Privacy Policy

At Journal Party, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

Journal Party is a platform for pen and paper journalers to gather in automated chat-based sessions and write together. We provide the social layer for journaling while respecting your privacy and the personal nature of your writing practice.

By using Journal Party, you agree to the collection and use of information in accordance with this policy.

We collect several types of information to provide and improve our Service:

Account Information

• Email address (required for account creation)
• Display name (chosen by you)
• Profile picture (optional)
• Timezone preference

Usage Data

• Events attended and participation history
• Programs completed and progress tracking
• Streaks and achievement data
• Chat messages sent during events
• Device type, browser type, and operating system
• IP address and approximate location (country/region)

Payment Information

When you subscribe to a premium plan, payment information is collected and processed by our payment partners, including Stripe for new web purchases and the Apple App Store or Google Play for native subscriptions. Some legacy subscriptions may continue to be billed through PayPal. We do not store your full payment credentials on our servers. We only receive confirmation of payment status and subscription details needed to provide service access.

Cookies and Similar Technologies

We use cookies and similar tracking technologies to track activity on our Service and store certain information. These include:

• Essential cookies for authentication and session management
• Preference cookies to remember your settings
• Analytics cookies to understand how you use our Service

We use the information we collect for various purposes:

• To provide and maintain the Service
• To notify you about changes to our Service
• To allow you to participate in interactive features (events, chat)
• To provide customer support
• To gather analysis or valuable information to improve our Service
• To monitor the usage of our Service
• To detect, prevent, and address technical issues
• To send you promotional communications (with your consent)
• To process your subscriptions and payments

We share your information with the following third-party services that help us operate Journal Party:

Supabase

Our backend infrastructure and database are powered by Supabase. They store your account data, usage data, and content. Supabase is SOC2 compliant and employs industry-standard security measures.

Stripe

We use Stripe to process payments. When you make a purchase, Stripe receives your payment information directly. Please review Stripe's privacy policy for details on how they handle your data.

PayPal

Some legacy subscriptions may continue to be billed through PayPal. In those cases, PayPal receives your payment information directly. Please review PayPal's privacy policy for details on how they handle your data.

Sentry

We use Sentry for error tracking and monitoring. When errors occur, Sentry may receive technical information about the error, including browser details and anonymized usage context, to help us identify and fix issues.

Vercel

Our website is hosted on Vercel. They may collect basic analytics data (page views, visitor counts) to help us understand traffic patterns. Vercel does not have access to your personal account information.

Advertising and analytics partners

We work with advertising and measurement partners such as Meta, TikTok, and Google so we can run marketing campaigns, measure their performance, and show Journal Party ads to people who are likely to be interested. When you visit our web pages and your device has analytics enabled, we may share limited identifiers (for example advertising cookies, click identifiers, hashed email when provided, and pages viewed) with these partners through pixels or server-side APIs.

We do not receive money in exchange for personal information, but under some US state privacy laws (including California's CPRA) this kind of sharing for cross-context behavioral advertising can be classified as a “sale” or “sharing” of personal information. You can opt out at any time using our Your Privacy Choices control, which is available in the footer of every page and in Settings.

Aggregated and de-identified information that cannot reasonably be linked back to you may be shared with partners for marketing, research, or other business purposes.

We implement appropriate technical and organizational security measures to protect your personal information, including:

• Encryption of data in transit (HTTPS/TLS)
• Encryption of sensitive data at rest
• Regular security assessments and updates
• Access controls and authentication requirements
• Secure password hashing

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

Depending on your location, you may have certain rights regarding your personal information:

For All Users

• Access your personal data through your account settings
• Update or correct your information
• Delete your account and associated data
• Opt out of marketing communications
• Export your data

For EU/EEA Residents (GDPR)

Under the General Data Protection Regulation, you have additional rights including:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision-making

For California Residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act, gives you specific rights with respect to your personal information. These include:

• Right to know. You can ask us to tell you the categories and specific pieces of personal information we have collected about you, the sources it came from, the business purposes we use it for, and the categories of third parties we share it with.
• Right to delete. You can ask us to delete personal information we have collected from you, subject to certain exceptions.
• Right to correct. You can ask us to correct personal information you believe is inaccurate.
• Right to opt out of sale or sharing. You can ask us to stop “sharing” your personal information with advertising partners for cross-context behavioral advertising (as those terms are defined under CPRA). You can exercise this right using our Your Privacy Choices control, which is available in the footer of every page. We do not sell personal information in exchange for money.
• Right to limit use of sensitive personal information. You can ask us to limit our use of any sensitive personal information we collect to purposes that are necessary to provide the services you requested.
• Right to non-discrimination. We will not discriminate against you for exercising any of these rights. You will receive the same service and price regardless of the choices you make.
• Authorized agents. You can designate an authorized agent to make a privacy request on your behalf. We may ask for written authorization and proof of identity before responding.

Global Privacy Control. Journal Party honors the Global Privacy Control browser signal. If your browser or extension sends a GPC signal when you visit our web pages, we treat that as a verified opt-out of the sale and sharing of personal information for that browser, and we do not require any further action from you.

To exercise any of these rights (other than the opt-out of sale and sharing, which you can handle yourself through the Your Privacy Choices control), please email us at privacy@journalparty.com. We will respond within the time required by law. We may need to verify your identity before fulfilling certain requests.

We retain your personal information for as long as your account is active or as needed to provide you services. We will also retain and use your information as necessary to:

• Comply with our legal obligations
• Resolve disputes
• Enforce our agreements

If you delete your account, we will delete your personal information within 30 days, except for data we are required to retain for legal or legitimate business purposes.

Journal Party is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us.

If we become aware that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to remove that information from our servers.

Your information may be transferred to and maintained on servers located outside of your country of residence. If you are located outside the United States, please be aware that information we collect will be transferred to and processed in the United States.

By using our Service, you consent to the transfer of your information to the United States and other jurisdictions as necessary for the purposes described in this Privacy Policy.

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

For material changes, we will provide notice through the Service or by sending you an email. We encourage you to review this Privacy Policy periodically for any changes.

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: privacy@journalparty.com
• Website: journalparty.com

For GDPR-related inquiries, you may also contact your local data protection authority.