Your data, in plain English.

Information You Provide

• Account information: your email address and any display name you set
• Journal entries: the daily logs, wins, lessons, and reflections you submit through the app
• App preferences and settings you configure

Information We Collect Automatically

• Log data: IP address, browser type, pages visited, and timestamps (standard server logs)
• Device information: browser version, operating system, screen size
• Usage patterns: which features you use and how frequently
• Cookies: small files stored on your device to keep you logged in and remember preferences

Information We Do Not Collect

• We do not ask for your name, age, phone number, or address
• We do not collect payment information (we use trusted third-party processors when payments are introduced)
• We do not knowingly collect information from children under 13

We use the information we collect to:

• Provide the core service: generating AI-powered weekly, monthly, and yearly recaps from your journal entries
• Send transactional emails such as account confirmations, recap delivery notifications, and password resets
• Improve and maintain the app: diagnosing bugs, analyzing usage, and improving features
• Protect security: detecting fraudulent or abusive activity

We do not use your data to send marketing or promotional emails. We do not sell your data. Ever.

U In Review (Sarah Duncan Designs LLC) uses third-party artificial intelligence services to generate your recaps. This means your journal entries are transmitted to and processed by:

• Google (Gemini models) — Privacy policy: policies.google.com/privacy
• OpenAI (GPT models) — Privacy policy: openai.com/policies/privacy-policy

When your entries are sent to these services, they are processed according to those companies' own privacy policies and API terms. We encourage you to review those policies.

We are actively working to ensure that your data is not used to train third-party AI models. You can review and manage data settings with these providers directly.

Your journal entries are private. We do not share them with other users, advertisers, or any third parties beyond the AI processors described above and our hosting infrastructure.

• Your journal entries and account data are stored in our secure database until you delete your account
• When you delete your account, we will delete your personal data and journal entries within 30 days
• Aggregate, anonymized usage statistics (with no connection to your identity) may be retained for product improvement
• Log files may be retained for up to 90 days for security purposes

We use cookies for:

• Authentication: keeping you logged in across sessions
• Preferences: remembering app settings you've configured

We do not currently use advertising cookies or cross-site tracking cookies. If we introduce analytics tools in the future, we will update this policy and notify you.

All Users

• Access: You can view your journal entries and account information within the app at any time
• Correction: You can edit or delete individual entries
• Deletion: You can delete your account and all associated data from your settings page
• Data portability: Contact us at legal@uinreview.com to request an export of your data

California Residents (CCPA)

If you are a California resident, you have the right to know what personal information we collect, request deletion of your information, and opt out of the sale of your personal information (we do not sell personal information). To exercise these rights, contact us at legal@uinreview.com.

EU/UK Residents (GDPR)

If you are located in the European Union or United Kingdom, you have additional rights under the GDPR including the right to access, rectify, erase, and port your data, and to object to or restrict processing. Our legal basis for processing your journal entries is the performance of our service agreement with you (Article 6(1)(b) GDPR). To exercise your rights, contact us at legal@uinreview.com.

We use industry-standard security measures including encrypted data transmission (HTTPS/TLS), secure storage, and access controls to protect your information. However, no system is 100% secure. In the event of a data breach that affects your information, we will notify you as required by applicable law.

Our service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will promptly delete it. If you believe we have inadvertently collected such information, please contact us at legal@uinreview.com.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (to the address on your account) and update the "Last Updated" date above. Your continued use of the service after notification constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or your data, please contact us:

Sarah Duncan Designs LLC, doing business as U In Review
Email: legal@uinreview.com
Website: uinreview.com