This Privacy Policy explains how Voice Journal collects, uses, discloses, and protects information when you use the Voice Journal mobile application and any related services (the "Service"). The App is published by an individual independent developer based in Sweden (the "Developer", "we", "us", "our"). Voice Journal is a voice-first journaling application that records, transcribes, and analyses spoken entries you choose to create, and lets you keep entries to yourself or share specific journals with people you invite.

Effective: April 28, 2026 · Last revised: April 28, 2026

Article I Who we are & how to reach us

Voice Journal is operated by an individual independent developer based in Sweden. For the purposes of the EU General Data Protection Regulation 2016/679 ("GDPR"), the UK GDPR, the Swedish Data Protection Act (Lag (2018:218) med kompletterande bestämmelser till EU:s dataskyddsförordning), and equivalent legislation, the Developer is the controller of personal data processed in connection with the Service.

You can reach us at voicejournal@outlook.com for any matter relating to this Privacy Policy, including requests to exercise the rights described in Article XI.

Article II Information we process

2.1 Personal-journal content (kept on your device)

When you record an entry in a personal (non-shared) journal, the following content is generated and stored locally on your iPhone, in the App's encrypted local storage:

• Voice recordings (audio files) you choose to capture.
• Transcripts produced from those recordings.
• Mood, theme, and other analytical metadata derived from the transcripts.
• Voiced summaries (daily, weekly, monthly, yearly) generated for you.
• Journal organisation data — entry titles, dates, tags, notebook selections, favourites — for personal journals.

Personal-journal content is not stored on our servers and is not accessible to us. Audio is transmitted to our transcription provider (ElevenLabs) only for the duration of transcription, after which the audio is no longer retained for that purpose. Transcripts may be transmitted to our analysis provider (OpenAI) through our serverless backend (Firebase Cloud Functions) for the brief period needed to return mood and theme analysis (see Article VII).

2.2 Shared-journal content (kept on our servers)

The App lets you create shared journals — journals that you and one or more people you have invited can write in together. Because shared journals must be accessible to multiple people from multiple devices, the entries you create in a shared journal are stored on our servers (Google Firebase Firestore for transcripts and metadata, Google Firebase Storage for audio files) so that participants can access them. This includes:

• Voice recordings (audio files) you publish to a shared journal.
• Transcripts of those recordings.
• Mood, theme, and analytical metadata associated with the entry.
• The identifiers of participants in the shared journal.

Shared-journal content remains on our servers until you delete the entry, leave the shared journal (after which your entries may persist for the remaining members unless you also delete them), or all participants delete the journal — see Article III for the full rules and Article IX for retention.

2.3 Account & entitlement data

To operate the App we maintain a minimal record on our backend that contains only what is necessary to deliver the Service:

• An anonymous identifier issued by Firebase Anonymous Authentication. This identifier is generated automatically and does not contain your name or contact information. It is used to associate your installation with the shared journals you participate in and with your subscription entitlement.
• A push-notification token issued by Apple Push Notification service / Firebase Cloud Messaging, used to deliver reminders and shared-journal activity notifications you have enabled.
• Your subscription status and any in-app purchase entitlements as reported by Apple's App Store and our subscription manager (RevenueCat). RevenueCat receives the same anonymous identifier; it is not provided your name, email address, or other contact information by us.

This record does not contain your real name, email address, postal address, phone number, or social-network identifiers.

2.4 Device & usage data

To keep the Service stable and to understand which features are used, we (and our service providers) automatically collect technical information that does not directly identify you, such as:

• Device model, operating system version, app version, language, and time zone.
• Crash reports and diagnostics if you have enabled the relevant iOS sharing setting.
• Aggregated product-analytics events (provided by Firebase / Google Analytics for Firebase) used to understand which features are working — for example, "an entry was created", "the paywall was shown", or "a shared journal was opened" — without the content of those entries.

2.5 Information you send to us

If you contact us by email or another channel for support, we will receive the contents of your message together with any contact information you choose to share.

Article III Shared journals (multi-user)

Shared journals are an explicitly opt-in, collaborative feature. The following rules apply whenever you create or join a shared journal:

• You decide what to publish. Content only enters a shared journal when you actively record or post an entry to it. Personal-journal content is never converted to shared content automatically.
• Other participants will see your entries. Anyone you have invited (or who has been invited by another participant with permission to invite) and who has accepted the invitation will be able to read, listen to, and download your entries from that shared journal.
• Server storage is required. Because the journal is shared, the audio, transcript, and metadata are stored on our backend (Firebase) so other participants can sync them. End-to-end encryption between participants is not currently applied to shared-journal content — though traffic is encrypted in transit and access is controlled by Firebase Security Rules.
• Consent for other voices. If your recording contains the voice or personal information of another identifiable person, you are responsible for ensuring you have any consent legally required in your jurisdiction before publishing that recording to a shared journal.
• Deletion behaviour. Deleting an entry you created removes it from the shared journal for all participants. Leaving a shared journal does not automatically delete the entries you previously published; you may delete those entries before leaving if you want them removed for everyone.
• What other participants can do. Other participants may download or export the audio and transcripts of any entry they can access, including yours. Once an entry has been downloaded, we no longer control what they do with that copy. You should treat shared-journal content like content shared with anyone you trust.

