Privacy Policy for Jorna

JORNA PTY LTD ("Jorna," "we," "us," or "our") provides the Jorna mobile application, website, and related services. This Privacy Policy explains what personal data we collect, how we use it, how we share it, how we protect it, and the choices and rights you may have.

Please read this Privacy Policy carefully. By using Jorna, you acknowledge that your personal data will be handled as described in this Privacy Policy.

1. Scope

This Privacy Policy applies to the Jorna iOS app, website, and related backend services.

This Privacy Policy does not apply to third-party websites, apps, platforms, or services that we do not own or control, even if they are linked from Jorna.

3. Data We Collect

Depending on how you use Jorna, we may collect the following categories of personal data.

3.1 Account and Profile Data

We may collect account and profile information, including:

• Account identifiers, such as your Firebase Authentication user ID
• Email address
• Display name, username, profile photo, or other profile details you choose to provide
• Subscription status, purchase status, and entitlement information
• Account settings, preferences, and consent records

3.2 Journal, Reflection, and Conversation Data

Jorna is designed to help users journal, reflect, and receive personalized insights. We may collect and process:

• Journal entries and reflection content
• Conversation transcripts
• AI-generated summaries, insights, reflections, and related outputs
• Persona, memory, preference, and context data used to personalize future sessions
• Metadata related to journaling sessions, such as timestamps, app interaction context, and feature usage

Journal entries and transcripts are intended to be protected using application-level encryption. However, related outputs and derived data, such as summaries, persona/context files, or service metadata, may be stored or processed separately and may not always have the same technical protections as the original journal entry or transcript.

3.3 Voice and Audio Data

If you use voice journaling or speech features, we may collect and process:

• Microphone input
• Audio recordings, audio snippets, or voice conversation data
• Transcripts generated from voice input
• Voice conversation metadata needed to provide speech and voice-agent features

Voice/audio data may be processed and stored by third-party voice providers, including ElevenLabs, to deliver voice-agent, speech, and audio features. Retention of audio data may depend on the relevant feature, provider, account configuration, technical requirements, and legal obligations.

3.4 Goal, Habit, and Wellness Data

If you use goals, habits, wellness, or progress features, we may collect:

• Goals, habits, progress logs, check-ins, and related metadata
• Wellness-related information you choose to provide
• Apple Health / HealthKit data that you explicitly authorize Jorna to access, such as steps, activity, or related wellness signals supported by the app

HealthKit data is accessed only with your permission and is used to provide wellness-related features in Jorna. We do not use HealthKit data for advertising or marketing, and we do not sell HealthKit data.

3.5 Social Data

If you use social or sharing features, we may collect:

• Friend requests and friend connections
• Posts, comments, reactions, and other interactions you choose to share
• Contact discovery data, such as hashed email matching for contacts-based friend discovery, where enabled
• Social graph information needed to operate friend, sharing, and interaction features

Content you choose to share with other users may be visible to those users according to the feature you use and your settings.

3.6 Contacts Data

If you grant contacts permission, Jorna may access contact information to help you find friends or connections. We may use privacy-protective matching methods, such as hashing contact email addresses, where technically feasible.

We do not sell your contacts. You can disable contacts access at any time in iOS Settings.

3.7 Location Context Data

If you grant location permission, we may collect approximate or precise location signals and derived location display fields to provide context in summaries, reflections, or related app features.

You can disable location permissions at any time in iOS Settings. Some features may not work properly if location access is disabled.

3.8 Device, Usage, Analytics, and Diagnostics Data

We may collect information about how Jorna is used and how it performs, including:

• App events and feature usage
• Performance metrics
• Crash logs and diagnostic information
• Device information, such as device type, operating system version, app version, language settings, and general region
• Push notification tokens
• Anonymous or pseudonymous analytics identifiers

We use analytics tools such as Mixpanel and crash reporting tools such as Firebase Crashlytics and Apple diagnostics. Analytics may be anonymous, pseudonymous, or linked to a user account depending on the feature, configuration, and purpose.

3.9 Media Data

If you choose to upload, attach, or share photos or other media, we may collect and process that content to provide the requested feature.

3.10 Communications and Support Data

If you contact us, we may collect:

• Your name, email address, and contact details
• The content of your message
• Information needed to investigate, debug, or resolve your request
• Support history and related metadata

4. How We Use Data

We use personal data to:

• Provide, operate, maintain, and improve Jorna
• Authenticate users and secure accounts
• Deliver voice journaling, transcription, reflection, summary, and personalization features
• Generate insights, summaries, and context for future sessions
• Support goals, habits, wellness-related features, and progress tracking
• Enable social features, friend discovery, and content sharing when you choose to use them
• Process subscriptions, purchases, entitlements, and paywall experiences
• Send notifications, reminders, service messages, support responses, and, where permitted, product or marketing communications
• Measure app performance, usage, reliability, and feature effectiveness
• Debug errors, fix bugs, and improve user experience
• Detect, prevent, and address abuse, fraud, security incidents, or technical issues
• Enforce our terms, protect our rights, and comply with legal obligations

5. AI, Voice, and Model Improvement

Jorna uses artificial intelligence and voice technology to provide features such as voice journaling, conversation, transcription, reflection, summaries, insights, and personalization.

