Luna Journal
Privacy Policy
Last updated: May 20, 2026
Luna Journal ("the App", "we", "our") is a voice journaling application developed by Novaire Digital(" Developer"). This Privacy Policy explains what data we collect, how we use it, and your rights as a user.
1. Who we are
Luna Journal is an independent application. For privacy questions, contact hellonovairedigital@gmail.com.
2. Data we collect and why
2.1 Audio recordings
- What: When you use the recording feature, the App captures audio through your device microphone.
- Why: To transcribe your journal entries using the OpenAI Whisper API.
- Storage: Audio files are stored locally on your device only. They are not uploaded to our servers. The audio file is sent directly to OpenAI's Whisper API for transcription, then the local file remains on your device.
- Retention: Audio files remain on your device until you uninstall the App or delete entries.
2.2 Journal transcripts and AI analysis
- What: The text transcript of your recordings, plus AI-generated reflections (Therapist, Friend, Coach perspectives, title, emoji, mood summary, tags).
- Why: To power the journaling experience — storing your entries locally and generating personalised reflections.
- Storage: All journal data (transcripts, analysis results) is stored in a local database (Isar) on your device. Data is not stored on our servers.
- Third-party AI:Transcripts are sent to OpenAI's API (Whisper for transcription, GPT-4o for analysis). OpenAI's privacy policy applies to data processed through their APIs: openai.com/policies/privacy-policy.
2.3 Google Sign-In and account data
- What: Your Google account email, display name, and unique user ID.
- Why: To authenticate you securely via Firebase Authentication without storing passwords.
- Storage:Firebase Authentication (Google) processes this data. We store only a local reference to your user ID. Firebase's privacy policy applies: firebase.google.com/support/privacy.
2.4 Notion integration (optional)
- What: Your Notion API integration token and database ID, if you choose to connect Notion.
- Why: To sync your journal entries and AI reflections to a Notion database of your choice.
- Storage:The token is stored in your device's encrypted secure storage (Android Keystore via flutter_secure_storage). It is never sent to our servers. Notion's privacy policy applies: notion.so/Privacy-Policy.
2.5 Google Drive backup (optional)
- What: A JSON export of your journal entries and analyses.
- Why: To provide cloud backup and restore capabilities, if you enable Drive integration.
- Storage:Files are written to your personal Google Drive account under a "Luna Journal" folder. We access only files created by the App. Google's privacy policy applies: policies.google.com/privacy.
2.6 Usage data and analytics
We do not collect analytics, crash reporting, or usage telemetry beyond what Firebase Authentication inherently records (sign-in events).
2.7 Subscription data (RevenueCat)
- What: Purchase receipts and subscription status for premium features.
- Why: To verify your subscription entitlement.
- Storage:Processed by RevenueCat. We receive only an entitlement status (premium or free). RevenueCat's privacy policy applies: revenuecat.com/privacy.
3. How we share your data
We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes.
Data is shared with the following third-party services only as described above:
- OpenAI — audio files (for transcription) and transcripts (for AI analysis)
- Google / Firebase — authentication
- RevenueCat — subscription management
- Notion — if you enable the integration
- Google Drive — if you enable Drive backup
4. Sensitive permissions
The App requests the following Android permissions:
| Permission | Purpose |
|---|---|
RECORD_AUDIO | Capturing voice journal entries |
POST_NOTIFICATIONS | Sending daily reminder notifications (configurable, off by default) |
RECEIVE_BOOT_COMPLETED | Re-scheduling background jobs (morning AI analysis, widget refresh) after device restart |
INTERNET | API calls to OpenAI, Firebase, Notion, RevenueCat, Google Drive |
We do not request access to your contacts, location, calendar, or camera.
5. Data storage and security
- All journal data is stored locally on your device using Isar (an embedded database).
- API tokens (Notion) are stored in Android Keystore via flutter_secure_storage — the most secure local storage available on Android.
- All network communication uses HTTPS (TLS). Cleartext HTTP is disabled.
- We do not operate our own servers or cloud database for journal content.
6. Children's privacy
The App is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.
7. Your rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Request deletion of your data
- Withdraw consent at any time
Since journal data is stored locally on your device, you can delete it at any time by clearing the App's data or uninstalling the App. For data held by third-party services (OpenAI, Firebase, RevenueCat), refer to their respective privacy policies.
For any privacy requests, contact hellonovairedigital@gmail.com.
8. Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via an in-app notice or by updating the "Last updated" date above.
9. Contact
Developer: Novaire Digital
Email: hellonovairedigital@gmail.com