — Application hosting and edge delivery
• **Google Ireland Limited / Google LLC** — Marketing-site analytics (Google Analytics 4) only. Loaded exclusively on public marketing pages and only after you grant analytics consent. Never loaded inside the signed-in product.

A full subprocessor list is available at [/subprocessors](/subprocessors).

Legal Requirements: We may disclose information if legally required (e.g., court order). Your journal vault entries and encrypted notes are encrypted with keys we do not possess. We can only provide encrypted ciphertext for that content. AI-generated summaries and structured metrics could theoretically be provided if legally compelled.

Business Transfers: In the event of acquisition or merger, your data protections continue. We would notify you of any ownership change.

Never Shared: Your journal content, AI insights, and personal reflections are never shared with advertisers, data brokers, or any third party for their own purposes.

Social Sharing (Insight Cards): When you choose to share an insight card, Daylogue generates a static image containing a visual summary of your data (e.g., color palettes, mood gradients, wellness labels). These images never contain raw journal text, specific dates, or personally identifiable information. Share images include subtle Daylogue branding. Once you share an image outside Daylogue (via social media, messaging, etc.), that content is outside our control and subject to the receiving platform's policies. We log share events (card type, aspect ratio, platform) to improve the feature. No third-party tracking SDKs are used for sharing.

Daylogue offers optional organization and team features for workplaces, sports teams, and other groups. Here is how your data is handled in those contexts.

Aggregate Data Access: Organization administrators can view aggregate (anonymized) wellness data about their members through a dashboard and API. Individual data is never included in these aggregates. We require a minimum of 5 active members before any aggregate metrics are shown, so no individual can be identified through small group sizes (this is called k-anonymity).

Individual Score Sharing: Members who join an organization can optionally choose to share their individual wellness scores (mood, energy, stress) with organization leaders. This sharing is: - Entirely voluntary and opt-in - Controllable per metric (you can share mood but not stress, for example) - Revocable at any time through your settings - Limited to the past 7 days of scores (leaders cannot see historical data, written reflections, or voice entries)

API Access: Enterprise organizations may access aggregate data and, where members have opted in, individual scores through authenticated API endpoints. All API access is: - Authenticated via organization-specific API keys - Rate-limited and monitored for abuse - Logged for compliance auditing - Scoped to specific data types (an API key cannot access more than what was granted)

Webhook Data Transfers: Organizations may configure webhooks to receive automated notifications about organizational events (such as wellness alerts or weekly report availability). Webhook data: - Contains aggregate information only (no individual data is sent via webhooks) - Is signed with HMAC-SHA256 so the receiving server can verify authenticity - May be delivered to URLs specified by the organization administrator - Delivery is logged for audit purposes

API Request Logging: We log API request metadata including client IP addresses, user agent strings, and request timestamps for security monitoring, abuse prevention, and compliance auditing. These logs are retained for 90 days.

Peer Feedback (Appreciation, Constructive, Concern): Workplace organizations may enable peer feedback, which lets members send feedback to one another in three lanes. Each lane has a different visibility model: - **Appreciation** is private to the recipient by default. Designated reviewers and organization administrators are notified that a note was sent and can see the sender, recipient, lane, and date — but not the body. Senders can optionally choose at submission time to share an appreciation note with team admins, in which case admins can also read the body in their reviewer dashboard. - **Constructive feedback** is visible to the recipient and to designated reviewers (which typically includes organization owners, admins, and coaches). The body of the message is visible to those reviewers as part of the moderation flow. - **Concern reports** are visible only to designated reviewers. The body is not shown to the recipient.

For all lanes, designated reviewers can read message bodies they are authorized to see, update case status, and (for constructive and concern) participate in a moderated thread with the sender. Anonymous submissions are supported where the lane allows it; anonymous senders are not linked to a user account in the submission record. Submissions are retained per lane for the period configured by the organization (defaults: appreciation 365 days, constructive 730 days, concern up to 7 years for compliance retention).

AI-Generated Content: Team narrative summaries provided through the API are generated by AI from anonymized aggregate data. They are not clinical assessments and should not be treated as medical, psychological, or diagnostic information.

When you leave an organization (voluntarily, via admin removal, or via SCIM offboarding), your personal check-in history and account remain intact. Your past contributions to team aggregates are frozen in the historical windows they belonged to — they are not removed retroactively, to preserve the statistical integrity of those aggregates for the remaining team members. Going forward, your data no longer contributes to team averages. You can export your data at any time from Settings → Privacy → Export.

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) give you specific rights regarding your personal information.

Right to Know: You have the right to request disclosure of what personal information we collect, use, disclose, and sell about you.

Right to Delete: You have the right to request deletion of personal information we have collected from you, subject to certain exceptions.

Right to Opt Out of Sale or Sharing: We do not sell or share your personal information for cross-context behavioral advertising. You can still record an opt-out through the "Do Not Sell or Share My Personal Information" footer link, which disables marketing tracking. We honor Global Privacy Control (GPC) signals as a valid opt-out request.

Right to Correct: You have the right to correct inaccurate personal information we hold about you.

Right to Limit the Use and Disclosure of Sensitive Personal Information: Under CPRA, you have the right to limit our use of sensitive personal information (SPI) to what is necessary to perform the service. Daylogue collects the following categories of SPI: (1) voice audio and transcripts from voice check-ins; (2) self-reported wellness data (mood, energy, stress, sleep) and AI-generated inferences derived from your check-ins, which may reveal information about your mental or physical condition; and (3) precise geolocation when used for weather and context personalization. We use this SPI solely to provide the service you signed up for. We do not use SPI to infer characteristics about you for any other purpose, and we do not sell or share SPI. To exercise the right to limit, email privacy@daylogue.com with "Limit Sensitive Personal Information" in the subject line, or use the "Limit the Use of My Sensitive Personal Information" link in our footer.

Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

Rights of Minors (Ages 13–16): For California residents between the ages of 13 and 16, we do not sell or share your personal information without your opt-in consent. We do not knowingly collect personal information from users under 13 under any circumstances.

Data Retention: We retain personal information only as long as needed to provide the service or as required by law. Account information is retained while your account is active plus a 30-day deletion grace period; journal vault entries, encrypted check-in notes, AI-generated summaries, and structured metrics are retained while your account is active; API request logs are retained for 90 days; voice audio is not retained by our voice and speech-to-text providers; backups are purged within 30 days of account deletion.

CA AB 2013 AI Transparency: Daylogue does not use your data to train AI models. AWS Bedrock (our AI inference provider) processes data ephemerally and does not retain or train on it. This is a standing commitment under California AB 2013.

How to Submit a Request: Use our privacy request form at /privacy/request, or email privacy@daylogue.com with "California Privacy Request" in the subject line. We will respond within 45 days.

Users in Washington State, Nevada, and Connecticut have additional rights under state consumer health data laws.

Applicable laws: Washington My Health MY Data Act (WMHDA, RCW 19.373), Nevada SB 370 (NRS Chapter 629), Connecticut SB 3.

What qualifies as consumer health data in Daylogue: Self-reported check-in scores (mood, energy, stress), voice check-in transcripts, AI-generated wellness narratives, and pattern data derived from your check-in history.

Your rights (Washington WMHDA): - Right to access your consumer health data (within 45 days) - Right to deletion of consumer health data (within 30 days, independent of account deletion) - Right to withdraw consent to collection or sharing at any time - Right to know whether your consumer health data is shared with third parties

Your rights (Nevada SB 370): - Right to access, right to deletion (within 30 business days), right to opt out of sale

Your rights (Connecticut SB 3): - Right to access, right to deletion (within 60 days), right to portability, right to opt out of processing for non-service purposes

How we use consumer health data: Solely for service delivery. We never sell it, use it for advertising, or share it with employer-context administrators in any individually identifiable form. If you decline health data collection in-app, mood, energy, stress, and sleep scores will not be collected during check-ins, and voice check-ins will be unavailable while that preference is active. Your choice is remembered across sessions and can be changed at any time in Settings > Privacy & Security. Crisis resources remain available regardless of your consent state.

To exercise these rights: Email privacy@daylogue.com with "Consumer Health Data Request" and your state of residence in the subject line.

Full policy: Consumer Health Data Privacy Policy (available at security@daylogue.io on request).

If you are located in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and applicable national law govern our processing of your personal data.

Legal basis for processing: We process your personal data on the basis of: - Your explicit consent (Article 6(1)(a)) for check-in data, AI processing, and optional features - Contract performance (Article 6(1)(b)) for account management and service delivery

Article 9 special-category data: Self-reported check-in scores and wellness narratives may qualify as data concerning health under GDPR Article 9. We process this data only with your explicit consent, which you give at the time you complete a check-in. You may withdraw this consent at any time in Settings > Privacy & Security.

EU AI Act Article 50 disclosure: Daylogue's check-in conversations are generated by an AI system. You are interacting with an AI, not a human. This disclosure is made before every check-in session.

Your GDPR rights: Right to access, right to rectification, right to erasure ("right to be forgotten"), right to restriction of processing, right to data portability, right to object, right not to be subject to solely automated decision-making.

How to exercise your rights: Email privacy@daylogue.com with "GDPR Data Request" in the subject line. We will respond within 30 days.

Data transfers: Your data is processed in the United States. We rely on standard contractual clauses (SCCs) where applicable for cross-border transfers.

You have complete control over your data:

Export: Download all your data in standard formats anytime from your account settings.

Delete: Request permanent deletion of your account and all associated data. Deletion requests are processed within a 30-day grace period, during which you can cancel the deletion. After 30 days, all data is permanently removed and cannot be recovered.

Access: Request a copy of all data we hold about you.

Correction: Update your account information at any time.

Opt-Out: Unsubscribe from marketing emails anytime. Essential service communications (security alerts, account issues) cannot be opted out of while your account is active.

To exercise these rights, email privacy@daylogue.com or use the in-app settings.

Program Name: Daylogue SMS Check-ins

What It Is: When you opt in through the Daylogue app, we send text message check-in prompts to your phone number. You reply with how you're feeling, and your response is processed as a check-in. You can also opt in to SMS notifications (reminders, weekly summaries, and gentle nudges).

Message Frequency: Up to 5 messages per day (1 outbound prompt plus up to 4 conversational follow-ups per session). Notification texts are sent based on your chosen schedule.

Message and Data Rates: Standard message and data rates may apply depending on your mobile carrier plan.

Opt-In: You opt in to SMS check-ins exclusively through the Daylogue app settings by entering your phone number, verifying it with a one-time code, and toggling on SMS check-ins. SMS is off by default. No messages are sent until you explicitly opt in. There is no web form, keyword, or checkout-based enrollment.

Opt-Out: You can stop receiving messages at any time by replying **STOP** to any message, or by toggling off SMS check-ins in your Daylogue app settings.

Help: Reply **HELP** to any message for support information, or contact us at hello@daylogue.io.

Your Phone Number and Mobile Information: We store your phone number solely for delivering SMS check-ins. No mobile information, including phone numbers, SMS consent records, and opt-in/opt-out data, will be shared with or sold to third parties or affiliates for marketing or promotional purposes. Your number is stored securely and used only to deliver the messages you requested.

AI-Personalized Messages: Some SMS check-in messages are personalized using AI. When this occurs, aggregated data from your recent check-ins (mood trend, tags, check-in frequency) is processed by our AI provider to generate a contextually relevant opening message. This processing is ephemeral. No SMS content or AI inputs are stored by the AI provider. Approximately 40% of messages use standard templates with no AI personalization.

SMS conversations and crisis handling: If your SMS conversation is identified as containing signs of a crisis, such as thoughts of suicide, self-harm, or immediate danger, Daylogue is designed to pause its usual data capture. This detection is automated and may not identify every instance.

Detection of crisis content is performed automatically using a combination of keyword pattern matching and AI-assisted review. No human reviews your message content.

If a crisis is detected, we will send you crisis resource information: 988 Suicide and Crisis Lifeline (US), Crisis Text Line at 741741 (US), and findahelpline.com (international directory). The check-in session ends at that point. Daylogue does not provide crisis counseling or intervention, and does not contact emergency services, notify any third party, or take any action on your behalf in response to crisis content.

Service Provider: SMS messages are delivered through Twilio, our messaging infrastructure provider. Twilio processes your phone number and message content only as necessary to deliver the service.

Carriers: Supported on all major U.S. carriers. Carriers are not liable for delayed or undelivered messages.

We use minimal, necessary cookies and disclose every tracking tool we run:

Essential Cookies: Keep you logged in, remember your preferences, and protect against CSRF and other security threats. These cannot be disabled without breaking core functionality.

Analytics — Google Analytics 4 (marketing site only): On our public marketing pages, and only after analytics consent, we run Google Analytics 4 (measurement ID G-0QB3RW6GN5) operated by Google Ireland Limited (for EU/UK visitors) and Google LLC (for other visitors). GA4 may set cookies named `_ga` and `_ga_*` to measure aggregate marketing-site traffic, referral sources, and page performance. We have configured GA4 with IP anonymization enabled, ads-data redaction enabled, and Google Signals disabled. Data retention is set to the minimum (2 months).

GA4 is **not** loaded inside the signed-in Daylogue product. Once you log in, the GA4 script is removed and no Google Analytics requests are made from your authenticated session. GA4 is not inserted until you grant analytics consent through our cookie banner. Analytics storage is denied by default, and nothing is sent to Google until you opt in. You can revoke analytics consent at any time from our [cookie policy](/cookies) page or by clearing the consent preference; we react to that change immediately by removing the GA4 script and expiring GA cookies.

What We Don't Use: - Third-party advertising cookies - Cross-site tracking pixels - Social media tracking pixels - Fingerprinting techniques - Any analytics inside the authenticated product

You can also control cookies through your browser settings.

Daylogue is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately at privacy@daylogue.com and we will delete it.

We may update this policy to reflect changes in our practices or for legal reasons. When we make material changes:

• We'll post the updated policy here with a new "Last updated" date
• We'll notify you via email for significant changes
• Continued use after changes constitutes acceptance

We encourage you to review this policy periodically.

Questions about privacy? We're here to help.

Email: privacy@daylogue.com

Response Time: We aim to respond within 48 hours.

Data Protection: For data protection inquiries or to exercise your rights, email privacy@daylogue.com with "Data Request" in the subject line.

Address: Daylogue LLC Los Angeles, CA United States