Chapter One Journal — Privacy Policy
Your journal is private. This Privacy Policy explains what limited data we do collect, why, and your rights over it.
1. Who we are
Heirloom Journal Ltd is a company registered in England and Wales (Company number 16846431). Registered office: 86-90 Paul Street, London, EC2A 4NE, United Kingdom. We are the data controller for personal data processed through the Chapter One app ("the App"). Contact: dear@chapteronejournal.app.
2. What we collect, and why
Account information. When you sign in with your Apple ID, we receive your name and an email address (which may be Apple's private relay address if you choose). We use this to create your account and send essential service emails.
Profile information you provide during onboarding. During onboarding we ask you for a small amount of information used to personalize the App:
- Your first name and gender (so we can address you appropriately in the App and tailor copy).
- Your child's first name, date of birth, and gender (used to personalize prompts and in-app copy, to tailor content to your child's developmental stage, and to send a birthday message on the right date).
This profile information is stored on your device and synced through your own iCloud. A subset of it is shared with our processors as described in section 4 — notably, we do not send your child's name or full date of birth to our analytics provider; we only share a derived, anonymized age band so we can tailor prompts to developmental stages.
You can edit or delete any of this information at any time in Settings.
Your journal content. Text entries, photos, and voice recordings are stored on your device and synced through your own iCloud account. We do not store your journal content on our servers, and we cannot read it.
Voice transcription. When you choose to transcribe a voice note, the audio is sent securely to OpenAI's API, transcribed, and returned to your device. We have configured OpenAI not to retain your audio and not to use it for model training. The transcribed text is stored only on your device and in your iCloud.
Subscription information. When you subscribe, Apple processes your payment. We receive subscription status (active, cancelled, renewal date) via Apple and Adapty, our subscription infrastructure provider. We never see your payment card details.
Product analytics. We use PostHog to understand how the App is used — which features are popular, where users get stuck, what's broken. Events are anonymized or pseudonymized and include your device type and app version. We don't link analytics to any cross-app advertising identifier.
Marketing email (optional). If you opt in, we use Loops to send occasional product emails. You can unsubscribe at any time.
3. Legal bases for processing (UK / EU users)
- Contract — providing the App, running your account, processing your subscription.
- Legitimate interest — anonymized analytics, abuse prevention, security.
- Consent — marketing emails (withdrawable at any time).
- Legal obligation — tax, accounting, responding to lawful requests.
Where you provide information about your child during onboarding, we rely on your consent (given on the child's behalf as their parent or legal guardian) and your authority to provide that information. You can withdraw this consent at any time by deleting the child profile in Settings.
4. Who we share data with
We use a small set of trusted processors. We do not sell your personal data.
| Processor | What we share | Purpose | Location |
|---|---|---|---|
| Apple | Account identity, payment | Sign in with Apple, iCloud sync, App Store, payments | US / Global |
| Adapty | Subscription identifiers | Subscription state | US |
| OpenAI | Voice note audio (not retained) | Voice transcription | US |
| PostHog | Pseudonymized user ID, device info, your name and gender, your child's gender and age band (no child name, no DOB) | Product analytics + personalization | EU (with US sub-processors) |
| Loops | Your email, your name, your child's first name and date of birth | Service emails, opt-in marketing, birthday reminders | US |
We have Data Processing Agreements (DPAs) in place with each processor as required by UK GDPR Article 28, ensuring they handle your data under the same protections described in this Policy.
5. Cookies and similar technologies
The App itself does not use web cookies. The third-party SDKs we integrate (PostHog for analytics, Adapty for subscriptions) use device-level identifiers, local storage, and similar technologies to function — for example, to recognize your device across app sessions or to track subscription state. These technologies are limited to what's necessary for the SDK's stated purpose; we don't use them for advertising or cross-app tracking.
6. International transfers
Some processors are based outside the UK. When your data leaves the UK we rely on UK-approved transfer mechanisms — typically the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or an adequacy decision where one applies.
7. Automated decision-making
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. Our analytics and feature usage data are not used to make individual decisions about you.
8. How long we keep your data
- Account data — while your account exists, plus up to 30 days after deletion.
- Journal content — stays on your device and in your iCloud; controlled entirely by you.
- Voice audio sent for transcription — not retained.
- Subscription records — up to 7 years (UK tax law).
- Analytics — pseudonymized identifiers up to 12 months; aggregated data retained longer.
- Marketing email data — until you unsubscribe, plus 12 months.
9. Your rights
Under UK GDPR you have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion ("right to be forgotten")
- Restrict or object to processing
- Data portability
- Withdraw consent at any time, for any consent-based processing
- Object to processing for direct marketing (absolute right)
To exercise any right, email dear@chapteronejournal.app. We respond within one month of receiving a request. Where a request is particularly complex or where you've made multiple requests, this can be extended by up to two further months, in which case we'll tell you why within the first month.
You can also complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.
10. California residents (CCPA/CPRA)
California residents have the following rights regarding their personal information:
- Right to know what we collect and how it's used
- Right to delete personal information
- Right to correct inaccurate personal information
- Right to opt out of "sale" or "sharing" for cross-context behavioral advertising
- Right to limit the use of sensitive personal information
- Right to non-discrimination for exercising any of these rights
We do not sell or share your personal information as those terms are defined under California law. To exercise your rights, email dear@chapteronejournal.app. You may also designate an authorized agent to make a request on your behalf — we'll verify the agent's authority and your identity before acting.
11. Security
Journal content is protected by Apple's iCloud encryption. Account and subscription data is encrypted in transit and at rest by our processors.
No system is perfectly secure. In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the UK Information Commissioner's Office within 72 hours of becoming aware of the breach, as required by UK GDPR Article 33. Where the breach is likely to result in a high risk to your rights, we will also notify you directly without undue delay.
12. Children
Chapter One is intended for use by adults. The App is not directed to children under 13, and we do not knowingly collect personal data from anyone under 13. If we learn that we have collected personal data from a child under 13, we will delete that data and close the account. If you believe a child under 13 has provided personal data through the App, contact us at dear@chapteronejournal.app and we will act promptly.
Where users between 13 and the age of majority in their country are permitted to use the App, they must do so under the supervision of a parent or legal guardian who has accepted our Terms on their behalf.
Parents and guardians may choose to provide a small amount of information about their child during onboarding — first name, date of birth, and gender — which we use to personalize the experience (age-appropriate prompts, in-app copy that addresses the child by name, and birthday reminders).
By providing information about your child, you confirm you are the child's parent or legal guardian, or have the authority to do so, and you consent to our use of that information for the purposes described in this Policy. You can review, update, or delete your child's profile at any time in Settings; deleting the profile removes the data from our processors as part of our normal retention process.
13. Changes
We may update this Privacy Policy. Material changes will be flagged in the App and the "Last updated" date above will change. Continued use after an update means you accept the updated policy. Previous versions of this Policy are available on request — email dear@chapteronejournal.app.
14. Contact
Heirloom Journal Ltd
86-90 Paul Street, London, EC2A 4NE, United Kingdom
dear@chapteronejournal.app