← Back to Home

Privacy Policy

Last Updated: October 21, 2025

Introduction

At Clarity Journal, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mental health journaling application. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

🛡️ Our Privacy-First Approach

Your mental health data is among the most sensitive information you can share. We’ve built Clarity Journal with privacy at its core:

✓ Automatic PII Protection

Personal information is automatically anonymized before being sent to AI services

✓ Complete Data Control

Export all your data or delete your account at any time through your Settings page

✓ Multi-Layer Encryption

Your data is encrypted in transit (HTTPS/TLS) and at rest (AES-256-GCM)

✓ No Data Selling

We never sell your data to third parties. Your journal entries are yours alone.

Information We Collect

We collect information that you provide directly to us, as well as information from our reseller, Paddle.

Information You Provide to Clarity Journal:

  • Account Information: Email address and password when you create an account.
  • Journal Entries: The thoughts, feelings, and ideas you record in the app.
  • Profile Data: Any optional information you choose to provide.

Information Collected by Our Reseller (Paddle):

All purchases and subscriptions for Clarity Journal are processed by our third-party reseller and Merchant of Record, Paddle.com.

  • When you subscribe, you will provide payment and billing information (like your credit card details and billing address) directly to Paddle.
  • Clarity Journal does not collect, receive, or store your full payment information. We only receive information from Paddle necessary to activate and manage your account, such as confirmation of your subscription and your email address.
  • Paddle’s use of your personal information is governed by its own privacy policy, which you can review here: Paddle Privacy Policy

Automatically Collected Information (by Clarity Journal):

  • Usage Data: How you interact with the app, features used, time spent.
  • Device Information: Browser type, operating system, IP address.
  • Session Data: Authentication tokens and session identifiers.

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services.
  • Verify and manage your subscription status via our reseller, Paddle.
  • Process your journal entries and generate AI insights (with your consent).
  • Send you technical notices, updates, and support messages.
  • Respond to your comments and questions.
  • Protect against fraudulent or illegal activity.
  • Comply with legal obligations.

🔒 AI Features & Third-Party Sharing

We limit the sharing of your personal data to the specific third parties required to provide our service.

1. AI Feature Processing (OpenAI):

Important: When you use AI-powered features (insights and reflections), your journal entry text is sent to OpenAI for processing.

Privacy Protection: Automatic PII Anonymization

Before your data is sent to OpenAI, we automatically anonymize any personally identifiable information (PII) to protect your privacy:

  • Email addresses → [EMAIL]
  • Phone numbers → [PHONE]
  • Names → [NAME]
  • ...and other identifiers.

How AI Processing Works:

  • Your journal text is anonymized before transmission to OpenAI’s servers.
  • OpenAI processes the anonymized data according to their privacy policy.
  • We use OpenAI’s API, which does not use your data for model training (as per their business tier policy).
  • AI-generated insights are stored with your original (non-anonymized) entries in your private account.

2. Sales and Subscription Processing (Paddle):

As mentioned, Paddle.com is our Merchant of Record and handles all subscription billing.

  • To manage your account, we must share necessary information (such as your account email) with Paddle to validate purchases and manage your subscription lifecycle.
  • Paddle collects your payment and billing information directly from you.

We do not share your data with any other third parties for marketing or advertising purposes.

Data Security

We implement multiple layers of security to protect your personal information:

  • Encryption in Transit: All data transmitted between your device and our servers is encrypted using HTTPS/TLS.
  • Encryption at Rest: Sensitive data can be encrypted in the database using AES-256-GCM encryption.
  • Password Security: Passwords are hashed using industry-standard bcrypt.
  • PII Anonymization: Personal information is automatically anonymized before being sent to third-party AI services.
  • Access Controls: Strict authentication and authorization checks ensure only you can access your data.
  • Data Isolation: All database queries are filtered by user ID to prevent unauthorized access to other users’ data.
  • Database Security: Our database is hosted on secure servers with restricted access and proper backup procedures.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

Your Privacy Rights

You have the following rights regarding your personal data:

  • Access: View all your personal data through your account dashboard
  • Correction: Edit or delete individual journal entries at any time
  • Deletion: Permanently delete your account and all associated data through the Settings page
  • Data Portability: Export all your data in JSON format through the Settings page (includes entries, reflections, and statistics)
  • Privacy Protection: Automatic PII anonymization when using AI features

🎯 Self-Service Privacy Tools

Most privacy rights can be exercised directly through your account:

  • Settings Page: Export your data or delete your account
  • Dashboard: View, edit, or delete individual entries
  • Automatic Protection: PII anonymization happens automatically

For any other privacy-related requests or questions, please contact us at support@myclarityjournal.app

Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services.

Account Deletion: If you delete your account through the Settings page, we will immediately and permanently delete all your personal data, including:

  • All journal entries and AI insights
  • All daily reflections and clarity scores
  • Your account credentials and profile information
  • All associated statistics and progress data

This deletion is permanent and cannot be undone. We recommend exporting your data before deleting your account. We may retain certain information only where required for legal compliance, dispute resolution, or fraud prevention.

Children’s Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date. You are advised to review this Privacy Policy periodically for any changes.

Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

Email: support@myclarityjournal.app

💡 For California Residents (CCPA)

California residents have specific rights regarding their personal information under the California Consumer Privacy Act (CCPA). You have the right to request disclosure of the categories and specific pieces of personal information we have collected, the right to request deletion of your personal information, and the right to opt-out of the sale of personal information (note: we do not sell personal information).

🇪🇺 For EU/EEA Residents (GDPR)

If you are located in the European Union or European Economic Area, you have specific rights under the General Data Protection Regulation (GDPR). This includes the right to access, rectify, erase, restrict processing, object to processing, and data portability. You also have the right to lodge a complaint with a supervisory authority.