Privacy Policy

Effective Date: April 9, 2026

myVault ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our iOS application.

1. Data Accessed

When you sign in with Google, we request the following:

  • Basic Profile Information: Your name and email address, used to identify your account.
  • Google Drive (Limited): Access to files created by this app only (via the "drive.file" scope). This is the most restrictive Drive permission available — the app cannot see or access any other files in your Google Drive.

2. How We Use Your Data

We use your data solely to provide the myVault service:

  • Authentication: Your name and email are used to sign you in and display your account.
  • Journal Storage: Your journal entries are stored as a single JSON file directly in your own Google Drive.
  • AI Insights (Optional): If you choose to enable AI features, your entries are sent to Claude (Anthropic) using an API key you provide and control. We do not store or relay this data through our servers.
  • No Other Processing: We do not analyze, profile, or process your data for any purpose other than the core app functionality.

3. Data Storage

Your Data: All journal entries are stored exclusively in your personal Google Drive account. We do not maintain any central database or server-side copies of your content.

On Device: Authentication tokens are stored securely on your device using the iOS Keychain. Your optional Claude API key is also stored in the Keychain and never leaves your device.

4. Data Sharing

We do not share, sell, rent, or trade your personal information with third parties.

Your data flows directly between your device and Google's servers (for storage) or Anthropic's servers (for optional AI features). We have no access to your stored content.

5. Data Retention

Your Content: Remains in your Google Drive until you delete it. We have no control over or access to this data.

On Device: Authentication and API keys persist in the iOS Keychain until you sign out or delete the app.

6. Your Rights

You maintain full control over your data:

  • Access: Your journal data is in your Google Drive — you can access it anytime.
  • Deletion: Delete your journal file from Google Drive at any time.
  • Revoke Access: Remove myVault's access via your Google Account permissions.

7. Security

We implement industry-standard security practices:

  • All communications are encrypted via HTTPS/TLS.
  • OAuth 2.0 is used for secure authentication — we never see your Google password.
  • Sensitive credentials are stored in the iOS Keychain, not in plain text.
  • The "drive.file" scope ensures minimal permissions.

8. Tracking and Advertising

The myVault app does not use:

  • Analytics or tracking pixels
  • Advertising cookies or networks
  • Any third-party data collection services

This website (myvault.studio) uses Vercel Analytics to measure page visits and improve the site. This is privacy-friendly, cookie-free analytics that does not track you across other websites or collect personal information. No data from the website is connected to your journal or app usage.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Effective Date".

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at the email address provided in the application.

Back to Home