Privacy Policy

Last updated: March 10, 2026  ·  Version 1.0

Table of Contents

1. Who We Are (Data Controller)
2. Scope and Key Definitions
3. What Data We Collect and Why
4. Sensitive Data — Mood and Emotional Information
5. AI Processing of Your Content
6. Device Authentication and Identifiers
7. Analytics
8. Crash Reporting
9. Subscriptions and Payments
10. Optional Cloud Backup
11. Third-Party Services
12. International Data Transfers
13. Data Retention
14. Legal Basis for Processing (GDPR)
15. Your Rights
16. Children's Privacy
17. Not a Medical or Therapeutic Service
18. Changes to This Policy
19. Contact and Complaints

1. Who We Are (Data Controller)

Moodrift ("we," "us," "our") is the data controller for purposes of applicable privacy law. You can reach us at privacy@moodrift.app.

This policy covers the Moodrift mobile application (bundle ID: app.moodrift.app) and the associated website at moodrift.app.

2. Scope and Key Definitions

This policy applies to all users of the Moodrift app on iOS and Android. "We," "us," and "our" refer to the Moodrift developer. "You" refers to any person who downloads or uses the app.

"Personal data" means any information relating to an identified or identifiable natural person. Under applicable law this includes pseudonymous identifiers such as device tokens. "Processing" means any operation performed on personal data, including collection, storage, transmission, analysis, and deletion.

3. What Data We Collect and Why

The following table describes each category of data, where it lives, and the purpose for which it is processed.

We do not collect your name, email address, phone number, location, contacts, browsing history, or any other personal information beyond what is described in this table. We do not serve advertising and we do not sell your data.

4. Sensitive Data — Mood and Emotional Information

Moodrift is a mood journal. By its nature, the content you enter may reflect your emotional state, mental wellbeing, and personal circumstances. Under the EU General Data Protection Regulation (GDPR) and several US state privacy laws, information that reveals a person's mental or physical health condition is treated as sensitive data requiring heightened protection.

We apply that heightened standard to all journal content, regardless of your location:

• Journal content is never transmitted to third parties for advertising, profiling, or sale.
• Journal content sent to our AI provider for AI features is processed only for the purpose of generating your requested output (tags, insights, summaries) and is not retained for model training under our API agreement.
• No journal content is included in analytics events.
• Crash reports do not include journal content.

Crisis content: Moodrift is not a crisis or emergency service. If your entry contains content that may indicate a mental health emergency (such as expressions of self-harm or suicidal ideation), that content is processed the same way as any other entry — it passes through our AI proxy and is not stored on our servers and is not reviewed by any person. We do not provide emergency interventions. If you are in crisis, please contact a crisis service in your region.

5. AI Processing of Your Content

When you use AI-powered features — mood tagging on entry save, weekly insight generation, and life chapter summaries — your entry text is sent from your device over HTTPS to our backend, which forwards it to our AI provider's API. The AI analyzes the text and returns structured output (mood score, activity tags, emotional tags, insight text). Our backend does not log, store, or retain your entry content. The transmission is pass-through only.

This constitutes automated processing that produces an assessment of your emotional state. The output is displayed to you in the app and stored locally on your device. You can review and edit AI-generated tags on any entry. You can disable AI features by not using voice entry or by choosing not to generate insights or chapter summaries — all core logging functions work without AI processing.

Voice transcription: Voice entry uses on-device speech recognition. Audio is processed entirely on your device and is never transmitted to our servers or to any third party. No audio recording is stored after transcription.

AI provider data practices: Under our API agreement, input text sent via the API is not used to train AI models. Our AI provider may retain API inputs for a limited period for safety and abuse monitoring purposes pursuant to their own privacy policy.

6. Device Authentication and Identifiers

Moodrift does not require you to create an account. Instead, we generate a random device token on first launch. This token is a pseudonymous identifier — it is not linked to your name or email address but it does uniquely identify your device installation for the purposes of API authentication and subscription verification.

The device token is stored on your device and on our secure backend. Our backend uses it to enforce per-device rate limits (to prevent API abuse) and to verify your subscription entitlement with RevenueCat. We do not use the device token for advertising or cross-app tracking.

On iOS, we use Apple DeviceCheck (app attestation) to verify that API requests originate from genuine, unmodified installations of Moodrift. DeviceCheck communicates with Apple's servers; Apple's privacy policy governs that interaction.

If you uninstall and reinstall the app, a new device token is generated. Your local journal data is not recoverable without a backup. If you have enabled optional backup and sign-in, your existing device token can be recovered to restore access to your backup.

