← Legal

Chapter One Journal — Privacy Policy

Last updated: 1 June 2026 · Effective: 1 June 2026

Your journal is private. This Privacy Policy explains what limited data we do collect, why, and your rights over it.

1. Who we are

Heirloom Journal Ltd is a company registered in England and Wales (Company number 16846431). Registered office: 86-90 Paul Street, London, EC2A 4NE, United Kingdom. We are the data controller for personal data processed through the Chapter One app ("the App"). Contact: dear@chapteronejournal.app.

2. What we collect, and why

Account information. When you sign in with your Apple ID, we receive your name and an email address (which may be Apple's private relay address if you choose). We use this to create your account and send essential service emails.

Profile information you provide during onboarding. During onboarding we ask you for a small amount of information used to personalize the App:

This profile information is stored on your device and synced through your own iCloud. A subset of it is shared with our processors as described in section 4 — notably, we do not send your child's name or full date of birth to our analytics provider; we only share a derived, anonymized age band so we can tailor prompts to developmental stages.

You can edit or delete any of this information at any time in Settings.

Your journal content. Text entries, photos, and voice recordings are stored on your device and synced through your own iCloud account. We do not store your journal content on our servers, and we cannot read it.

Voice transcription. When you choose to transcribe a voice note, the audio is sent securely to OpenAI's API, transcribed, and returned to your device. We have configured OpenAI not to retain your audio and not to use it for model training. The transcribed text is stored only on your device and in your iCloud.

Subscription information. When you subscribe, Apple processes your payment. We receive subscription status (active, cancelled, renewal date) via Apple and Adapty, our subscription infrastructure provider. We never see your payment card details.

Product analytics. We use PostHog to understand how the App is used — which features are popular, where users get stuck, what's broken. Events are anonymized or pseudonymized and include your device type and app version. We don't link analytics to any cross-app advertising identifier.

Marketing email (optional). If you opt in, we use Loops to send occasional product emails. You can unsubscribe at any time.

3. Legal bases for processing (UK / EU users)

Where you provide information about your child during onboarding, we rely on your consent (given on the child's behalf as their parent or legal guardian) and your authority to provide that information. You can withdraw this consent at any time by deleting the child profile in Settings.

4. Who we share data with

We use a small set of trusted processors. We do not sell your personal data.

Processor What we share Purpose Location
Apple Account identity, payment Sign in with Apple, iCloud sync, App Store, payments US / Global
Adapty Subscription identifiers Subscription state US
OpenAI Voice note audio (not retained) Voice transcription US
PostHog Pseudonymized user ID, device info, your name and gender, your child's gender and age band (no child name, no DOB) Product analytics + personalization EU (with US sub-processors)
Loops Your email, your name, your child's first name and date of birth Service emails, opt-in marketing, birthday reminders US

We have Data Processing Agreements (DPAs) in place with each processor as required by UK GDPR Article 28, ensuring they handle your data under the same protections described in this Policy.

5. Cookies and similar technologies

The App itself does not use web cookies. The third-party SDKs we integrate (PostHog for analytics, Adapty for subscriptions) use device-level identifiers, local storage, and similar technologies to function — for example, to recognize your device across app sessions or to track subscription state. These technologies are limited to what's necessary for the SDK's stated purpose; we don't use them for advertising or cross-app tracking.

6. International transfers

Some processors are based outside the UK. When your data leaves the UK we rely on UK-approved transfer mechanisms — typically the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or an adequacy decision where one applies.

7. Automated decision-making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. Our analytics and feature usage data are not used to make individual decisions about you.

8. How long we keep your data

9. Your rights

Under UK GDPR you have the right to:

To exercise any right, email dear@chapteronejournal.app. We respond within one month of receiving a request. Where a request is particularly complex or where you've made multiple requests, this can be extended by up to two further months, in which case we'll tell you why within the first month.

You can also complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

10. California residents (CCPA/CPRA)

California residents have the following rights regarding their personal information:

We do not sell or share your personal information as those terms are defined under California law. To exercise your rights, email dear@chapteronejournal.app. You may also designate an authorized agent to make a request on your behalf — we'll verify the agent's authority and your identity before acting.

11. Security

Journal content is protected by Apple's iCloud encryption. Account and subscription data is encrypted in transit and at rest by our processors.

No system is perfectly secure. In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the UK Information Commissioner's Office within 72 hours of becoming aware of the breach, as required by UK GDPR Article 33. Where the breach is likely to result in a high risk to your rights, we will also notify you directly without undue delay.

12. Children

Chapter One is intended for use by adults. The App is not directed to children under 13, and we do not knowingly collect personal data from anyone under 13. If we learn that we have collected personal data from a child under 13, we will delete that data and close the account. If you believe a child under 13 has provided personal data through the App, contact us at dear@chapteronejournal.app and we will act promptly.

Where users between 13 and the age of majority in their country are permitted to use the App, they must do so under the supervision of a parent or legal guardian who has accepted our Terms on their behalf.

Parents and guardians may choose to provide a small amount of information about their child during onboarding — first name, date of birth, and gender — which we use to personalize the experience (age-appropriate prompts, in-app copy that addresses the child by name, and birthday reminders).

By providing information about your child, you confirm you are the child's parent or legal guardian, or have the authority to do so, and you consent to our use of that information for the purposes described in this Policy. You can review, update, or delete your child's profile at any time in Settings; deleting the profile removes the data from our processors as part of our normal retention process.

13. Changes

We may update this Privacy Policy. Material changes will be flagged in the App and the "Last updated" date above will change. Continued use after an update means you accept the updated policy. Previous versions of this Policy are available on request — email dear@chapteronejournal.app.

14. Contact

Heirloom Journal Ltd
86-90 Paul Street, London, EC2A 4NE, United Kingdom
dear@chapteronejournal.app