Privacy Policy

Overview

MyThoughts ("we", "us", "our") respects your privacy. This policy explains how we collect, use, and protect your data.

What We Collect

• Account data: email address and display name (via Google Sign-In).
• Content you create: journal entries, to-dos, goals, voice recordings, and scanned notes.
• Device metadata: device ID, platform, and app version for sync and debugging.
• Usage analytics: anonymous event counts (no PII). We use Cloudflare Web Analytics or similar cookie-free tools.

How We Use Your Data

• To provide and sync your content across devices.
• To authenticate your identity.
• To improve the product through anonymous, aggregated analytics.

Vault & Encryption

Content marked as Vault is end-to-end encrypted on your device before transmission. We cannot read Vault content. If you lose your recovery key, Vault data is unrecoverable.

Data Storage

• Your data is stored on servers within the EU/US (depending on your region).
• Standard and Private entries are encrypted at rest on the server.
• Vault entries are encrypted on your device; the server stores only ciphertext.

Data Sharing

We never sell your data. We share data only:

• When required by law.
• With infrastructure providers (hosting, database) under strict data processing agreements.

Your Rights

• Export: you can export all your data at any time.
• Delete: you can delete your account and all associated data.
• Access: you can request a copy of all data we hold about you.

Contact us at privacy@mythoughts.app to exercise these rights.

Cookies

The marketing site uses no tracking cookies. The web app uses only essential session storage (localStorage / IndexedDB) for authentication and offline-first functionality.

Changes

We will notify you of material changes via email or in-app notice. Continued use after changes constitutes acceptance.

Contact

For privacy inquiries: privacy@mythoughts.app