Record Reflect Recover

Privacy Policy

Last Updated:

1. Introduction

This Privacy Policy describes how Record Reflect Recover ("we," "us," or "our") collects, uses, and protects information when you use our mobile application ("App"), website located at recordreflectrecover.com ("Website"), and related services (collectively, the "Service").

Who We Are: Record Reflect Recover is operated by a solo developer. We are committed to protecting your privacy and being transparent about our data practices. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

What This Policy Covers: This Privacy Policy applies to all information collected through the Service, including information collected on the Website and through the App. It does not apply to information collected offline or through other means, or to information collected by third parties that may link to or be accessible from the Service.

Your Consent: By using the Service, you consent to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.

Privacy-First Architecture:

Record Reflect Recover is designed with privacy as a core principle. Your journal entries, reflections, and personal content are stored locally on your device and are never transmitted to our servers or accessed by us. We do not require account creation, and your personal journaling data remains private and secure on your device.

2. Data Collected

We collect different types of information depending on how you interact with the Service. We have designed the Service to minimize data collection while providing functionality and improving the user experience.

2.1 Personal Data

Email Addresses: If you choose to join our waitlist or contact us, we may collect your email address. This information is collected through:

  • MailerLite waitlist signup forms on the Website
  • Direct email communications to recordreflectrecover@protonmail.com

Journal Content: Your journal entries, reflections, and other content you create within the App are stored locally on your device. We do not collect, access, or transmit this content to our servers or any third parties. This data remains on your device and is encrypted at rest.

Contact Information: If you contact us via email, we may collect your name, email address, and any other information you choose to provide in your communication.

2.2 Non-Personal / Usage Data

We collect certain non-personal information automatically when you use the Service:

  • Website Analytics: When you visit the Website, we use Google Analytics to collect information such as:
    • Pages visited and time spent on pages
    • Referring websites or search terms
    • Browser type and version
    • Device type (mobile, tablet, desktop)
    • Operating system
    • IP address (anonymized by Google Analytics)
    • General geographic location (non-precise)
  • App Analytics: When you use the App, we use Google Analytics to collect information such as:
    • App version and platform (iOS/Android)
    • Device model and operating system version
    • App usage patterns (features used, session duration)
    • Crash reports and error logs
    • General geographic location (country level, not precise)
  • Cookies and Similar Technologies: The Website uses cookies and similar tracking technologies to collect usage data. You can control cookies through your browser settings.

Important: Analytics data is aggregated and anonymized. We do not use analytics to identify individual users or link analytics data to your journal entries or personal content.

2.3 Third-Party Collection

The following third-party services collect information as part of providing their services:

  • Google Analytics: Collects website and app usage analytics as described above. Google's collection and use of information is governed by Google's Privacy Policy.
  • MailerLite: Collects email addresses and related information when you sign up for our waitlist. MailerLite's collection and use of information is governed by MailerLite's Privacy Policy.

3. Purpose of Collection

We collect and use information for the following purposes:

3.1 App Functionality

  • To provide, maintain, and improve the Service
  • To enable core features such as journaling, reflection reminders, and progress tracking
  • To ensure your data is stored securely on your device

3.2 Improvement and Analytics

  • To understand how users interact with the Service
  • To identify and fix bugs, errors, and performance issues
  • To improve user experience and develop new features
  • To analyze usage patterns and trends (in aggregated, anonymized form)

3.3 Security

  • To detect, prevent, and address technical issues and security threats
  • To monitor for fraudulent or harmful activity
  • To ensure the integrity and security of the Service

3.4 Optional Communications

  • To send you updates about the Service (if you've opted in to our waitlist)
  • To respond to your inquiries and provide customer support
  • To notify you about important changes to the Service or this Privacy Policy

3.5 Lawful Basis (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data based on the following lawful bases:

  • Consent: When you provide your email address for the waitlist or contact us, we process this data based on your consent, which you can withdraw at any time.
  • Legitimate Interests: We process analytics and usage data based on our legitimate interest in improving the Service, ensuring security, and understanding user needs. We have balanced these interests against your privacy rights.
  • Legal Obligation: We may process data to comply with legal obligations, such as responding to legal requests or protecting our rights.

4. How Data Is Used

We use the information we collect as follows:

4.1 Internal Use

  • To operate, maintain, and provide the features and functionality of the Service
  • To process and respond to your inquiries and requests
  • To send administrative information, such as updates to our Terms of Use or Privacy Policy
  • To monitor and analyze usage patterns and trends to improve the Service

4.2 Improvement and Error Monitoring

  • To identify and fix bugs, crashes, and performance issues
  • To develop new features and improve existing functionality
  • To understand which features are most useful to users
  • To optimize the Service for different devices and platforms

4.3 Optional User Communication

  • To send you updates about the Service, new features, or beta access (only if you've opted in to our waitlist)
  • To respond to your support requests or questions
  • To send important notices about the Service

You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly.

5. Data Sharing

We are committed to protecting your privacy and do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5.1 Third-Party Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Google Analytics: We share website and app usage analytics with Google Analytics to help us understand how users interact with the Service. Google Analytics processes this data according to Google's Privacy Policy.
  • MailerLite: We share email addresses with MailerLite to manage our waitlist and send email communications. MailerLite processes this data according to MailerLite's Privacy Policy.

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency). We may also disclose information if we believe it is necessary to:

  • Comply with legal obligations
  • Protect and defend our rights or property
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of users of the Service or the public
  • Protect against legal liability

5.3 Business Transfers

If we are involved in a merger, acquisition, or asset sale, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different Privacy Policy.

