ALY Back to home
Legal

Privacy Policy

Last updated: June 1, 2026

1. Scope

ALY is a personal wellness journaling app. This Privacy Policy explains what we collect, how we use it, who processes it, and the choices available to you.

For privacy questions, data requests, or deletion requests, contact privacy@alyself.com.

2. Data We Collect

  • Account and profile data such as name, email, user ID, and authentication details.
  • Journal and reflection data including check-ins, mood inputs, entries, intentions, responses, and AI-generated insights linked to your account.
  • Optional voice data including recordings and transcripts.
  • Optional health and fitness data, if you grant permission, such as sleep duration and sleep timing, heart rate variability (HRV), step count, the local date represented by step data, capture timestamps, and whether the data came from Apple Health or another supported health platform.
  • Product interaction data such as reminders, streaks, timestamps, and feature usage required to run the service.
  • Technical and diagnostics data including crash logs, error reports, device information, and analytics events.
  • Subscription data such as entitlement status, renewal state, and restore-purchase events.
  • Referral program data such as referral links or identifiers, referral attribution, referred account status, onboarding completion status, reward eligibility, and promotional access granted to your account.

3. How We Use Data

  • Provide and personalize journaling, check-ins, reminders, and progress features.
  • Generate AI-assisted reflections, summaries, reframes, and transcripts when you use AI features.
  • Use optional health context to make check-ins, weekly pulse reports, and personalized insights more grounded in recent sleep, HRV, and step patterns, and to understand health-feature performance and reliability. Health context is for wellness reflection only and is not medical advice, diagnosis, or treatment.
  • Maintain app performance, diagnose errors, prevent abuse, and protect service integrity.
  • Support subscription access, restore purchases, and entitlement syncing.
  • Administer referral offers, verify whether referral conditions were met, apply promotional free months, and prevent abuse or fraud.

4. Third-Party Processing

We do not sell your personal data or use cross-app advertising tracking. We use trusted processors to operate ALY, including:

  • Supabase for authentication, database, storage, and server-side functions, including storage and processing of app data and optional health snapshots when you enable those features.
  • OpenAI API for AI-generated insights and optional Whisper transcription. When you ask ALY to generate an insight that uses health context, limited sleep, HRV, and step context may be sent to OpenAI as part of that request.
  • PostHog for product analytics.
  • Sentry for crash and error monitoring.
  • RevenueCat and app-store billing platforms for subscription, promotional access, and purchase processing.

OpenAI processes data under its API terms and privacy commitments. Under OpenAI’s API policy defaults, API data is not used to train OpenAI models unless explicitly opted in.

We do not sell health data, use it for cross-app tracking, or use it for advertising.

OpenAI Privacy Policy: openai.com/policies/privacy-policy

5. Retention and Deletion

We keep data only as long as needed to provide ALY and meet legal obligations. You can request deletion at any time.

  • Journal content, check-ins, reflections, insights, and transcripts are retained while your account remains active unless deleted earlier.
  • Optional voice recordings may be stored to support playback, transcription, and recovery of in-progress drafts until deleted or removed during account deletion.
  • Optional health snapshots are retained while your account remains active to support check-ins, weekly pulse reports, and related insights unless deleted earlier or removed during account deletion.
  • In-app account deletion removes your account and associated data, including entries, check-ins, insights, recordings, and stored health snapshots.
  • If deletion is not immediate, we complete it as quickly as operationally possible.
  • Referral-program records may be retained for as long as reasonably needed to administer rewards, prevent abuse, resolve disputes, and meet legal or accounting obligations.

6. Security

We use technical and organizational safeguards designed to protect your information, including authenticated access controls and encrypted transport where supported.

7. Children’s Privacy

ALY is not intended for children under 13, and we do not knowingly collect personal data from children under 13.

8. Your Choices and Controls

  • You can manage device permissions such as microphone, notifications, calendar access, and Apple Health access in system settings.
  • Voice input is optional, and ALY remains usable with text input.
  • Apple Health access is optional. You can revoke ALY’s access to sleep, HRV, or steps at any time in the Health app or iOS Settings. If health access is disabled, ALY remains usable without health-based context.
  • You can request access to, correction of, or deletion of your account data by contacting privacy@alyself.com.

9. Policy Updates and Contact

We may update this Privacy Policy as ALY evolves. Material changes will be reflected by updating the date above.

Read our Terms of Service here: /terms

Privacy questions or deletion requests: privacy@alyself.com

ALY uses your data only to deliver your personal journaling experience, including optional Apple Health context when enabled, with transparent processing partners.