This is the privacy notice for Spring. It tells you what we collect, why, where it lives, how long we keep it, and your rights — and how we'd handle your data if we add optional cloud AI, subscriptions or advertising in the future. See also the Terms of Use and EULA.
Who we are
the Spring app (feelings card deck and journal) is operated by chaimagal, Modiin, Israel. We are the data controller.
What we collect
Spring is a single-player journal; all of the below is scoped to you.
| Category | Includes | Why |
|---|---|---|
| Account | Email, hashed password | Sign-in |
| Journal entries | Feeling, classification, category, optional note, drawn-at | History and streaks |
| AI questions | Question, your answer if written, feeling it was for, language | Your reflection history |
| Settings | Theme, sound, language, category filter, AI toggle, last milestone | Preferences synced across devices |
| Events | Named events (shuffle, card_opened, ai_question_generated, streak_milestone…) | Analytics you see on-screen |
| Purchase status | Store receipt ID, product ID, subscription state (if you buy anything) | Unlock paid features |
No location, contacts, microphone, or camera. No advertising identifiers are collected today.
AI and data processing
Today, reflective questions are produced by a small model running on your phone. A RAM gate prevents it from loading on underpowered devices. Prompts and responses are not sent to us. The question text is written to your account only so you can see your history.
We may add cloud-based AI features in future — for example, a larger model that produces richer personalised questions or weekly reflection summaries. Before enabling any cloud AI feature, this section will name the cloud AI provider, the region it runs in, what we send, what is retained (we will contractually require no training on your content), and how to turn the feature off in Settings.
Where your data lives
Supabase (EU) Postgres with RLS. Every row is gated by user_id = auth.uid(); access is enforced by the database itself. TLS in transit, encryption at rest on the underlying infrastructure.
Sharing and third parties
No social features. We do not sell your data, and we do not train AI on it without your explicit, granular opt-in.
Processors used today:
- Supabase (Ireland / EU) — hosting, authentication, database.
- Apple and Google — distribution and store purchases.
Processor categories we may engage in future (each named here before it is enabled): cloud AI inference providers; crash reporting and product analytics; advertising networks and consent management platforms; customer-support tooling.
Subscriptions and payments
Spring is free to install. If we introduce paid features or a subscription, purchases are processed exclusively through the App Store or Google Play; we never see or store card or bank details. We receive a store receipt with the product ID, purchase time, and subscription status, used to unlock paid features and handle refunds. Subscriptions auto-renew under the store's terms; cancel in your Apple ID or Google account. Statutory withdrawal and cancellation rights (EU, UK, Israel, California ARL, Australia ACL) are not affected.
Advertising
Spring does not show advertising today. If we introduce advertising, this section will be updated to identify the ad partners, describe targeting (contextual or behavioural), and document the data they receive.
Regardless of future changes: we will not knowingly advertise to users under 16; we will not permit targeting based on sensitive categories (mental-health, mood, religion, political views, sexual orientation) derivable from Spring; non-essential ad tracking will be opt-in in the EU/EEA/UK/Brazil; a "Do Not Sell or Share" control will be available to California and similar-state users.
International transfers
Account data is stored in the EU. Transfers outside the EU (for example, to a US-based cloud AI provider) are covered by an adequacy decision where one applies, or by the European Commission's Standard Contractual Clauses with a transfer impact assessment and supplementary measures.
Retention and deletion
Individual entries and questions are deletable ("Clear all" or swipe). Account deletion removes everything — journal entries, AI questions, settings, purchase receipts — within 30 days. Backups containing your data roll off on their own lifecycle (up to 35 days).
Your rights
GDPR, UK GDPR, CCPA/CPRA, Israeli Protection of Privacy Law, LGPD (Brazil), PIPEDA (Canada) and similar laws grant access, correction, export, deletion, restriction, objection and consent-withdrawal rights. Contact support@chaimagal.com; we respond within 30 days (extendable to 60 with notice).
Children
Not directed at children under 13. We do not serve advertising to minors.
Security and changes
TLS, short-lived tokens, RLS, encryption at rest. 72-hour breach notification to the supervisory authority where required.
Material changes — including enabling cloud AI, introducing subscriptions, or introducing advertising — update the date at the top and are notified in-app and by email at least 30 days before taking effect.