Article IV Sources of information

We obtain information directly from you (when you create entries, configure the App, or contact us), automatically from your device (technical and usage data), and from Apple and our subscription manager RevenueCat (purchase, receipt, and entitlement data). For shared journals, we also receive content from other participants in journals where you have been invited.

Article V How we use information

We use information for the following purposes:

• Providing the Service. Capturing voice recordings, generating transcripts, producing analyses and voiced summaries you have requested, and storing entries on your device or in shared-journal storage as appropriate.
• Operating shared journals. Routing entries to the participants you have invited, syncing them across devices, and delivering activity notifications you have enabled.
• Operating subscriptions and purchases. Verifying your entitlements, restoring purchases, and providing access to premium features.
• Maintaining security and preventing abuse. Detecting and addressing fraud, abuse, and unauthorised use of the Service.
• Improving the Service. Understanding how the Service is used through aggregated analytics, fixing bugs, and prioritising improvements.
• Communicating with you. Responding to your inquiries, sending you reminders or shared-journal activity notifications you have enabled, and providing important notices about the Service.
• Complying with law. Meeting legal, regulatory, and tax obligations applicable to us in Sweden and elsewhere.

Article VI Legal bases (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Performance of a contract — to provide the App and the features you have requested, including your subscription and shared-journal participation.
• Legitimate interests — to keep the Service secure, prevent abuse, debug technical problems, and improve the Service in aggregate. We balance these interests against your fundamental rights and freedoms.
• Consent — where required, for example before sending push notifications or accessing your microphone. You may withdraw consent at any time in your device settings or in the App.
• Legal obligation — when we must process information to comply with applicable law.

Article VII Service providers we rely on

We use a small number of trusted service providers, each engaged under their published terms and (where applicable) a data processing agreement. We share with each provider only the information necessary for the limited purpose described below:

• Apple Inc. — App distribution, in-app purchases, push-notification delivery (APNs), and (if you opt in) crash diagnostics.
• Google LLC (Firebase & Google Cloud) — Anonymous Authentication, Cloud Firestore (database for shared-journal transcripts and metadata, and account / entitlement records), Cloud Storage (audio files for shared journals, and transient buffer for personal-journal audio during transcription), Cloud Functions (serverless backend that orchestrates transcription and analysis), Cloud Messaging (push notifications), and Google Analytics for Firebase / Crashlytics (product analytics and crash reporting). For personal-journal entries, audio uploaded to Cloud Storage for transcription is removed automatically as soon as the transcription job completes.
• ElevenLabs Inc. — Speech-to-text transcription and (where applicable) text-to-speech generation of voiced summaries. Audio is processed for the brief period needed to return a transcript or to synthesise speech and is processed by ElevenLabs in accordance with its standard API terms.
• OpenAI, L.L.C. — AI-assisted analysis of transcribed text (mood detection, themes, summaries) called from our serverless backend. Inputs sent through OpenAI's API are not used to train OpenAI's models in accordance with OpenAI's API data-usage policy.
• RevenueCat, Inc. — Management of subscription entitlements and receipt validation in cooperation with the App Store. RevenueCat receives only your anonymous identifier and Apple-issued purchase information.

The list of providers may evolve as we improve the Service. We will update this Privacy Policy if a material change is made.

Article VIII Disclosure of information

We do not sell, rent, or trade personal information. We disclose information only in the following limited circumstances:

• To other participants of a shared journal you join — content you publish to a shared journal is visible to the participants of that shared journal, as described in Article III.
• To service providers acting on our behalf, as described in Article VII.
• To comply with law or respond to valid legal process (such as a subpoena, court order, or governmental request) when we have a good-faith belief that disclosure is necessary.
• To protect rights and safety when we reasonably believe disclosure is necessary to investigate or prevent harm, fraud, or security incidents.
• In connection with a business transaction (such as a merger, acquisition, or sale of assets), in which case we will use commercially reasonable efforts to provide notice in the App or by other appropriate means before personal data becomes subject to a different privacy policy.

We never disclose journal content for advertising purposes.

