Privacy Policy

1. What information do we collect?

We collect information you provide when you sign up or contact us. This includes your email address and basic account information.

Important: We do not collect your journal entries. All journal entries are stored locally on your device, encrypted with AES-256. Your entries are yours—stored on your device first, with optional secure sync to Firebase when you're signed in. We never read, analyze, or collect your personal thoughts.

2. How do we use your information?

• To provide and improve the app
• To personalize your experience
• To send password reset or important notifications

3. Do we share your data?

No. Your data is private and never sold or shared with third parties, except as required by law.

4. How do we protect your data?

We use encryption, secure servers, and best practices to keep your data safe.

Native Mobile Security:

• All journal entries encrypted at rest (AES-256) and stored locally on your device
• Encryption keys stored in your device's secure keychain/keystore (hardware-level protection)
• Works offline — your entries are always available locally, even without internet
• Data syncs securely to Firebase only when you're signed in and connected
• Your device's built-in security features provide additional protection

5. Your rights

You can request deletion of your account and data at any time by contacting us.

6. Cookies & Analytics

Landing Page (This Website): We use cookies and similar technologies on this landing page to understand how visitors use the site and to improve your experience. For example, we use PostHog to collect anonymous usage analytics. You can control cookies through your browser settings. By using this site, you consent to our use of cookies as described in this policy.

Native Mobile App: The SoulFrame iOS and Android app does not use traditional cookies. We use PostHog for anonymous usage analytics within the app to help us improve the user experience. This data is collected anonymously and does not identify individual users.

7. Security

We take your privacy and data security seriously. For the native mobile app:

• Local-First Architecture: All journal entries are encrypted and stored locally on your iOS or Android device first. Your data never leaves your device unencrypted.
• Encrypted Transmission: When you enable cloud backup, all data transmitted between your device and our servers is encrypted using TLS/HTTPS.
• Secure Authentication: Passwords are securely hashed before storage and are never stored in plain text. We use Firebase Authentication for secure login.
• Cloud Storage: If you enable cloud backup, your encrypted data is stored in Firebase, which provides encryption at rest as an additional layer of protection.
• Regular Updates: We regularly review our security practices and deliver security updates through the App Store and Google Play Store.

SoulFrame is registered with the Information Commissioner's Office (ICO) in the UK, demonstrating our commitment to data protection and compliance with UK data protection regulations.

8. Contact

For questions or requests, email: hello@soulframe.tech