Privacy policy
Effective 12 July 2026
Just My Day is built around one principle: your notes are for you, not for showing off. This policy explains plainly — no fine print — what data we process, why, for how long, and what your rights are. It covers the Just My Day iOS app and the justmyday.app website.
1. Who is responsible for your data
The data controller is Dariusz Biel, the operator of the Just My Day app. For anything related to personal data, write to kontakt@justmyday.app — we reply without unnecessary formality.
2. What data we process
Account
- your email address and name (or nickname) — to create and run your account,
- a device identifier and a biometric sign-in key (Face ID / Touch ID) — your biometric data itself never leaves your iPhone; we only store a cryptographic key that confirms the device,
- a push notification token — so pings can reach you.
The content of your notes
- category tags, text notes, energy level and timestamps,
- photos, selfies and voice recordings together with their transcripts — stored in encrypted cloud storage tied to your account only,
- photo descriptions and voice transcripts are produced on your device (Apple Vision and Apple Speech) — your media is never sent to any analysis service.
Subscription
- your Just My Day Pro subscription status received from the App Store — payment is handled by Apple; we never see your card details.
Apple Health (optional)
You can — but don't have to — connect Just My Day to Apple Health so the evening story can gently reference how you slept and how much you moved. This integration is entirely opt-in: you turn it on yourself (during onboarding, in Settings, or on the Discoveries screen) and disconnect it in the same places any time.
- health data is read only on your device via Apple HealthKit (read-only access),
- raw HealthKit data never leaves your iPhone — the only thing that leaves the device is two daily aggregate numbers: your total sleep minutes and total step count for a given day,
- those numbers are sent only for the days the integration is connected — once you disconnect, we stop sending them.
3. Why, and on what legal basis
- providing the service (saving notes, composing evening stories, discoveries, recaps) — Art. 6(1)(b) GDPR (performance of a contract),
- push notifications (pings) — Art. 6(1)(b) GDPR; you set their number and quiet hours in the app, and you can turn them off entirely,
- security and abuse prevention — Art. 6(1)(f) GDPR (legitimate interest),
- handling support requests — Art. 6(1)(f) GDPR.
4. AI — what exactly happens
The evening story and discoveries are composed by an AI model provided by Anthropic (API). The model receives text: your notes, tags, transcripts and photo descriptions generated earlier on your device. If you connect Apple Health, the text is accompanied by two daily aggregate numbers — your total sleep minutes and total step count — so the story can gently reference sleep and movement. Photos, audio recordings and raw health data are never sent to Anthropic. Under the API's commercial terms, data submitted for processing is not used to train models.
Any mention of sleep or movement in the story is simply an observation of what the data shows — Just My Day is not a medical tool and does not give health advice.
5. Where and how we store data
- media (photos, recordings) go to encrypted cloud storage — only your account can access them,
- traffic between the app and the server is encrypted (TLS with certificate pinning),
- data at rest is encrypted at the infrastructure level.
6. Who we share data with
We do not sell data and do not share it with advertisers — the app contains no ads and no analytics SDKs. We use only the processors necessary to run the service:
- an infrastructure and cloud storage provider (hosting the API and media),
- Anthropic — composing day stories from text, plus the two daily aggregate numbers (sleep, steps) when Apple Health is connected (see section 4),
- Apple — app distribution (App Store / TestFlight), push notifications and subscription handling.
Where data is stored: the app server and media storage (photos, recordings) are located in the European Union. The only transfer outside the European Economic Area is the text of your notes — plus the two daily aggregate numbers (sleep, steps) when Apple Health is connected — sent to Anthropic to compose the day story (see section 4). It is carried out under standard contractual clauses and never includes photos, recordings or raw health data.
7. How long we keep data
Until you delete your account. You can delete it in the app (Profile → Delete account) — no emails needed. Deletion is permanent and covers all notes, photos, recordings and transcripts; infrastructure backups expire within 30 days at the latest.
8. Your rights
Under the GDPR you have the right to:
- access your data and get a copy (write to kontakt@justmyday.app and we'll prepare a bundle of your whole history),
- rectify your data,
- erase your data (in the app, any time),
- restrict processing and object to it,
- data portability,
- lodge a complaint with a supervisory authority — in Poland this is the President of the Personal Data Protection Office (uodo.gov.pl).
9. The justmyday.app website
This website is fully static: it uses no cookies and has no analytics or tracking scripts. The hosting provider (Cloudflare) may process standard server logs (IP address, requested URL) for security and service maintenance. The details are in our cookie policy.
10. Age
Just My Day is not intended for people under 16, and we do not knowingly collect children's data.
11. Changes to this policy
We will announce significant changes in the app and on this page before they take effect. The current version is always available at justmyday.app/en/privacy.
12. Contact
Privacy questions: kontakt@justmyday.app.