Effective Date: March 24, 2026 · Version 2026-03
Contents
This summary table provides the "Notice at Collection" required under CPRA and other US state privacy laws. Full details are in the sections below.
| Category | Sold or Shared | Retention |
|---|---|---|
| Account Information | No | Until account deleted |
| Journal Content (Sensitive) | No | Until deleted by user or account closed |
| Device & Technical Data | No | Logs: 90 days; tokens: 72 hrs post-unregistration |
| Location Data (optional) | No | Stored with entry; until entry deleted |
| Usage Analytics (aggregated) | No | 12 months rolling |
On This Day is built on the conviction that your memories are sacred. Your journals, photographs, and reflections belong to you — not to us. We collect only what is necessary to deliver the experience, and we never sell, rent, or trade your personal data to advertisers, data brokers, or other third parties.
"A journal is a private place. We are merely the keepers of the lock."
We request device permissions only when you first use a feature that requires them. Every permission is optional — the core journaling experience works without any of them. You may revoke any permission at any time in your device's Settings app.
Used to capture photos and short videos to attach to your journal entries, and to scan QR codes when connecting with another user's Inner Circle. The camera is never accessed passively — it is only activated when you explicitly tap to add media or scan a code.
Lets you select existing photos from your device's library to attach to an entry. On iOS we additionally request “Add to Library” access so you can save gallery images from the app to your Camera Roll.
Required to record audio notes or use voice-to-text dictation while writing an entry. Audio is transcribed on-device or via Apple / Google speech services and is not stored independently of your entry text.
Used to attach an optional place name or coordinates to an entry so you can later revisit where that memory was made. We request “While Using” access only — we do not track your location in the background. Location data is stored as part of the entry and is only shared if you choose to share that entry.
Enables daily writing reminders, anniversary spotlights (“On This Day” memories from past years), and social activity alerts from your shared journals. You can customize or disable each notification category in Settings → Profile → Notifications at any time.
We collect only what you give us or what is generated in the course of providing the service:
Provide the service — store and sync your entries across devices, render shared-entry links, and manage your journals and circles.
Send notifications — anniversary reminders, writing prompts, social activity (likes, comments on shared journals), and AI insight-ready alerts.
Generate AI reflections & insights — automatically analyze newly written entries and, for premium members, generate custom period summaries. See the AI section below for full details.
Safety & integrity — detect and investigate abuse reports, enforce our Terms of Service, and comply with legal obligations.
Improve the service — use aggregate, anonymized analytics to identify friction, prioritize features, and fix bugs.
On This Day uses AI language models to generate two types of content on your behalf: entry reflections (a short paragraph summarising a single entry) and journal insights (longer period summaries for premium members).
To produce these, the text of your entries is sent to a third-party LLM provider operating under a Data Processing Agreement that prohibits using your data for model training. Media (photos, videos) is never sent to AI services.
You can opt out at any time. In Settings → Profile → Privacy, toggle AI Analysis off. This prevents any new entries from being analyzed. Existing reflections remain unless you delete the entry.
For shared journals, each contributor's own AI opt-out preference governs their entries independently — opting out as a journal owner does not opt out co-authors' entries, and vice versa.
Your data is stored in two layers:
We treat your journal entries as Sensitive Personal Information and apply heightened security standards to this category of data.
We do not store your payment card details. All subscription billing is handled by Apple App Store or Google Play, whose privacy policies govern that transaction.
Regardless of where you are located, we extend these rights to every user:
Access & Export
Download a full export of your data (entries, photos, account details) in a standard, machine-readable format from Settings → Privacy → Download My Data.
Correction
Edit or delete any entry, photo, or account detail directly in the app at any time.
Deletion
Delete individual entries or your entire account from Settings → Account. Account deletion permanently removes all your data from our active systems within 30 days and from our backups within 90 days.
AI Opt-Out
Disable AI analysis of your entries at any time in Settings → Profile → Privacy → AI Analysis. When you toggle AI Analysis off, the app will display a visible confirmation that your preference has been honored.
Limit the Use of My Sensitive Personal Information
As required by CPRA, you may restrict our use of your journal entries — which we classify as Sensitive Personal Information — to only the essential purposes of storage, sync, and delivery of the service. Restricting use disables AI analysis, period summaries, and any future optional features that process entry content. Toggle this in Settings → Profile → Privacy → Limit Sensitive Data Use.
Do Not Sell or Share My Personal Information (CCPA / CPRA)
California residents may exercise their right under CCPA / CPRA. We do not sell or share personal information for cross-contextual behavioral advertising. You may formally submit a “Do Not Sell or Share” signal via Settings → Profile → Privacy → Do Not Sell My Information. When your preference is submitted, the app will display a visible confirmation that it has been honored. We also recognize and honor the Global Privacy Control (GPC) signal — if your device or browser transmits this signal, we will automatically treat it as a request to opt out of the sharing of your personal information.
GDPR Rights (EEA / UK)
Residents of the European Economic Area and the United Kingdom have rights of access, portability, rectification, erasure, restriction, and objection. Contact us at the address below to exercise these rights. We respond within 30 days.
We retain your data for as long as your account is active. Inactive accounts (no sign-in for 12 months) receive a prior-notice email before any scheduled deletion.
Push-notification tokens are refreshed each session and purged within 72 hours of unregistration. Server access logs are retained for 90 days for security monitoring, after which they are automatically deleted.
On This Day is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. During account creation, we collect a self-declared date of birth, and we also rely on age signals provided by the Apple App Store and Google Play where available, to help prevent underage account creation. If you believe a child under 13 has created an account, please contact us immediately and we will delete that account and its associated data promptly.
We may update this policy as the service evolves. When we make material changes we will notify you via an in-app banner and, where required by law, ask for renewed consent. The version date at the top of this page always reflects the current revision.
Continued use of On This Day after an updated policy comes into effect constitutes your acceptance of the changes.
Questions, data requests, or concerns about this policy can be directed to:
RDLabs
Email: privacy@on-this-day.app
Mailing Address: [P.O. Box or registered agent address — to be added]
Data Deletion: on-this-day.app/data-deletion