Deep Journal — Privacy Policy
Last updated: April 20, 2026
Deep Journal ("the app", "we", "our") is a private journaling app for iOS and macOS. This policy describes what data the app handles, where it lives, and what leaves your device.
In one sentence: your journal entries live on your device (and, if you opt in, in your personal iCloud). They are not sent anywhere else unless you explicitly ask the app to analyze an entry — in which case the text of that entry is sent to Google for AI processing.
Who runs this app
Deep Journal is built by Zian Meng as an independent developer.
Contact: workingzian@gmail.com
What Deep Journal is — and isn't
Deep Journal is a writing tool. It is not a medical device, not therapy, not a substitute for professional mental-health care, and not a crisis service. If you are in crisis or in danger, please contact your local emergency services (in the US: call 911, or call/text 988 for the Suicide & Crisis Lifeline).
Data we handle
Stored on your device
The following data is stored locally on your device using Apple's SwiftData framework, encrypted at rest by iOS/macOS:
- Journal entries (title, body, timestamps)
- Emotion tags you add, and emotions detected by the app
- Photos and voice notes you attach to entries
- Bookmarks, tags, and word counts
- AI-generated summaries, themes, and patterns (if you use AI features)
- Wellbeing check-in responses (if you complete them)
- App settings (selected AI personality, font preferences, etc.)
Stored in your iCloud (optional)
If you are signed in to iCloud on your device and have iCloud enabled for Deep Journal, the app uses Apple's CloudKit to sync your data to your own private iCloud container. This means:
- Your data is stored on Apple's servers, under your Apple ID
- Apple cannot read your journal contents in the private database
- Deep Journal does not operate a backend server and cannot read your data
- You can turn sync off in iOS Settings → iCloud → Deep Journal
Deep Journal additionally applies end-to-end encryption to synced content using a key stored in your iCloud Keychain, so even if CloudKit data were exposed, the content would be unreadable without your device.
Sent to Google (only when you use AI features)
Deep Journal's AI features — entry analysis, reflection chats, emotion detection, pattern discovery, and the wellbeing estimator — are powered by Google's Gemini API.
When you tap Analyze, start a reflection chat, or trigger any other AI feature, the following data is sent over HTTPS to generativelanguage.googleapis.com:
- The text of the journal entry being analyzed (or the messages you type in the chat)
- A short system prompt describing the AI personality you selected
- Your chat history within that analysis session
We do not send your name, email, device identifiers, photos, voice notes, or entries that you have not explicitly asked the app to analyze.
Google's handling. According to Google's Gemini API terms:
- On the paid tier, Google does not retain prompts or responses beyond what is needed to serve the request.
- On the free tier, Google may retain prompts for up to 55 days for abuse review and may use them to improve Google's products.
Deep Journal uses whichever tier is configured for the API key at runtime. You can disable AI features entirely in the app's settings, in which case no journal data ever leaves your device.
Not collected at all
Deep Journal does not:
- Use any analytics SDKs (no Firebase, Mixpanel, Amplitude, etc.)
- Include advertising SDKs or trackers
- Sell, rent, or share your data with anyone
- Operate any backend servers that receive your data
- Collect device identifiers, location, contacts, or browsing history
- Maintain user accounts — there is no sign-up and no login
Your rights and controls
You can at any time:
- Delete an entry — swipe to delete in the journal list
- Delete everything — Settings → Reset All Data
- Disable AI — Settings → AI Features toggle
- Disable iCloud sync — iOS Settings → Apple ID → iCloud → Deep Journal
- Export your data — Settings → Export as JSON
- Request help — email workingzian@gmail.com
For EU/UK residents (GDPR)
You have the right to access, correct, delete, or port your data, and to object to processing. Because Deep Journal does not operate a server, all of your data lives on devices you control — so these rights are exercised directly through the app's built-in controls. For anything you cannot resolve through the app, email the contact address above.
For California residents (CCPA)
We do not sell your personal information. The categories described above are all we handle.
Children
Deep Journal is intended for users aged 17 and older. We do not knowingly collect data from children under 17.
Security
- Local data is stored using SwiftData/CoreData with iOS's default file encryption
- iCloud sync uses Apple CloudKit with your Apple ID
- Synced content is additionally end-to-end encrypted with a key stored in your iCloud Keychain
- AI requests to Google are made over HTTPS
No system is perfectly secure. If you discover a security issue, please email workingzian@gmail.com before disclosing it publicly.
Changes to this policy
If this policy changes, we will update the "Last updated" date at the top. Material changes will be surfaced in the app as well.
Contact
Questions about this policy or about the app's data practices:
workingzian@gmail.com