Privacy Policy

Our Privacy Commitment: Zero-Knowledge, End-to-End Encryption

At InkFiction, your privacy is our foundation. We use end-to-end encryption (E2EE) for all journal entries, meaning your text is encrypted on your device before any cloud synchronization. We implement a zero-knowledge architecture: not even InkFiction servers can decrypt your journal content. This privacy policy explains how our encryption works and what data we collect.

End-to-End Encryption Architecture

How E2EE Works in InkFiction

InkFiction implements true end-to-end encryption for journal entries using industry-standard cryptographic protocols:

• Encryption Standard: AES-256-GCM (authenticated encryption with Galois/Counter Mode)
• Key Derivation: PBKDF2-SHA256 with 100,000 iterations
• Key Storage: Your master encryption key is derived from your password and stored exclusively in your device's iOS Keychain (device-only accessibility)
• Initialization Vectors: Random 12-byte IV generated per encryption operation
• Content Integrity: SHA-256 hashes and GCM authentication tags verify data hasn't been tampered with

What This Means for You

• Zero-Knowledge: InkFiction servers cannot decrypt your journal entries, even if compelled by law enforcement
• Encrypted at Rest: Journal entries are stored encrypted in our database
• Encrypted in Transit: All data transmission uses HTTPS/TLS encryption
• Multi-Device Support: Your password derives the same encryption key on all your devices
• Recovery Codes: You receive 8 recovery codes (16 characters each) during setup to restore access if you forget your password

Important Security Note

⚠️ If you forget your encryption password and lose your recovery codes, we cannot restore access to your encrypted journal entries. This is by design - true zero-knowledge encryption means we have no backdoor to your data.

1. Information We Collect

1.1 Information You Provide

• Account Information: Email address, display name (optional), and password (encrypted by Supabase)
• Journal Content (End-to-End Encrypted): Your journal text, moods, and tags are encrypted on your device using AES-256-GCM before storage or sync. We store encrypted ciphertext, initialization vectors, and authentication tags, but cannot decrypt the content. AI-generated visuals are stored separately (see AI Processing section below)
• Preferences: Theme selections, font choices, notification settings

1.2 Information Automatically Collected

• Device Information: iOS version, device model (for optimization and support purposes)
• Usage Analytics: App usage patterns, feature interactions (may include anonymized metrics)
• Website Analytics: For our marketing website, we use Vercel Analytics and Speed Insights to collect anonymized page views, performance metrics, and user interactions. This data is privacy-friendly and does not use cookies or track personal information.
• Authentication Tokens: Secure session tokens for maintaining your login

1.3 Information We Do NOT Collect

• Precise location data
• Contacts or photos from your device (unless you explicitly share them)
• Advertising identifiers for ad targeting
• Biometric data (Face ID/Touch ID authentication is handled by iOS, not our servers)

2. How We Use Your Information

• Provide Core Features: Store and sync your journal entries in our cloud database
• AI Visual Generation: Process your journal text through AI models to generate personalized visual art
• AI Writing Assistance: When you use AI writing features, your text is sent to Google's Gemini API (via our Supabase edge functions) to provide writing suggestions and enhancements
• Improve the App: Analyze usage patterns and crash reports to improve features and fix bugs
• Send Notifications: Deliver daily prompts, reminders, and app updates (only if you enable notifications)
• Customer Support: Respond to your inquiries and troubleshoot technical issues

3. AI Processing and Third-Party Services

3.1 AI Visual Generation with Privacy-Conscious Architecture

InkFiction uses a separated architecture that minimizes personal data transmission while enabling AI visual features:

• Your encrypted journal text NEVER goes to AI services: Journal entries remain encrypted and stored locally or in our encrypted database
• Only anonymized mood descriptors are sent: When you request visual generation, the app creates anonymized emotional descriptors (e.g., "peaceful, reflective" or "anxious, hopeful") from your encrypted entry
• No personal identifiers in AI requests: AI services never see your name, email, journal content, or any identifiable information
• Visual generation from mood data only: AI generates artwork based solely on these anonymized descriptors, not your actual writing

This architecture ensures that even if AI service providers were compromised, your personal journal content remains protected by end-to-end encryption.

3.2 AI Writing Assistance

When you use AI writing features, your selected text is sent to Google's Gemini API through our Supabase edge functions. This allows us to provide intelligent writing suggestions without exposing API keys in the app.