7. Analytics

We collect anonymous behavioral analytics to understand how the app is used and to improve it. No journal content is ever included in any analytics event, and no personally identifiable information is transmitted.

The events we track include:

• app_opened — app launch (no content)
• entry_created — whether voice or text was used (not the content of the entry)
• insight_card_viewed — insight card opened (not the insight text)
• insight_card_shared — insight exported as image
• paywall_shown — paywall screen displayed
• paywall_converted — subscription started
• chapter_created — life chapter created (not the chapter name or content)
• onboarding_completed or onboarding_skipped

Our analytics provider is configured to strip any accidental PII from event properties. Analytics events are associated with an anonymous session identifier, not your device token.

Do Not Track: The Moodrift app does not respond to browser Do Not Track signals as it is a mobile application. We do not track users across third-party websites for advertising purposes.

8. Crash Reporting

We automatically collect crash and error reports to fix bugs and improve stability. When the app crashes or encounters an error, a report is sent that includes: device model, operating system version, app version, and a stack trace showing the code path that led to the error. Crash reports do not include your journal content, device token, or any other personal data.

9. Subscriptions and Payments

Subscription Plans

Moodrift offers a free tier and a premium subscription (Moodrift Pro). Premium subscriptions are offered at the following prices:

• Monthly: $4.99 per month
• Annual: $39.99 per year (approximately $3.33 per month)

Auto-Renewal Disclosure

Moodrift Pro subscriptions automatically renew at the end of each billing period (monthly or annually) unless you cancel at least 24 hours before the end of the current period. Your Apple ID or Google account will be charged for renewal within 24 hours before the end of the current period. You can manage and cancel your subscription at any time in your device's subscription settings:

• iOS: Settings > [Your Name] > Subscriptions > Moodrift
• Android: Google Play > Profile icon > Payments & subscriptions > Subscriptions > Moodrift

Cancellation takes effect at the end of the current paid period. You will continue to have access to premium features until that date. We do not provide partial refunds for unused portions of a subscription period except where required by law.

Payment Processing

All payments are processed entirely by Apple (App Store) or Google (Google Play). We never see, receive, or store your payment card details, billing address, or any other payment information. Our subscription provider manages the subscription lifecycle on our behalf and receives only your subscription status, not your payment details.

Free Trial

If a free trial is offered, it will be clearly disclosed at the time of sign-up. After the trial period, your subscription will automatically convert to a paid subscription unless cancelled before the trial ends.

10. Optional Cloud Backup

You can optionally back up your journal data to your personal cloud storage. Backup is an opt-in premium feature. When you enable backup:

• Your journal database is encrypted and exported directly to your own iCloud Drive (iOS) or Google Drive (Android).
• The backup file passes through your device's operating system to your cloud storage provider. It does not pass through Moodrift servers.
• You can restore your journal from backup on a new device by signing in with the same Apple ID or Google account.
• Your iCloud or Google account credentials are handled entirely by Apple or Google. We do not access your credentials.

iCloud's privacy policy: apple.com/legal/privacy. Google Drive's privacy policy: policies.google.com/privacy.

11. Third-Party Services

To operate Moodrift, we work with a limited set of third-party service providers. No provider receives your journal content except our AI provider (for AI processing as described in Section 5), and even then only transiently without retention. The categories of providers we use are:

• AI processing provider — receives your entry text transiently to generate mood tags, weekly insights, and chapter summaries. The text is not retained after the API call completes.
• Backend infrastructure provider — powers our secure API. Receives request metadata (such as IP address at the network layer) as part of normal infrastructure operation. No journal content is stored.
• Subscription and payment provider — manages your subscription entitlement and communicates with the App Store or Google Play on our behalf. Receives your device token and subscription status. Does not receive journal content or payment card details.
• Crash reporting provider — receives device model, OS version, app version, and stack traces when the app crashes. No journal content is included.
• Analytics provider — receives anonymous behavioral events (e.g., "entry created," "paywall shown") to help us understand how the app is used. No journal content, no PII.
• Apple — governs app distribution, payment processing, and device attestation on iOS. apple.com/legal/privacy
• Google — governs app distribution and payment processing on Android. policies.google.com/privacy

We do not sell personal data to any third party. We do not share personal data with third parties for advertising or marketing purposes. Specific provider names are available on request at privacy@moodrift.app.