5.4 No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We do not share your journal entries, reflections, or personal content with any third parties, as this data is stored locally on your device and never transmitted to our servers.

6. Data Protection & Security

We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction.

6.1 Encryption

  • Local Storage: Your journal entries and reflections stored on your device are encrypted at rest using industry-standard encryption methods.
  • Transmission: Data transmitted between your device and our servers (for analytics and communications) is encrypted using HTTPS/TLS protocols.

6.2 Access Safeguards

  • We limit access to personal information to those employees, contractors, and service providers who need to know that information to process it on our behalf
  • We require all service providers to maintain appropriate security measures
  • We regularly review our data collection, storage, and processing practices

6.3 Your Role in Security

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. You are responsible for:

  • Maintaining the security of your device (using passcodes, biometric authentication, etc.)
  • Keeping your device's operating system and the App updated
  • Backing up your data if you wish to preserve it
  • Not sharing your device with unauthorized individuals

Important: We are not responsible for data loss due to device failure, loss, theft, damage, or user error. Your journal entries and reflections are stored locally on your device, and you are responsible for backing them up if desired.

7. User Rights

Depending on your location, you may have certain rights regarding your personal information. We are committed to honoring these rights.

7.1 Rights Under GDPR (European Economic Area & UK)

If you are located in the EEA or UK, you have the following rights:

  • Right of Access: You can request a copy of the personal information we hold about you.
  • Right to Rectification: You can request that we correct any inaccurate or incomplete information.
  • Right to Erasure ("Right to be Forgotten"): You can request that we delete your personal information, subject to certain exceptions.
  • Right to Restrict Processing: You can request that we limit how we use your personal information.
  • Right to Data Portability: You can request a copy of your personal information in a structured, machine-readable format.
  • Right to Object: You can object to our processing of your personal information for certain purposes, such as direct marketing.
  • Right to Withdraw Consent: If we process your data based on consent, you can withdraw that consent at any time.

7.2 Rights Under CCPA/CPRA (California)

If you are a California resident, you have the following rights:

  • Right to Know: You can request information about the categories and specific pieces of personal information we collect, use, and disclose.
  • Right to Delete: You can request that we delete your personal information, subject to certain exceptions.
  • Right to Opt-Out: You can opt out of the "sale" or "sharing" of your personal information (though we do not sell personal information).
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
  • Right to Correct: You can request that we correct inaccurate personal information.

7.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at recordreflectrecover@protonmail.com with:

  • Your name and email address
  • A clear description of the right you wish to exercise
  • Any additional information that may help us process your request

We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing certain requests.

Note: For journal entries and reflections stored locally on your device, you can delete this data directly through the App. We do not have access to this data and cannot delete it on your behalf.

8. Data Retention

We retain different types of information for different periods:

8.1 Email Addresses and Contact Information

  • We retain email addresses collected through the waitlist until you unsubscribe or request deletion
  • We retain email communications for as long as necessary to respond to your inquiry and for a reasonable period thereafter for record-keeping purposes

8.2 Analytics Data

  • Google Analytics retains data according to Google's data retention policies (typically 14-26 months)
  • We may retain aggregated, anonymized analytics data indefinitely for business analysis purposes

8.3 Journal Entries and Reflections

Your journal entries and reflections are stored locally on your device and are retained until you delete them or uninstall the App. We do not retain copies of this data on our servers.

8.4 Deletion

You can request deletion of your personal information at any time by contacting us. Upon receiving a valid deletion request, we will delete your personal information within 30 days, except where we are required to retain it for legal or legitimate business purposes.

9. International Transfers

The Service is operated from the United States. If you are located outside the United States, please be aware that information we collect may be transferred to, stored, and processed in the United States and other countries where our service providers operate.

By using the Service, you consent to the transfer of your information to the United States and other countries, which may have different data protection laws than your country of residence.

For EEA/UK Users: When we transfer your personal data outside the EEA or UK, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Service providers certified under appropriate data protection frameworks (e.g., EU-U.S. Data Privacy Framework)

Important: Your journal entries and reflections are stored locally on your device and are not transferred internationally, as we do not collect or transmit this data.

10. Children's Privacy

The Service is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.

If you are under 18, you may only use the Service with the consent and supervision of a parent or legal guardian who agrees to be bound by our Terms of Use and this Privacy Policy on your behalf.

COPPA Compliance: We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated Privacy Policy on the Website with a new "Last Updated" date
  • Providing in-app notification if you have the App installed
  • Sending an email notification to the email address we have on file (for material changes only)

Effective Date: Changes will become effective immediately upon posting, except for material changes which will become effective 30 days after posting.

Your Continued Use: Your continued use of the Service after changes become effective constitutes your acceptance of the updated Privacy Policy. If you do not agree to the updated Privacy Policy, you must stop using the Service.

Your Responsibility: You are responsible for reviewing this Privacy Policy periodically to stay informed of any updates. The "Last Updated" date at the top of this page indicates when this Privacy Policy was last revised.

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: recordreflectrecover@protonmail.com
Website: https://recordreflectrecover.com

We will attempt to respond to your inquiry within a reasonable timeframe, typically within 30 days.

Data Protection Officer: As a small operation, we do not have a dedicated Data Protection Officer. Please direct all privacy-related inquiries to the email address above.

Last Updated: