Recently, Apple added privacy details about how your data is used on all apps in the App Store. Day One’s full privacy policy can be found here.

Before we explain what these new details mean, first, a quick word about privacy in general. As a dedicated journaling app, we built Day One from the ground up with privacy in mind. We know that for many people, the data you store in Day One includes some of your most treasured, most personal life experiences. We’ve made trade-offs many other apps are unwilling to take, such as encrypting all of your data end-to-end by default. That means even we don’t have access to your data in unencrypted form. We would never sell your data...and with end-to-end encryption, that’s not just lip service--we couldn’t even if we wanted to. We don’t run ads and we don’t share your data with those who do. All of our revenue comes from direct payments from our users (for Premium subscriptions, printed books, etc.) Our business is built around providing a safe place to store your memories, so our incentives are aligned with yours. If we don’t keep your data safe, we don’t deserve your business.

Now, a brief explanation about what the new App Privacy details in the App Store mean. In the App Privacy section, tap See Details to see a full list of what information is used with Day One. Apple's list of definitions for each section can be found here.

FAQs

What does it mean when it says the data is “linked to you?”

Apple requires us to identify what data is “linked to you” according to the following definition:

Indicate if the data collected from this app is linked to the user’s identity (via their account, device, or details). Data collected from an app is usually linked to the user’s identity via these means, unless specific privacy protections are put in place before collection to de-identify or anonymize it, such as:

  • Stripping data of any direct identifiers, such as e-mail address or name, before collection.
  • Manipulating data to break the linkage and prevent re-linkage to real-world identities.
  • Additionally, in order for data not to be linked to a particular user’s identity, you must avoid certain activities after collection:

For Premium and Plus users who sync their data, Day One ties your data to your account. That’s how we are able to identify which data belongs to you so that we can download it across your devices. Your account is tied to your identity as part of the account creation process, typically with an email address, or through Sign in With Apple. This process enables our customer support team to assist you with any help you may need.

It’s important to note that for the vast majority of our users, no data is linked to you. For Basic users, we don’t collect your journal data to our servers--it is all stored locally on your device. For all users who joined Premium since September 24, 2019 (version 4.2), end-to-end encryption has been turned on by default. What we collect in that case is not the raw data, but encrypted data that we are unable to decipher. It can only be deciphered on the user’s device (which contains the key). So the only users to whom this “linked data” pertains are Premium or Plus users who are syncing data from journals that are set to Standard Encryption (typically because they were created before we introduced end-to-end encryption as the default).

How do you use the data you collect?

  • Contact info -- we use email addresses as part of the process for creating a Day One account. Some users receive email communications from us (typically less than once per month).
  • Health and fitness -- we offer users the option to include a daily step count in their journal entries
  • Location -- we offer users the option to automatically record the location of their journal entries
  • User content -- we offer users the option to backup and sync their journal entries (including text, photos, videos, audio recordings, etc.) across multiple devices.
  • Purchases -- we offer users the option to purchase a Premium membership for access to a set of Premium features.
  • Identifiers -- we use account IDs and device IDs to keep track of user data and membership level.
  • Usage data - we track product interaction data (like app launches, taps, etc.) to learn how we can improve the usability of our app.
  • Diagnostics - we track data around crashes, load times, etc. to learn how we can improve the performance of our app.

Did this answer your question?