Privacy Policy

1. Introduction

Welcome to 90-Day Identity Reset Journal. We respect your privacy and are committed to protecting your personal data. This policy explains how we handle your information.

2. Data Collection

What We Collect:

• Email address (only if you create an account)
• Journal entries and reflections you write
• App settings and preferences
• Usage data for error monitoring (via Sentry)

Important: Creating an account is completely optional. You can use the app entirely offline with local storage without providing any personal information.

3. How We Store Your Data

Two Storage Options:

• Local Storage (Default): Data stored only on your device. Private and never leaves your device.
• Cloud Backup (Optional): If you create an account, data is stored in Google Cloud Firestore using encryption in transit and encryption at rest.

Security measures:

• All data encrypted in transit (HTTPS)
• Cloud data protected using Google Cloud encryption at rest
• Access protected by email/password authentication

4. How We Use Your Data

• To provide the journaling experience and save your entries
• To analyze entries using Google Gemini AI for insights and reflections
• To improve the app (using aggregate, anonymized data only)
• To send password reset emails (if requested)

We do NOT sell, rent, or share your data with third parties for marketing purposes.

5. AI-Generated Content Disclaimer

IMPORTANT: This App uses Google Gemini AI to generate insights, reports, and prompts. AI can make mistakes and is not always accurate.

• Verify all AI content: AI-generated insights, reports, and suggestions should be independently verified before relying on them
• Not professional advice: AI content is NOT medical, psychological, therapeutic, or professional advice of any kind
• Interpretation errors: AI may misinterpret context, tone, cultural nuances, or the meaning of your entries
• Your responsibility: You are solely responsible for evaluating and acting on AI-generated content
• Optional feature: You can disable AI analysis in Settings → Insight Frequency → None

6. Third-Party Services

• Firebase (Google): Cloud storage, authentication, and hosting
• Google Gemini AI / Vertex AI: Analyzes journal entries to generate insights (processed securely, not used for AI training)
• RevenueCat: Subscription and purchase management. RevenueCat receives your subscription status, product identifiers, and platform information to verify your access entitlements. RevenueCat does not receive your journal content. See revenuecat.com/privacy.
• Apple App Store / Google Play: Payment processing for in-app subscriptions and purchases. Your payment card details are handled by Apple or Google respectively and are never accessible to us.
• Sentry: Error monitoring and performance tracking (no journal content logged)
• Vercel: Web application hosting
• EmailJS: Sending PIN recovery codes (optional feature)

We do not sell, rent, or share your personal data or journal content with any third party for advertising or marketing purposes.

6a. Subscription & Payment Data

When you make a purchase through the Apple App Store or Google Play, the following data flows occur:

• What Apple / Google Play handles: Your payment method, billing address, and transaction details. We never see or store these.
• What RevenueCat receives: Anonymous or identified user ID, subscription status, product purchased, and device platform. Used solely to verify your access entitlement within the app.
• What we store: Whether your subscription is active (yes/no) and your subscription tier (monthly, annual, or 90-day journey). We do not store full purchase records.

7. Admin Access

If you use cloud backup, project administrators can technically access data for debugging and support purposes. However:

• We do not actively read your journal entries
• Access is only used for legitimate support and technical purposes
• All admin access is logged and monitored

If you prefer complete privacy, use the app without creating an account (local storage only).

8. Your Rights

You have the right to:

• Export: Download all your data as JSON (Menu → Data & Privacy → Download All Data)
• Delete: Permanently delete your account and all data (Menu → Data & Privacy → Delete All Data)
• Access: View all your stored data within the app
• Opt-out: Use the app entirely offline without an account

USA Privacy Rights:

• California (CCPA/CPRA): Right to know, delete, correct, and opt-out
• Virginia, Colorado, Connecticut, Utah: Similar state privacy rights apply
• We do NOT sell your personal information

9. Data Retention

• Data stored as long as your account is active
• Deleted data removed immediately from production database
• Firebase backups retained for up to 30 days, then permanently deleted
• Local storage data can be cleared via device settings

10. Children's Privacy

This app is not intended for children under 18. We do not knowingly collect data from children under 13 (COPPA) or under 18 (our policy).

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes via the app or email (if you have an account).

12. Contact Us

For privacy concerns or questions, please contact us:

• Privacy inquiries: privacy@renew90.app
• General administration: admin@renew90.app

You can also reach us through the app's Contact page in the Menu.