Privacy Policy
Last updated: November 23, 2025
Introduction
Welcome to Cohesive Journal ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience when using our application.
This Privacy Policy explains how we collect, use, process, and disclose your information across our services. By using Cohesive Journal, you consent to the data practices described in this policy.
Information We Collect
Account Information
When you register for Cohesive Journal, we collect:
- Your email address
- Your username
- Authentication information (password hash or social login information)
User Content
We collect and store the content you create, upload, or receive from others when using our service, including:
- Notes and journal entries
- Tags and categorization information
- Voice recordings
- Images
- Hierarchical relationships between content
Device Information
We collect information about the devices you use to access Cohesive Journal, including:
- Device type and model
- Operating system and version
- Unique device identifiers
- Browser type (for web app users)
Usage Information
We collect information about how you use Cohesive Journal, including:
- Features you use
- Actions you take
- Time, frequency, and duration of your activities
How We Use Your Information
| Purpose | Description |
|---|---|
| Providing our Service | To provide and maintain the Cohesive Journal service, including syncing your content across devices and providing hierarchical organization. |
| Improving our Service | To understand how users interact with our app, identify areas for improvement, and develop new features. |
| AI-Enhanced Features | To provide AI-powered features like hierarchical organization suggestions, tag recommendations, and pattern recognition. |
| Communication | To send service announcements, updates, security alerts, and support messages. |
| Account Management | To create and manage your account, including authentication and billing. |
| Security | To detect, prevent, and address technical issues, security risks, and potentially prohibited activities. |
Required Permissions
Camera Permission
We request camera access to allow you to:
- Take photos and attach them to your notes
- Capture important visual information for your reference
Photos are processed on your device and synced with your account. We do not analyze the content of your photos for advertising or tracking purposes.
Microphone Permission
We request microphone access to enable:
- Voice recording functionality for audio notes
- Audio attachments to text notes
Audio recordings are stored securely and are only accessible to you through your account.
Storage Permission
On mobile devices, we request storage access to:
- Save temporary files during note creation
- Allow you to select and upload images from your device
Data Security
The security of your information is important to us. We implement appropriate security measures to protect your information:
- HTTPS encryption for all data in transit
- Secure JWT authentication for user sessions
- User-specific data filtering to ensure information is only accessible to authorized users
- Regular security audits and updates
While we strive to protect your personal information, no method of internet transmission or electronic storage is 100% secure. We cannot guarantee absolute security.
Third-Party Services
We use the following third-party services to provide and improve our application:
Payment Processing
We use the following payment processors:
- RevenueCat: For managing subscriptions across iOS and Android. RevenueCat processes subscription data and provides analytics. View their privacy policy at revenuecat.com/privacy
- Apple In-App Purchase: For iOS subscriptions. Apple processes payments according to their privacy policy at apple.com/legal/privacy
- Google Play Billing: For Android subscriptions. Google processes payments according to their privacy policy at policies.google.com/privacy
- Stripe: For web-based subscription payments. Stripe processes payment information securely. View their privacy policy at stripe.com/privacy
Authentication Services
We support the following authentication methods:
- Google Sign-In: If you choose to sign in with Google, we receive basic profile information (name, email). Google's privacy policy applies: policies.google.com/privacy
- Sign in with Apple: If you choose to sign in with Apple, we receive basic profile information. Apple's privacy policy applies: apple.com/legal/privacy
Cloud Infrastructure
We use DigitalOcean for hosting our servers. Your data is stored on secure cloud servers with industry-standard encryption. DigitalOcean's privacy policy: digitalocean.com/legal/privacy-policy
AI Services
We use AI services (OpenAI, Anthropic) to provide intelligent features like tag suggestions and insights. Your note content may be processed by these services to generate suggestions. These services do not retain or train on your data. We anonymize data before sending to AI providers when possible.
Data Sharing and Disclosure
We do not sell your personal information. We may share your information only in the following limited situations:
Service Providers
We use trusted third-party service providers (listed above) to help us operate our service. These providers have access to your information only to perform specific tasks on our behalf and are contractually obligated to protect your information and not use it for other purposes.
Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).
Business Transfers
If we are involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.
With Your Consent
We may disclose your personal information for any other purpose with your consent.
Your Rights and Choices
Depending on your location, you may have certain rights regarding your personal information:
- Access: You can request access to the personal information we hold about you.
- Correction: You can request that we correct inaccurate or incomplete information.
- Deletion: You can request that we delete your personal information.
- Data Portability: You may have the right to receive your personal information in a structured, commonly used, and machine-readable format.
- Withdraw Consent: If we process your information based on consent, you have the right to withdraw that consent at any time.
To exercise these rights, please contact us using the information provided at the end of this policy.
Children's Privacy
Our service is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will promptly delete that information.
International Data Transfers
Your information may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside the United States and choose to provide information to us, please note that we transfer the information, including personal information, to the United States and process it there.
Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at:
Email: privacy@cohesivejournal.com