To provide these features, Jorna may process user content, including audio input, transcripts, journal entries, summaries, goals, habits, wellness context, location context, and personalization context, through third-party AI and voice service providers, including ElevenLabs and Anthropic.

These providers process data to help us deliver the requested app features. We do not sell your journal entries, audio, transcripts, summaries, or personal reflections.

We may use aggregated, de-identified, anonymized, or otherwise privacy-protected data to analyze, develop, improve, evaluate, or train Jorna features, including AI-related features. We do not intend to use identifiable private journal content for model training without appropriate safeguards and, where required by law or platform rules, consent.

If we introduce new uses of personal data for AI training or model improvement that materially change how your data is handled, we will update this Privacy Policy and provide additional notice or choices where required.

6. Human Access to User Data

Jorna is designed so that certain sensitive content, such as journal entries and transcripts, is protected using application-level encryption and is not normally readable by our team in plain text.

However, no system should be understood as preventing all access to all related user information. Authorized personnel, systems, or service providers may be able to access certain data where necessary to operate, maintain, secure, or support Jorna. This may include:

• Account and profile information
• Subscription and entitlement information
• Persona/context files or personalization facts
• Summaries or derived content
• Audio or voice data stored or processed by voice providers
• Usage, diagnostics, and analytics information
• Support-related information provided by you

We limit access to personal data to personnel and service providers who need it for legitimate business, support, operational, security, or legal purposes.

7. Legal Bases for Processing in the EEA and UK

If you are located in the European Economic Area or the United Kingdom, we generally process personal data under one or more of the following legal bases:

• Performance of a contract: to provide the Jorna services you request
• Legitimate interests: to improve the service, maintain security, prevent fraud, debug issues, understand app performance, and operate our business
• Consent: for permissions-based features such as microphone, contacts, HealthKit, photos, location, notifications, and certain marketing or AI-related uses where applicable
• Legal obligations: to comply with applicable laws, regulations, legal processes, or enforceable requests

Where processing is based on consent, you may withdraw that consent through the app, your device settings, unsubscribe options, or by contacting us, depending on the feature.

8. Third-Party Processors and Services

We use third-party service providers to operate, secure, analyze, and improve Jorna. These providers may process personal data on our behalf or as otherwise described by their own terms and privacy policies.

Service providers may include:

• Google Firebase / Google Cloud: authentication, database, cloud functions, storage, messaging, analytics, crash reporting, and related backend services
• ElevenLabs: voice conversation, speech, audio processing, and related voice-agent features
• Anthropic: large language model processing for summaries, reflections, context, and personalization features
• Mixpanel: product analytics and usage measurement
• Superwall: paywall and subscription experience management
• Apple services: App Store subscriptions, in-app purchases, Apple Health / HealthKit when enabled, notifications, Apple diagnostics, and other iOS platform services

We require service providers to process personal data only as needed to provide their services to us and subject to appropriate confidentiality, security, and data protection obligations where applicable.

9. Sharing of Data

We do not sell personal data.

We may share personal data:

• With service providers that help us operate, secure, analyze, and improve Jorna
• With AI and voice processing providers to provide requested journaling, transcription, reflection, and personalization features
• With other users, but only when you choose to share content through social or sharing features
• With Apple or payment-related services as needed to process subscriptions, purchases, refunds, and entitlements
• With professional advisers, insurers, auditors, lawyers, or consultants where necessary for business, legal, compliance, or risk-management purposes
• If required by law, regulation, legal process, court order, subpoena, or government request
• To protect the rights, safety, property, or security of Jorna, our users, or others
• To investigate or prevent fraud, abuse, security threats, or technical issues
• In connection with a merger, acquisition, financing, reorganization, sale of assets, insolvency, or similar business transaction, subject to appropriate safeguards

10. Tracking, Advertising, and Marketing

We do not sell your personal data.

We do not use HealthKit data for advertising or marketing.

We do not use your personal data to track you across third-party apps or websites for advertising purposes unless we obtain any consent required by applicable law or platform rules.

We may send product updates, onboarding messages, promotional emails, or marketing communications where permitted by law. You can opt out of marketing emails by using the unsubscribe link in the email or contacting us at support@jorna.ai. You may still receive service-related messages, such as account, security, subscription, support, or policy notices.

11. Data Retention

We retain personal data for as long as reasonably necessary to provide Jorna, operate app features, maintain security, comply with legal obligations, resolve disputes, and enforce agreements.

Journal entries, transcripts, summaries, persona/context data, goals, habits, and related account-linked content may be retained for as long as your account remains active, unless deleted earlier through app features or a valid deletion request.

Retention periods may vary depending on the type of data and the purpose for which it is processed. For example:

• Account data is generally retained while your account is active.
• Journal and personalization data may be retained until account deletion or deletion through available app features.
• Audio data may be retained by voice providers according to provider configuration, technical needs, and applicable legal or contractual requirements.
• Analytics, diagnostic, security, and server logs may be retained for limited periods to maintain reliability, security, and compliance.
• Backups may retain data for a limited period after deletion before being overwritten or deleted through normal backup cycles.