• Only text you actively request AI assistance for is sent to the API
• Google's privacy policy applies to data processed by Gemini API
• We recommend reviewing Google's data handling practices

3.3 Important Note About AI Services

Please be aware that when using AI features, your journal content may be transmitted to third-party AI providers (such as Google). While we use secure connections, you should avoid using AI features for extremely sensitive content if you have privacy concerns.

4. Data Storage and Security

4.1 End-to-End Encrypted Cloud Storage

InkFiction stores journal entries in our Supabase cloud database with client-side encryption for maximum privacy:

• Encrypted before upload: Journal entries are encrypted on your device using AES-256-GCM before any data leaves your device
• Zero-knowledge storage: Our database stores encrypted ciphertext, IVs, and authentication tags - not plaintext content
• Encryption keys never leave your device: Your master encryption key is derived from your password and stored exclusively in your device's iOS Keychain
• Transport security: Encrypted connections (HTTPS/TLS) between your device and servers
• Row-level security: Database policies ensure users can only access their own encrypted entries
• Supabase compliance: Our infrastructure partner maintains SOC 2 Type II, GDPR, and HIPAA compliance

What this means: Even if InkFiction servers were breached, attackers would only obtain encrypted ciphertext without the keys to decrypt it. Your journal remains private.

4.2 Data Security Measures

• Authentication: Passwords are hashed and stored securely by Supabase Auth
• Transport Security: All data transmitted between the app and servers uses HTTPS encryption
• Access Control: Database policies ensure users can only access their own journal entries
• Regular Updates: We keep our backend infrastructure and dependencies up-to-date with security patches

4.3 Data Retention

• Active Accounts: Encrypted data is retained as long as your account is active
• Deleted Entries: When you delete a journal entry, the encrypted ciphertext is removed from the database
• Account Deletion: When you delete your account, all associated data (encrypted entries, encryption metadata, recovery codes) is removed from our systems
• Backups: Database backups may retain deleted encrypted data for up to 30 days for disaster recovery purposes. However, without your encryption password, this data remains inaccessible to anyone, including InkFiction
• Encryption Keys: Your device-stored encryption keys are never backed up to our servers. Keychain backups are managed by Apple iCloud (if you enable iCloud Keychain)

5. Data Sharing and Third Parties

5.1 We Do NOT Sell Your Data

We will never sell your personal information or journal content to advertisers or data brokers.

5.2 Third-Party Services We Use

• Supabase: Database, authentication, and edge functions hosting (see their privacy policy)
• Google Gemini API: AI writing assistance and content generation (see Google's privacy policy)
• Vercel Analytics: Privacy-friendly website analytics for our marketing pages (no cookies, GDPR-compliant, see Vercel's privacy policy)
• Apple: App distribution via App Store and TestFlight

5.3 Legal Requirements

We may disclose your information if required by law (e.g., court order, subpoena) or to protect our rights, safety, or the safety of others. We will attempt to notify you unless legally prohibited from doing so.

6. Your Privacy Rights

You have the right to:

• Access Your Data: View all your journal entries and account information within the app
• Export Your Data: Request a copy of all your data in a portable format (contact support)
• Delete Your Data: Delete individual journal entries or your entire account (Settings > Account > Delete Account)
• Control AI Usage: Choose whether to use AI features that send data to third parties
• Manage Notifications: Control all app notifications through iOS Settings

7. GDPR & CCPA Compliance

7.1 For EU Users (GDPR)

If you are in the European Economic Area, you have rights under GDPR including:

• Right to access your personal data
• Right to data portability (export your data)
• Right to rectification (correct your information)
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to object to automated decision-making

To exercise these rights, contact us at privacy@inkfiction.app.

7.2 For California Users (CCPA)

California residents have the right to:

• Know what personal information is collected and how it's used
• Request deletion of personal information
• Opt-out of data sales (we don't sell data)
• Non-discrimination for exercising CCPA rights

8. Children's Privacy

InkFiction is not intended for users under 13 years old. We do not knowingly collect information from children under 13. If you believe a child has provided us with personal information, please contact us at privacy@inkfiction.app.

9. Changes to This Policy

We may update this privacy policy from time to time. Significant changes will be communicated via email or in-app notification. Continued use of the app after changes indicates your acceptance of the updated policy.

10. Contact Us

If you have questions, concerns, or requests regarding your privacy:

• Privacy Inquiries: privacy@inkfiction.app
• General Support: support@inkfiction.app
• Data Protection Officer: Available upon request for GDPR inquiries