Privacy Policy

Overview
Information We Collect
Voice Recordings & Transcription
AI Processing
How We Use Your Information
Data Storage & Security
Data Retention
Subscriptions & Payments
Your Rights
Third-Party Services
Children's Privacy
Changes to This Policy
Contact Us

1. Overview

Daily Check-In Coach ("we", "our", "the app") is a voice-first wellness coaching application. We are committed to protecting your privacy and handling your personal data with care. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

By using the app, you agree to the collection and use of information as described in this policy.

2. Information We Collect

Account Information

Email address (used for authentication and account recovery)
Password (stored securely using bcrypt hashing — we never store plaintext passwords)
Account creation date
Timezone preference

Check-In Data

Voice recordings (temporarily processed for transcription, not permanently stored)
Transcribed text from your voice recordings
AI-generated coaching responses
Mood selections
5-minute action items and their completion status

Usage Data

Check-in history and frequency
Streak tracking data
Check-in schedule preferences
Notification preferences
App theme preference (light/dark mode)

3. Voice Recordings & Transcription

Voice is central to our app. Here's how we handle your voice data:

Recording: Voice recordings are captured on your device during check-ins.
Transcription: Recordings are sent to OpenAI's Whisper API for speech-to-text conversion.
Storage: We store the text transcription, not the original audio recording. Audio data is processed in memory and discarded after transcription.
Read Aloud: When you use the Read Aloud feature, the coaching response text is sent to OpenAI's Text-to-Speech API to generate audio. This audio is streamed to your device and not permanently stored on our servers.

Key point: Your voice recordings are never permanently stored on our servers. They are processed in memory for transcription and immediately discarded.

4. AI Processing

We use OpenAI's GPT-4o model to generate coaching responses. Here's what you should know:

Your transcribed check-in text is sent to OpenAI's API for analysis and response generation.
To provide contextual coaching, the AI may review your most recent check-ins (up to 5 previous entries) when generating a response.
Weekly review summaries are generated by analysing your check-ins from the past week.
OpenAI processes this data according to their API data usage policy, which states that API data is not used to train their models.

5. How We Use Your Information

We use your information to:

Provide the core check-in and coaching service
Generate personalised AI coaching responses based on your check-in history
Create weekly review summaries
Send scheduled check-in reminders and action reminders
Track your check-in streaks and progress
Manage your subscription and trial period
Support account recovery (password reset)
Improve the app experience

We do not:

Sell your personal data to third parties
Use your data for advertising purposes
Share your check-in content with other users
Use your data to train AI models

6. Data Storage & Security

We take the security of your data seriously:

Database: Your data is stored in a secure PostgreSQL database.
Passwords: Passwords are hashed using bcrypt before storage.
Sessions: Authentication sessions use secure, httpOnly cookies.
Transport: All data in transit is encrypted using HTTPS/TLS.
Security Headers: We use Helmet.js to set security-related HTTP headers.
Rate Limiting: API endpoints are rate-limited to prevent abuse.

7. Data Retention

We retain your data as follows:

Active accounts: Your data is retained as long as your account is active and your subscription is valid.
Cancelled or expired accounts: If your subscription is cancelled or expires, your data is retained for 6 months. After this period, your account and all associated data (check-ins, actions, inbox items, settings, and weekly reviews) are permanently deleted.
Data export: You can export up to 6 months of your check-in data as a CSV file at any time from the Profile screen before your data is deleted.
Manual deletion: You may request immediate deletion of your account and data by contacting us.

Automatic cleanup: A weekly process checks for accounts that have been in a cancelled or expired state for more than 6 months and permanently removes them along with all associated data.

8. Subscriptions & Payments

Free trial: New users receive a 7-day free trial with full access to all features. No payment information is required to start a trial.
Payments: Subscriptions are managed through the Apple App Store or Google Play Store. We do not directly collect or store your payment information (credit card numbers, billing addresses, etc.).
Receipt verification: We verify subscription receipts with Apple/Google to confirm your subscription status.
Subscription data: We store your subscription status (trial, active, expired, cancelled), product identifier, and expiry date.

9. Your Rights

You have the following rights regarding your personal data:

Access: You can view all your check-in data within the app's History section.
Export: You can export your check-in data as a CSV file from the Profile screen.
Correction: You can update your email and password through the app.
Deletion: You can request deletion of your account and all associated data by contacting us. Data is also automatically deleted 6 months after subscription expiry.
Portability: The CSV export feature allows you to take your data with you.

If you are located in the European Economic Area (EEA), United Kingdom, or South Africa, you may have additional rights under GDPR, UK GDPR, or POPIA respectively, including the right to lodge a complaint with a supervisory authority.

10. Third-Party Services

We use the following third-party services:

OpenAI: For speech-to-text transcription (Whisper API), AI coaching responses (GPT-4o), and text-to-speech (TTS API). See OpenAI's Privacy Policy.
Apple App Store / Google Play: For subscription management and payment processing.
Expo: For app distribution and updates. See Expo's Privacy Policy.

We do not use analytics or advertising SDKs.

11. Children's Privacy

Daily Check-In Coach is not intended for use by children under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child under 16, please contact us and we will promptly delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of the app after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy, your data, or wish to exercise any of your rights, please contact us at:

Email: support@dailycheckincoach.com

We aim to respond to all enquiries within 30 days.

Contents