Privacy Policy
David Wills ("Beat Journal", "we", "us", or "our") operates the Beat Journal mobile application (the "App"). This Privacy Policy explains how we collect, use, store, and share your information when you use the App.
1. Information We Collect
1.1 Health & Fitness Data
With your permission, Beat Journal accesses the following categories of health data:
- Sleep: Duration, sleep stages (REM, deep, light, awake), sleep latency, efficiency, and timing
- Activity: Steps, distance, active calories, total calories, exercise minutes, stand hours, flights climbed
- Body: Weight, body mass index, heart rate (resting, walking), heart rate variability, respiratory rate, blood oxygen saturation (SpO2), body temperature deviation
- Mind: Mindful minutes, readiness scores, and state-of-mind entries where available
1.2 Data Sources
Health data is collected from the following sources based on your configuration:
- Apple HealthKit: Reads health data stored on your device with your explicit authorization
- Oura Ring API: Sleep, activity, and recovery data via personal access token you provide
- Hevy API: Workout and training load data via API key you provide
- Apple EventKit: Calendar event counts and meeting duration (no event content or attendee details)
- Apple WeatherKit: Local weather conditions based on your location
1.3 Journal Entries
You may create journal entries within the App. Journal text is composed and stored by you. If iCloud sync is enabled, journal entries are synced via Apple's CloudKit service.
1.4 Location Data
Beat Journal accesses your location only to retrieve local weather data via Apple WeatherKit. Location data is not stored or sold by Beat Journal.
1.5 API Keys
You may provide API credentials for certain third-party data sources, such as Oura and Hevy. Those credentials are stored securely in the iOS Keychain on your device.
2. How We Use Your Information
We use your data solely to:
- Display health and wellness metrics on your dashboard and in your journal
- Generate personalized AI-powered insights and grounded chat responses when you explicitly enable those features and separately consent to AI data sharing
- Sync journal entries across your devices via iCloud when enabled
- Provide weather context for your daily data
We do not use your data for advertising, marketing, or cross-context behavioral profiling. We do not sell your data to third parties.
3. AI Features, Backend Relay, and Data Sharing
3.1 What Happens When AI Features Are Enabled
If you enable AI Insights or grounded chat, Beat Journal keeps retrieval, search, and scope selection on-device. The App then sends a selected evidence pack through Beat Journal servers for AI processing. Depending on the request, that evidence pack may include:
- Selected health, recovery, activity, body, and wellbeing metrics
- Calendar summaries such as meeting counts and total duration
- Relevant journal excerpts and recent reflective context
- Weather context for the selected days
- Prior daily analysis artifacts when needed for weekly/monthly insights or grounded chat
Beat Journal is designed to send selected context for the current request rather than your full raw history by default.
3.2 Beat Journal Server Handling
Beat Journal uses a backend relay for session registration, entitlement-aware AI routing, and inference delivery.
In normal operations:
- Beat Journal does not store raw prompt bodies in server logs
- Beat Journal does not store raw model response bodies in server logs
- Beat Journal may retain limited operational metadata such as installation identifiers, entitlement state, request timing, prompt version, token counts, and error category
3.3 Model Provider Retention
AI requests may be processed by third-party model providers acting on Beat Journal's behalf. Provider retention depends on the active provider and the agreement in effect at that time.
Beat Journal aims to use providers and settings with low-retention and no-training terms when available, but we do not promise zero retention unless a then-current provider agreement expressly provides it.
3.4 Separate Consent
AI data sharing requires separate, explicit consent beyond general data collection consent. You may revoke AI sharing consent at any time in Settings › Privacy & Legal. Revoking consent prevents new AI requests from being sent, but does not automatically erase content already processed before revocation.
4. Data Storage and Security
4.1 On-Device Storage
Most data is stored locally on your device using Apple's SwiftData framework, with GRDB used as a local search sidecar. Retrieval, search, and context assembly for AI features are designed to stay on-device before a selected evidence pack is sent for processing.
4.2 iCloud Sync
Journal entries may be synced via Apple CloudKit when iCloud is enabled on your device. This is governed by Apple's privacy policy and your iCloud terms.
4.3 Security Measures
- API credentials for supported third-party sources are stored in the iOS Keychain
- All network requests use HTTPS/TLS encryption
- Beat Journal's AI backend is intended to act as a thin entitlement and inference relay rather than a system-of-record for your health or journal history
5. Data Retention
- On-device data: Retained until you delete it or delete the App
- iCloud data: Retained per Apple's CloudKit policies until you delete it
- Beat Journal AI relay metadata: May be retained for operational, security, billing, and abuse-prevention purposes
- Raw AI prompt/response bodies: Not logged by Beat Journal servers in normal operations
- Third-party AI provider processing: Retention depends on the active provider and contract in effect at the time of processing
- API credentials: Stored in Keychain until you disconnect the service or delete all data
6. Your Rights
You have the right to:
- Access your data at any time within the App
- Delete all your data through Settings › Privacy & Legal › Delete All My Data
- Withdraw consent for AI data sharing at any time through Settings › Privacy & Legal
- Disconnect any data source at any time through Settings › Data Sources
- Contact us about server-side privacy questions or deletion requests related to Beat Journal-controlled metadata
7. Children's Privacy
Beat Journal is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. Users must confirm they are 13 or older during onboarding.
8. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes that affect how your data is used, we may prompt you to review updated terms and re-consent within the App. The "Last Updated" date at the top of this policy indicates when it was last revised.
9. Contact Us
If you have questions about this Privacy Policy or your data, please contact us at:
Email: support@beatjournal.app
10. State-Specific Disclosures
California (CCPA/CPRA)
Beat Journal does not sell personal information. Beat Journal does not share personal information for cross-context behavioral advertising. If Beat Journal reaches the applicable thresholds under the CCPA, additional rights and disclosures will be provided.
Washington (My Health My Data Act)
Beat Journal collects consumer health data as defined under the Washington My Health My Data Act. A separate Consumer Health Data Policy is available detailing the categories of health data collected, the purposes for collection, and the categories of third parties with whom health data is shared.
Nevada (SB 370)
Beat Journal does not sell covered information as defined by Nevada SB 370.