If you delete your account, we take reasonable steps to delete or de-identify account-linked data from active systems, subject to limited operational, legal, security, provider, and backup-retention exceptions.

12. Account Deletion and Your Choices

You can delete your account in the app by going to:

Settings → Delete Account → Confirm

When account deletion is processed, we remove associated account data from core services where reasonably practicable, subject to technical, legal, security, service-provider, and residual backup limitations.

You may also contact us at support@jorna.ai for privacy requests, including deletion-related requests.

You can manage certain data and permissions through the app and iOS Settings, including microphone, photos, contacts, location, HealthKit, and notifications.

13. Access, Correction, and Export Requests

Depending on your location, you may have the right to request access to, correction of, deletion of, or a copy of certain personal data.

Jorna may not provide an automated in-app export tool at all times. If you want to request access to or a copy of your data, contact us at support@jorna.ai. We will respond as required by applicable law and may need to verify your identity before fulfilling the request.

Some data may not be exportable in a readable format due to encryption, technical limitations, security requirements, legal restrictions, or the rights and privacy of others.

14. Permissions and Controls

Jorna requests permissions only to provide specific features. Depending on how you use the app, we may request:

• Microphone: for voice journaling and speech input
• Photos: for attaching or sharing photos
• Contacts: for optional friend discovery
• Location: for context enrichment in summaries or reflections
• HealthKit: for wellness-related insights and features
• Notifications: for reminders, service messages, marketing where permitted, and social or activity notifications

You can manage permissions in iOS Settings at any time. Some features may not work properly if the relevant permission is disabled.

15. Security

We use technical and organizational safeguards designed to protect personal data, including encryption in transit, access controls, authentication controls, cloud-provider security controls, and service-provider security measures.

For sensitive user content, Jorna uses application-level encryption in addition to provider-level protections. This may include AES-256-GCM encryption for user content before and when storing it, iOS CryptoKit, Cloud Function-side Node.js cryptography, and per-user data keys generated using random bytes.

Security controls may vary by data type, feature, service provider, and technical environment. Some derived data, metadata, summaries, persona/context files, analytics, diagnostics, or audio processed through third-party providers may be subject to different storage and access controls than encrypted journal entries or transcripts.

No method of transmission, processing, or storage is completely secure. We cannot guarantee absolute security, and you use Jorna with the understanding that security risks can never be fully eliminated.

16. Security Incidents

If we become aware of a security incident affecting personal data, we will take steps to investigate, contain, and address the incident. Where required by applicable law, we will notify affected users, regulators, or other relevant parties.

We may delay notification where permitted or required by law, such as when law enforcement, security investigation, or remediation requirements justify delay.

17. International Transfers

Jorna is operated by an Australian company and may process personal data in Australia, the United States, the European Union, the United Kingdom, and other countries where we or our service providers operate.

The privacy and data protection laws in these countries may differ from those in your location. Where required, we use appropriate safeguards for cross-border transfers of personal data, such as contractual protections or other lawful transfer mechanisms.

18. Children and Age Requirements

Jorna is intended for users aged 13 and older. Jorna is not intended for children under 13.

We do not knowingly collect personal data from children under 13 without appropriate authorization. If we learn that we have collected personal data from a child under 13 without appropriate authorization, we will take reasonable steps to delete that information.

If applicable law requires a higher minimum age in your location, you must meet that higher age requirement to use Jorna without parent or guardian consent.

19. Your Privacy Rights

Depending on your location, you may have rights to:

• Access the personal data we hold about you
• Correct inaccurate personal data
• Delete your personal data
• Request a copy of your personal data
• Object to or restrict certain processing
• Withdraw consent where processing is based on consent
• Opt out of certain marketing communications
• Lodge a complaint with a data protection authority or regulator

To exercise privacy rights, contact us at support@jorna.ai. We may need to verify your identity before responding to certain requests.

20. Australian Privacy Rights

As an Australian company, Jorna handles personal information in accordance with applicable Australian privacy laws where they apply.

If you have a privacy complaint, contact us at support@jorna.ai. We will review and respond to your complaint within a reasonable time. If you are not satisfied with our response, you may have the right to contact the Office of the Australian Information Commissioner or another applicable regulator.

21. United States Privacy Notices

Depending on your state of residence, you may have additional privacy rights under applicable state privacy laws. These may include rights to access, delete, correct, or obtain a copy of certain personal data, and to opt out of certain uses of personal data.

We do not sell personal data. We do not knowingly sell or share personal data of users under 16.

To exercise applicable state privacy rights, contact us at support@jorna.ai.

22. EEA and UK Privacy Notices

If you are located in the EEA or UK, you may have rights under applicable data protection laws, including rights to access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.

You may also have the right to lodge a complaint with your local data protection authority.

For privacy requests, contact support@jorna.ai.

23. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may notify you through the app, by email, or by another reasonable method.

The updated version will be posted with a new effective date. Your continued use of Jorna after the updated Privacy Policy becomes effective means you acknowledge the updated policy.

24. Contact