T30 Journal โ Privacy Policy
Effective date: May 28, 2026 ยท iPhone app & optional web
T30 Journal (“T30,” “we,” “us,” or “our”) is a journaling app that helps you track your day in 30-minute blocks. This policy applies to the T30 Journal app on iPhone (distributed on the App Store) and describes how we handle your information there. Optional web access uses the same backend and is summarized in §2.11 below.
Unless a section explicitly refers to the web client, descriptions of storage (for example Core Data, Keychain, and iOS permissions) apply to the iOS app.
- Your journal syncs securely via Firebase (Google Cloud), protected by authentication rules and security policies. Premium subscribers may additionally encrypt selected journal fields on-device before upload. We do not read your data in the ordinary course of business.
- We do not sell, rent, or share your personal data for advertising or marketing.
- We use Google Analytics only on the optional web app for coarse usage and funnel analytics. We do not use analytics for advertising, and we do not send journal content, partner content, locations, emotions, needs, names, emails, or Firebase UIDs as analytics event parameters.
- You can delete your account and all in-app data at any time from within the app.
1. Who We Are
| App | T30 Journal |
| Platforms | iOS (iPhone), App Store; optional web companion |
| Developer | Multum Non Multa LLC |
| Contact | t30journal@gmail.com |
| Website | t30journal.com |
| Privacy Policy | t30journal.com/privacy-policy |
| Terms of Use (App Store) | Apple Standard EULA (licensed app and in-app purchases) |
2. Information We Process
2.1 Journal Content (User-Created)
- Time-block entries and activity descriptions
- Notes
- Emotions (primary, secondary, tertiary selections and intensity)
- Needs (primary and secondary selections)
- Photos attached to entries (captured with camera or selected from photo library)
- Location data associated with entries (GPS coordinates and/or saved custom locations)
- Sleep tracking entries
On the native app, journal content is stored on your device using Core Data. On the web app, Firebase caches synced content locally in your browser (IndexedDB). When you are signed in, journal entries sync to Firebase Firestore and photos upload to Firebase Storage, both hosted on Google Cloud. Access is restricted by Firebase Authentication and Firestore security rules so that only you can read or write your own journal data.
2.2 Account Identity
If you use Sign in with Apple, the app processes:
- Apple user identifier (opaque token)
- Name (if you choose to share it during sign-in)
- Email address (if you choose to share it during sign-in; Apple may provide a private relay address)
- Firebase authentication identifier (UID), assigned when your Apple credential is linked to Firebase Auth
Apple credentials are stored locally in your device’s Keychain. Firebase Auth maintains a server-side authentication record that includes your Firebase UID and the linked Apple identity. These are used for account state, sync eligibility, and partner connection features. Apple provides name and email only on the first sign-in; subsequent sign-ins use the locally cached values.
If you use Google Sign-In, the app processes the Google account identifier and profile metadata that Google returns to the app, linked to the same Firebase UID. Credentials are stored per Google’s and Firebase’s sign-in flows.
2.3 Partner Sharing Content
When you opt in to partner features, the app processes:
- Invite code and connection state
- Sharing preferences (which fields your partner can see)
- Partner nudges
- Partner messages, questions, and replies
- Shared check-in data, including activity, notes, emotions, needs, and — when included — GPS coordinates and location names
- Live location (optional): if you turn on live location sharing, your device sends periodic GPS updates to Firebase so your connected partner can see your position on a map until you turn sharing off. Updates use battery-efficient significant-location-change monitoring by default, with higher-frequency updates only while you have the app open or your partner is actively viewing the live map. Live location documents are retained in the cloud for up to seven days and include coarse device battery state and automated spoofing checks (e.g., simulated location flags).
- Shared photos (stored in Firebase Storage; download URLs stored in Firestore)
- Shared daily summary reports (completion counts, top activities, emotion summary)
- Both partners’ Firebase UIDs and display names on partnership documents
- Encrypted contact profile fields (optional): display name, email, phone number, and photo URL may be stored in encrypted form on the partnership record using keys exchanged between connected members
Partner content is user-generated. When sharing is active, a copy of shared data is stored in Firebase Firestore under a partnership document accessible to both connected partners. Shared photos are uploaded to Firebase Storage. Each partner controls what they share. Content you intentionally share with a partner (check-ins, reports, photos, messages, live location) remains readable by that partner; client-side encryption applies to your private journal sync and to encrypted contact-profile fields, not to shared partner content both of you are meant to access.
2.4 App Settings and Preferences
- Display preferences (dark mode, emotion/need display toggles)
- Notification settings (frequency, time window)
- Daily start and end times
- Custom emotion and need color assignments
- Partner notification preferences
Settings are stored in UserDefaults on your device. For premium subscribers with multi-device sync enabled, settings also sync via Apple’s iCloud Key-Value Store and Firebase Firestore.
2.5 Subscription and Purchase Data
If you subscribe to T30 Premium in the iOS app, Apple processes the transaction through StoreKit. If you subscribe on the web, Stripe processes the checkout, 7-day trial eligibility, recurring billing, cancellations, and billing portal. We receive confirmation of your subscription status, product, platform, trial state, and expiration date, but we do not receive or store your full payment card details. Apple’s terms govern licensed app purchases; see Apple’s Privacy Policy and Apple’s Standard End User License Agreement (EULA) for licensed applications. Stripe’s services are governed by Stripe’s Privacy Policy.