12. International Data Transfers

Our infrastructure providers are based in the United States and operate servers globally. If you use Moodrift from the European Economic Area (EEA), the United Kingdom, or Switzerland, the limited personal data described in this policy (device token, anonymous analytics events, crash report metadata, and transiently, entry text for AI processing) may be transferred to and processed in the United States.

We rely on the following mechanisms to legitimize such transfers:

• Standard Contractual Clauses (SCCs) — our service providers have implemented EU-approved SCCs or equivalent transfer mechanisms in their data processing agreements.
• Adequacy decisions — where applicable, transfers are made to countries recognized by the European Commission as providing adequate data protection.

Because journal content is not retained by us or by our AI provider, the primary transfer risk relates to transient processing. Entry text transmitted for AI features is processed in the United States and is not retained beyond the duration of the API call.

13. Data Retention

14. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data under the following legal bases under the GDPR:

Where we rely on legitimate interests, you have the right to object to that processing. See Section 15 for how to exercise that right.

15. Your Rights

Depending on your location, you may have some or all of the following rights regarding your personal data. To exercise any of these rights, contact us at privacy@moodrift.app.

Rights for EEA, UK, and Swiss Users (GDPR and UK GDPR)

• Right of access (Article 15) — You can request a copy of the personal data we hold about you.
• Right to rectification (Article 16) — You can correct inaccurate personal data we hold. Note: your journal content is stored locally on your device and can be edited directly in the app.
• Right to erasure / "right to be forgotten" (Article 17) — You can request deletion of your personal data from our systems. Because your journal is stored on your device, deletion of that data is within your control (delete the app, or use the in-app deletion feature). For backend data (device token), contact us and we will delete it within 30 days.
• Right to restriction of processing (Article 18) — In certain circumstances you can ask us to restrict how we process your data.
• Right to data portability (Article 20) — You can request your data in a structured, machine-readable format. Because your journal is on your device, you can export it directly via the in-app export function (CSV or PDF, premium feature). For backend-held data, contact us.
• Right to object (Article 21) — You can object to processing based on legitimate interests (crash reporting, analytics). If you object, we will cease that processing unless we have compelling legitimate grounds.
• Rights related to automated decision-making (Article 22) — AI mood tagging constitutes automated processing that produces an assessment of your emotional state. You have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects. Moodrift's AI tagging does not produce any such legal or significant effects — it only surfaces patterns for your own reflection. You can also review and override any AI-generated tag in the app.
• Right to withdraw consent — Where processing is based on consent (AI features, backup), you can withdraw consent at any time without affecting the lawfulness of prior processing. To withdraw consent for AI processing, simply do not use AI features. To withdraw consent for backup, disable it in Settings.
• Right to lodge a complaint — You have the right to lodge a complaint with your local data protection supervisory authority. In the EU, this is the supervisory authority of your Member State. In the UK, this is the Information Commissioner's Office (ico.org.uk).

Rights for All Users

• Delete all local data — Go to Settings within the app and select "Delete all data" to permanently erase your journal from your device.
• Delete your device token — Contact us at privacy@moodrift.app with the subject "Delete device token" and we will remove your token from our backend within 30 days. Note: this will prevent you from using AI features until a new token is generated (which happens automatically on next app launch).

We will respond to verifiable requests within 30 days. We may need to verify your identity or request context sufficient to locate your records (typically your device token, which can be found in the app under Settings > About).

16. Children's Privacy

Moodrift is rated 9+ on the App Store and is not directed at children under the age of 9. We do not knowingly collect personal information from children.

If you believe a child has provided us with personal information, please contact us at privacy@moodrift.app and we will take steps to delete that information.

17. Not a Medical or Therapeutic Service

Moodrift is a personal reflection and self-awareness tool. It is not a medical device, a clinical diagnostic tool, a mental health treatment, or a substitute for professional medical advice, diagnosis, or treatment. The AI-generated insights are intended for personal reflection only and should not be interpreted as clinical assessments of any mental health condition.

If you are experiencing a mental health crisis, please contact a qualified healthcare professional or a crisis service in your region.

18. Changes to This Policy

We may update this policy at any time. The "Last updated" date and version number at the top of this page will reflect any changes. We encourage you to review this policy periodically.

Your continued use of Moodrift after an updated policy is posted constitutes your acceptance of the updated policy. Prior versions of this policy are available on request.

19. Contact and Complaints

For questions, requests, or complaints regarding this privacy policy or our data practices, contact us at:

Email: privacy@moodrift.app
Subject line for rights requests: "Privacy Request"
Response time: We aim to respond within 10 business days and will complete substantive requests within 30 days.