Privacy Policy

Last updated: March 2, 2026

1. Introduction

Saving Thoughts ("we," "our," or "us") operates the Saving Thoughts voice journaling application and website at savingthoughts.app. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our services.

By using Saving Thoughts, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this policy, please do not use our services.

2. Information We Collect

We collect the following types of information:

  • Account data: Email address and name, provided during registration
  • Diary entries: Text content, audio recordings, and photo attachments — all encrypted at rest with AES-256
  • Transcriptions: AI-generated text from your audio recordings — encrypted at rest
  • Metadata: Entry timestamps, timezone, mood selections, and tags you create
  • Location data: GPS coordinates and location name, only when you explicitly enable geo-stamping in Settings
  • Device information: Device tokens for push notification delivery
  • Usage data: Aggregate analytics (entry counts, feature usage) — never the content of your entries

3. How We Use Your Information

Your information is used exclusively to provide and improve the Saving Thoughts service:

  • Journaling service: Store, display, and sync your diary entries across devices
  • AI transcription: Audio recordings are sent to OpenAI's Whisper API for speech-to-text conversion. OpenAI does not retain your audio data and does not use it for model training under our data processing agreement.
  • AI daily summaries: Entry text is sent to OpenAI for summarization when this feature is enabled. The same data processing protections apply.
  • Semantic search: Entry content is converted to vector embeddings and stored in our Redis database to enable meaning-based search
  • Notifications: Send push notifications and daily summary emails when enabled
  • Payment processing: Subscription management through Stripe (we do not store your payment card details)

4. Data Encryption & Security

We take the security of your personal thoughts seriously:

  • Encryption at rest: All diary entries, transcriptions, and daily summaries are encrypted with AES-256 before storage in our database. Even in the event of a database breach, your content would be unreadable.
  • Encryption in transit: All data transmitted between your device and our servers is protected with HTTPS/TLS 1.2 or greater
  • HSTS with preload: Our servers enforce strict transport security, ensuring connections are always encrypted
  • Access controls: Database access is restricted to essential services. Our team cannot read the content of your entries.
  • Infrastructure: Our servers are hosted on DigitalOcean with industry-standard physical and network security

5. Data Sharing

We do not sell your personal data. We do not share your data with advertising networks. We do not use your data for targeted advertising.

We share data only with the following third-party processors, solely to provide the service:

  • OpenAI: Audio data for transcription and entry text for daily summaries. OpenAI operates under a data processing agreement that prohibits them from using your data for model training.
  • Stripe: Payment processing for subscriptions. Stripe handles all payment card data — we never see or store your card number.
  • DigitalOcean: Cloud infrastructure hosting for our servers and database

6. Data Retention & Deletion

  • Your data is retained for as long as your account is active
  • You can export all your data at any time in JSON or text format through the app's Export feature
  • Deleting your account permanently removes all entries, transcriptions, media, tags, and personal data from our systems
  • Soft-deleted entries (moved to trash) are permanently removed after 30 days
  • Backup data is purged within 30 days of account deletion

7. Your Rights

You have the following rights regarding your data:

  • Access: View all your data within the app at any time
  • Export: Download all your data in JSON or text format
  • Delete: Permanently delete your account and all associated data
  • Control: Disable GPS tracking, AI transcription, and daily summaries independently in Settings
  • Cancel: Cancel your subscription at any time without losing access to your data

To exercise any of these rights, use the Settings page in the app or contact us at privacy@savingthoughts.app.

8. Cookies & Local Storage

  • Authentication cookies: Session cookies to keep you logged in
  • Local storage: Settings preferences and offline entry cache stored on your device
  • No tracking cookies: We do not use third-party tracking cookies, analytics pixels, or advertising scripts

9. Children's Privacy

Saving Thoughts is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly. If you believe a child under 13 has provided us with personal information, please contact us at privacy@savingthoughts.app.

10. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify you via email at the address associated with your account at least 14 days before the changes take effect. The "Last updated" date at the top of this page indicates when the policy was last revised.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Email: privacy@savingthoughts.app

Website: savingthoughts.app