Privacy Policy

Last updated: April 3, 2026

1. Who We Are

This Privacy Policy explains how shadowMindJournal ("we", "us", "our") collects, uses, and shares personal information when you use Shadow Journal and related services (the "Services").

2. Information We Collect

  • Account data: email, authentication identifiers, and account preferences.
  • Journal content: entries, tags, and analysis requests you submit.
  • Usage and device data: log data such as IP address, browser/device metadata, and request timestamps.
  • Payment data: billing metadata, subscription status, and transaction references. Card details are processed by Stripe and are not stored by us.
  • Support communications:messages sent to us by email or support channels.

3. How We Collect Data

  • Directly from you (sign-up, journal writing, purchases, support).
  • Automatically through normal operation of the Services.
  • From service providers required to operate features (for example, Stripe).

4. How We Use Data

  • Provide and secure the Services.
  • Process subscriptions, one-time purchases, and account management.
  • Run AI analysis features that you explicitly request.
  • Maintain product reliability, diagnose errors, and prevent abuse.
  • Comply with legal, accounting, and tax obligations.

5. AI Processing

If you choose to use AI analysis features, relevant journal content is sent to our AI processing stack and model providers to generate a response. We do not sell your journal data.

Model/provider retention and processing practices are governed by their own policies and agreements. You can avoid AI processing by not using AI analysis actions.

6. Sharing of Information

We share data only where needed to operate the Services, including:

  • Infrastructure and authentication providers (for example, Supabase).
  • Payment processors (for example, Stripe).
  • AI orchestration/model providers for requested analysis operations.
  • Legal authorities when required by law.

We do not sell personal information to data brokers.

7. Data Retention

  • Journal content and account data are retained while your account is active, unless you delete content earlier.
  • After account deletion, data is removed subject to short operational backup windows and legal retention duties.
  • Payment and accounting records may be retained for legally required periods.

8. Security

We use reasonable technical and organizational measures to protect data, including secure transport and controlled access. No online system is 100% secure.

The Services are not designed so that only your device can decrypt your journal. Content is stored on our systems so we can run the product and the features you choose (including optional AI analysis). For details on what we collect and share, see sections 2, 5, and 6.

9. Your Rights and Choices

  • Access, update, or delete your account information.
  • Delete journal content and account through product settings.
  • Contact us for data access or deletion requests.

10. Children

The Services are not intended for children under 13, and we do not knowingly collect personal information from children under 13.

11. International Transfers

Your data may be processed in jurisdictions other than your own as required to provide the Services. Where applicable, we use appropriate safeguards for international data transfers.

12. Policy Updates

We may update this policy from time to time. Material changes will be posted on this page with an updated effective date.

13. Contact

For privacy questions or requests, contact us at hello@shadowMindJournal.com.