Article IX Data retention

• Personal-journal content (audio, transcripts, analyses). Stored on your device for as long as you keep it there. Deleting an entry within the App removes it from local storage. Uninstalling the App removes all locally stored personal-journal content.
• Transient cloud audio for personal journals. Personal-journal audio uploaded for transcription is removed from cloud storage as soon as the transcription job completes.
• Shared-journal content. Stored on our backend (Firebase) for as long as the shared journal exists. Each entry remains until its author deletes it, until the journal is deleted, or until applicable law requires deletion. If you leave a shared journal but do not delete the entries you previously published, those entries remain accessible to the remaining participants.
• Anonymous account & entitlement record. Retained while the App is installed and active. If you uninstall the App and stop using the Service, the anonymous identifier and any associated entitlement record may remain on our backend indefinitely because we have no way to identify the user it belonged to. You may ask us to delete it by contacting us at voicejournal@outlook.com and providing information that lets us locate the record (for example, your RevenueCat anonymous app user ID, which is shown in App Settings).
• Push notification tokens. Retained while the token is valid; refreshed by Apple periodically and replaced.
• Crash & analytics data. Retained by Firebase for the periods set by Google's default retention settings for those services.
• Support correspondence. Retained as long as reasonably necessary to assist you and to evidence the resolution of any issue. We do not apply a fixed deletion schedule to support email; you may ask us to delete a thread at any time.

Article X Security

We use a defence-in-depth approach to protect your information:

• Personal-journal content is stored on your device and may be additionally protected by your device passcode and Face ID / Touch ID app lock.
• Shared-journal content is stored under Firebase Security Rules that restrict access to the participants of the journal.
• All network traffic between the App and our backend, and between our backend and our service providers, is encrypted in transit using industry-standard TLS.
• Cloud storage of transient personal-journal audio is restricted by signed, short-lived URLs and access controls.

No method of transmission or storage is perfectly secure. While we work hard to protect your information, we cannot guarantee absolute security. If you become aware of any incident affecting the Service, please contact us at voicejournal@outlook.com.

Article XI Your rights

Depending on where you live, you may have the following rights with respect to personal data we process:

• Access — request confirmation of whether we process information about you and a copy of that information.
• Rectification — request that we correct inaccurate or incomplete information.
• Deletion — request that we delete information we hold about you.
• Restriction or objection — ask us to restrict or object to certain uses.
• Portability — receive a machine-readable copy of certain information you have provided.
• Withdraw consent — withdraw consent where we relied on it.
• Lodge a complaint with a supervisory authority — for users in the EU/EEA, the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, imy.se), or the data protection authority of the EU/EEA member state where you live.

You can exercise most rights directly in the App: deleting individual entries removes them from your device or from the shared journal as applicable; uninstalling the App removes all locally stored personal-journal content; in App Settings you can export your data as audio files together with structured text. To exercise rights with respect to data we hold on our backend (your anonymous identifier, your subscription entitlement, your shared-journal content), please contact us at voicejournal@outlook.com. Because we do not collect your name or email, we may need to ask you for verification information that lets us locate the right record (for example, your RevenueCat anonymous app user ID).

Article XII California privacy notice

This section provides additional disclosures for California residents under the California Consumer Privacy Act, as amended ("CCPA"). In the past twelve months we have collected the categories of personal information described in Article II for the purposes described in Article V. We have not "sold" or "shared" personal information as those terms are defined in the CCPA, and we do not knowingly sell personal information of consumers under 16 years of age. We do not use sensitive personal information for any purpose other than those permitted by the CCPA without your consent.

California residents may exercise the right to know, the right to delete, the right to correct, and the right to non-discrimination by contacting us at voicejournal@outlook.com.

Article XIII Children's privacy

Voice Journal is suitable for general audiences but is not designed for, directed to, or marketed to children under the age of 13 (or the equivalent minimum age in your jurisdiction). Voice Journal is not published in the App Store's Kids Category. We do not knowingly collect personal information from children under that age. If you believe a child has provided us with personal information without parental consent, please contact us at voicejournal@outlook.com and we will take appropriate steps to delete that information.

Article XIV International transfers

Voice Journal is operated from Sweden (within the European Economic Area). The Service relies on service providers located in the United States and other countries, including Apple, Google, ElevenLabs, OpenAI, and RevenueCat. When personal data is transferred outside the EEA or the United Kingdom, we rely on appropriate safeguards required by GDPR — including the European Commission's Standard Contractual Clauses and, where applicable, the EU-U.S. Data Privacy Framework — to protect that data.

Article XV Tracking & advertising

The App does not use third-party advertising, does not display third-party advertisements, and does not track you across other companies' apps and websites for advertising purposes. Accordingly, the App's App Tracking Transparency (ATT) status is "no tracking". The App uses Firebase / Google Analytics for Firebase only for first-party product analytics, as described in Article II; it does not respond to "Do Not Track" browser signals because none of our processing constitutes online tracking as commonly understood by those signals.

Article XVI Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last revised" date above. If a change is material, we will provide additional notice (for example, an in-App alert) before the change takes effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

Article XVII Contact us

If you have questions, requests, or complaints about this Privacy Policy or our handling of your information, please contact us at:

Voice Journal — Independent Developer, Sweden
Email: voicejournal@outlook.com

We will do our best to respond within a reasonable time and, in any event, within the period required by applicable law.

Voice Journal End of Appendix I