Back to Maat Journal

Privacy Policy

Last updated: January 2025

Introduction

At Maat Journal, we believe your thoughts and personal reflections are deeply private and should remain under your complete control. This Privacy Policy explains how we collect, use, and protect your information when you use our AI-powered journaling application and website.

We have designed our entire system around privacy-first principles, ensuring that your journal entries remain encrypted and accessible only to you through your personal recovery phrase.

Information We Collect

Voice Recordings

When you record journal entries, audio is temporarily processed for transcription purposes only. Voice recordings are:

  • Processed on your device and sent to our European backend for transcription
  • Transcribed using OpenAI Whisper technology
  • Immediately deleted from our backend after transcription
  • Never stored permanently on our servers

Journal Entries

Your transcribed journal entries are:

  • Encrypted locally on your device using AES-256 encryption
  • Stored in encrypted format in our cloud database
  • Accessible only through your BIP39 recovery phrase
  • Never readable by Maat Journal staff or our service providers

Metadata

We collect limited metadata for app functionality:

  • Entry dates and timestamps
  • Automatically extracted keywords and topics (for AI analytics)
  • App settings and preferences
  • Device sync information

Information We Don't Collect

  • Personal identification information (name, email, address)
  • Payment information (handled by app stores)
  • Device location data
  • Website cookies
  • Analytics or tracking data
  • Marketing or advertising data

How We Process Your Information

Voice Transcription

Voice recordings are sent to our European backend servers for transcription using OpenAI Whisper. The transcription process:

  • Occurs on secure, European-based servers
  • Processes audio temporarily for transcription only
  • Immediately deletes voice recordings after transcription
  • Returns transcribed text to your device for local encryption

Local Processing

Your device performs:

  • Keyword extraction using local AI models
  • AES-256 encryption of journal entries
  • Secure storage and synchronization
  • Recovery phrase generation and validation

Future AI Analytics

We may use unencrypted metadata (keywords, dates) for:

  • Improving AI coaching suggestions
  • Identifying trends in user well-being (anonymized)
  • Enhancing app features and functionality
  • Research purposes (aggregated and anonymized only)

Data Storage and Security

Encryption

We use military-grade security measures:

  • AES-256 encryption: The same standard used to protect Bitcoin wallets
  • HKDF key derivation: Advanced key generation from your recovery phrase
  • BIP39 standard: Industry-standard 12-word recovery phrases
  • Zero-knowledge architecture: We cannot access your encrypted data

Storage Locations

Your data is stored:

  • Locally: Encrypted on your device
  • Cloud database: Supabase servers located in Europe
  • Backend processing: European-based servers for transcription only
  • No US servers: All data processing occurs within Europe

Access Control

Your journal entries can only be accessed by:

  • You, using your 12-word recovery phrase
  • No one else, including Maat Journal staff
  • No cloud service providers (Supabase cannot decrypt your data)
  • No government agencies or third parties

Device Permissions

Maat Journal requests the following device permissions:

  • Microphone: For voice recording and transcription
  • File access: For data backup and export functionality
  • Notifications: For optional daily journaling reminders

All permissions are used solely for app functionality and can be revoked at any time through your device settings.

Third-Party Services

We use minimal third-party services, all with strong privacy protections:

  • Supabase: European cloud database provider (cannot access encrypted entries)
  • OpenAI Whisper: For voice transcription only (audio not stored)
  • App Stores: Apple App Store and Google Play Store for distribution

We do not share your personal data with any third parties for advertising, marketing, or any other purposes.

Your Rights and Control

Complete Data Control

You have full control over your data:

  • Access: All your data is accessible through the app
  • Export: Export all journal entries and data at any time
  • Delete: Delete individual entries or your entire account in app settings
  • Portability: Use your recovery phrase on any device

Recovery Phrase

Your 12-word recovery phrase is your master key:

  • Only you have access to your recovery phrase
  • We cannot recover your data without your phrase
  • Store it securely like cash or important documents
  • Never share it with anyone, including Maat Journal staff

Account Deletion

You can permanently delete your account and all associated data through the app settings. This action:

  • Removes all encrypted entries from our servers
  • Deletes all metadata and account information
  • Cannot be undone, even by Maat Journal staff
  • Takes effect immediately

Data Retention

We retain your data according to the following schedule:

  • Voice recordings: Deleted immediately after transcription
  • Journal entries: Stored encrypted until you delete them
  • Metadata: Retained for app functionality and analytics
  • Account data: Deleted immediately upon account deletion

You can delete individual entries or your entire account at any time through the app settings.

International Data Transfers

All data processing occurs within Europe to ensure strong privacy protections:

  • Backend servers are located in Europe
  • Supabase database servers are located in Europe
  • No data is transferred to or processed in the United States
  • Full compliance with GDPR and European privacy standards

Children's Privacy

Maat Journal is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will take steps to remove such information.

Security Measures

We implement comprehensive security measures:

  • Encryption in transit: All data transfers use HTTPS/TLS
  • Encryption at rest: All stored data is encrypted
  • Secure servers: European-based servers with strong security
  • Regular security audits: Ongoing security assessments
  • Incident response: Procedures for handling security issues

Website Privacy

Our website (maatjournal.com) is designed with privacy in mind:

  • No cookies are used
  • No analytics or tracking scripts
  • No personal data collection
  • No newsletter or marketing communications

Legal Basis for Processing

Under GDPR, we process your data based on:

  • Consent: You consent to voice transcription and data processing
  • Contract: Processing necessary for app functionality
  • Legitimate interest: Improving app features through anonymized analytics

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make changes:

  • We will post the updated policy on this page
  • We will update the "Last updated" date
  • We will notify users of significant changes through the app
  • Continued use of the app constitutes acceptance of changes

Contact Us

If you have any questions about this Privacy Policy, our privacy practices, or your data rights, please contact us:

Email: support@blueship.media

Company: Blueship Media Limited

Address: Kinyra 28, Office 303, 8011 Paphos, Cyprus

We are committed to addressing your privacy concerns and will respond to your inquiries promptly.