Privacy Policy

Last updated: March 22, 2026

Introduction

Grith is a local-first journaling and reflection app. This policy describes what stays on your device, what may be sent over the network when you use optional online features, and what choices you have.

Information We Collect

Information you provide

• Local profile fields: Your optional display name and personal note are stored locally on your device. The current mobile app does not provide a traditional cloud account.
• Journal entries: Journal text, mood ratings, emotions, tags, and related metadata are stored locally on your device by default.
• Chat history: Chat sessions and message history are stored locally on your device.
• Personalization answers: Onboarding answers and About You preferences are stored locally on your device.

Automatically collected information

• Device identifier: The app generates a random device identifier for AI rate limiting, feedback continuity, and abuse prevention when you use online features. It does not include your real-world identity.
• Network metadata: When you use online AI or feedback features, our servers may receive your IP address, request timestamps, and standard request metadata.
• Technical metadata: AI requests may include your device locale, timezone, local time, and detected message language to improve response quality and language matching.
• Subscription and update metadata: Apple, RevenueCat, Expo, and related infrastructure may receive standard device, app-version, and network metadata needed to process purchases, renewals, restores, and app updates.

Information sent for optional AI features

If you choose to use Cloud AI, the app may send:

• your message and recent chat history needed for continuity
• optional recent journal context when used to improve reply quality
• selected onboarding fields and your optional personal note when needed to personalize Cloud AI replies
• journal entry text when you request AI analysis
• the last 7 days of journal and chat text when you enable AI Weekly Insights

How We Use Information

We use information to:

• provide journaling, mood tracking, and progress features
• provide optional AI chat, journal analysis, and weekly insights
• respond to support requests and feedback
• honor your privacy choices, including Cloud AI consent and opt-out settings
• prevent abuse, including AI rate limiting
• detect and address technical issues

If you use the feedback form, your message, device ID, platform, device model, OS version, app version, build number, and IP address may be forwarded to our Telegram support inbox for review.

Storage and Security

• Local-first storage: Journal entries, chat history, and most app data stay on your device. Grith does not currently provide its own cloud sync or cloud backup service. Depending on your device and OS settings, system-level backup and restore may still apply.
• Local profile summary: The About You portrait is generated locally from onboarding answers and your optional personal note.
• Device security: Local storage depends on your device protections, such as passcode and OS-level encryption.
• Encryption in transit: Online requests are sent over HTTPS.
• AI processing: To provide AI features, our backend forwards only the content needed for the requested feature to AI service providers. We aim to minimize what is sent and do not use your content for advertising.
• Stateless backend: Our backend may process personalization fields during AI requests, but it does not store them as ongoing user profile state.
• Safety systems: We may apply automated safety checks, including moderation, to protect users and prevent misuse.

Sharing and Disclosure

We do not sell personal information. We share limited data only when needed to operate the features you request.

• RevenueCat: Subscription purchase state and subscription management.
• Apple App Store / StoreKit: Processing purchases, renewals, and subscription management when you buy through Apple.
• Expo / EAS Updates: App update delivery and related device, app-version, and network metadata needed to provide those updates.
• Render: Hosting for the stateless backend.
• OpenRouter: Routing optional Cloud AI requests to model providers.
• OpenAI: Moderation and AI services where configured.
• Telegram: Delivery of support feedback submitted through the app.

When service providers process data for the functionality you request, we limit sharing to what is needed for that feature and select providers that commit to protecting data with safeguards reasonably comparable to those described in this policy.

We may also disclose information to comply with legal requirements or protect safety, rights, and property.

Your Rights and Choices

You can:

• edit profile information and journal content stored in the app
• delete journal entries and chat sessions in the app
• use Delete All My Data in Settings to erase local app data
• edit or remove personalization answers and your optional note
• turn Cloud AI off in Privacy & Data settings or revoke earlier Cloud AI consent
• stop using optional AI features at any time
• turn AI Weekly Insights on or off in Settings
• contact support with privacy questions

The app does not currently include a built-in portable export feature. If you need help accessing local data on your device, contact support.

GDPR Notes

Where GDPR applies:

• consent is the basis for optional Cloud AI processing, and you can withdraw it in Privacy & Data settings
• legitimate interests cover service reliability, abuse prevention, and security logging

Data Retention

• local app data stays on your device until you delete it
• server-side request logs and operational metadata are retained only as long as needed for security, debugging, and legal compliance

International Transfers

Optional Cloud AI may involve processing in the United States or other countries through providers such as OpenRouter and OpenAI.

Children's Privacy

Grith is rated 17+ on the App Store and is not intended for children under 17. We do not knowingly collect personal information from children under 17.

Supervisory Authority

If you are in the EEA, UK, or Switzerland, you may complain to your local supervisory authority if you believe your privacy rights have been violated.

Changes

We may update this policy from time to time. The latest version will be posted with a revised last-updated date.

Contact

For privacy questions, use the feedback form in the app or email dima.selenya@gmail.com.