2.6 Device Permissions
The app may request the following permissions, each of which you can grant or deny:
| Permission | Purpose |
|---|---|
| Camera | Attach photos to journal entries |
| Photo Library | Select existing photos for entries; save exported images |
| Location (When In Use) | Tag entries with your current location |
| Location (Always) | Optional live location sharing with your connected partner while sharing is enabled (background updates with an in-app indicator) |
| Face ID / Touch ID | Secure the app with biometric authentication (App Lock) |
| Notifications | Send journaling reminders and partner activity alerts |
Biometric data (face or fingerprint) is processed entirely on your device by Apple’s Secure Enclave. T30 Journal never receives, stores, or transmits biometric data. We only receive a pass/fail result.
2.7 Push Notifications
When partner notifications are enabled, the app registers for push notifications through Firebase Cloud Messaging (FCM). This involves:
- A device token issued by Apple Push Notification service (APNs) and mapped to an FCM registration token
- The FCM token is stored in Firebase Firestore under your user record so that our server-side functions can deliver partner activity alerts to your device
- Push notification payloads contain only routing identifiers (partnership ID and document ID) — not message text or journal content
- You can disable partner push notifications in the app’s settings at any time
2.8 Server-Side Processing
T30 Journal uses Firebase Cloud Functions (hosted on Google Cloud) to:
- Route push notifications to the appropriate partner when a shared check-in, report, or message is created
- Verify partnership membership for security checks
- Aggregate report data on request
Cloud Functions operate with administrative access to Firestore for these specific purposes. They do not perform bulk data mining or profiling.
2.9 Diagnostics
Apple may provide aggregated crash and performance diagnostics to help us maintain app reliability. This data is governed by your device’s Analytics & Improvements settings and Apple’s privacy practices.
2.10 Support Communications
If you contact us by email, we process your email address and message content to respond to and resolve your request.
2.11 Web Browser Client
When you use T30 Journal on the web, the same categories of journal and account data may be processed as in the native app. In addition:
- Local browser storage: Firebase uses IndexedDB in your browser to cache Firestore data for offline use and faster loading. Firebase Authentication may persist session state in the browser according to Firebase defaults.
- Sign-in flows: Sign in with Apple and Google on the web use each provider’s web authentication. Google sign-in may use a popup or a full-page redirect, as implemented by Firebase.
- Web analytics: The web app uses Google Analytics for Firebase / Google Analytics 4 to understand coarse usage and product funnels, such as page views, sign-in method, checkout start/error, and feature save/delete events. These analytics events do not include journal text, prompt text, partner content, locations, emotion or need selections, names, emails, Firebase UIDs, invite secrets, or share tokens.
- Web analytics control: You can turn web analytics off in the web app’s More / Privacy controls. The preference is stored in your browser’s local storage.
- Cookies and session measurement: Google Analytics may use first-party cookies or similar browser storage to distinguish web sessions and aggregate usage. We do not use Google Analytics for ads personalization, remarketing, or cross-context behavioral profiling.
- Clearing site data: If you clear site data or storage for our website in your browser settings, local cached data may be removed and you may need to sign in again.
We do not run third-party advertising trackers on the web journal experience. The native iPhone app does not include the Firebase Analytics SDK.
2.12 Client-Side Firestore Encryption (Premium)
If you subscribe to T30 Premium and use Firebase sync, the app may encrypt selected sensitive fields on your device before they are written to Firebase Firestore, using AES-256-GCM. Encrypted categories include:
- Journal blocks — activity, notes, location labels, emotions, needs, sleep data, and related synced metadata under
users/{uid}/journalBlocks/ - Significant events / deep journal entries — titles, reflections, journal text, custom answers, emotions, and related fields under
users/{uid}/significantEvents/ - Custom journal prompts — prompt text and category under
users/{uid}/journalPrompts/
How keys work:
- A per-account encryption key is generated on your device and stored in the Keychain (iOS) or browser-local storage (web, when enabled).
- During setup you may receive a recovery code. Store it somewhere safe — we do not store your plaintext recovery code on our servers. Firestore may store only wrapped (encrypted) key material and recovery metadata under
users/{uid}/crypto/(readable only by you; premium-gated). - Without your device keys or recovery code, encrypted cloud content cannot be decrypted, including by us.
- Google Firebase still stores the encrypted payloads and provides transport and at-rest protection; Firebase/Google cannot read the plaintext of client-encrypted fields without your keys.
Photos attached to journal entries are stored in Firebase Storage as image files. Photo bytes are protected by Storage rules and Google Cloud encryption but are not individually re-encrypted by this client-side field encryption layer.
3. How We Use Information
We use the information described above to:
- Provide journaling, emotion tracking, needs tracking, and time-block features
- Offer access to T30 Journal through our website (browser), consistent with native app functionality where supported
- Store and sync your data across your devices via Firebase
- Enable partner sharing workflows (invites, shared check-ins, reports, photos, and messages)
- Authenticate your account and manage subscription entitlements
- Deliver push notifications for partner activity
- Secure the app via biometric or passcode lock
- Deliver reminder notifications you have configured
- Generate reports, statistics, and analytics within the app
- Measure coarse web-app usage and funnels with Google Analytics, without journal or partner content
- Export your journal data as PDF or images
- Maintain reliability and resolve support requests
4. Where Your Data Lives
| Data | Storage Location |
|---|---|
| Journal entries, emotions, needs, sleep data | Native app: Core Data and Firebase Firestore (Google Cloud). Web app: IndexedDB (Firebase local cache) and Firebase Firestore (Google Cloud) |
| Photos attached to entries | Native app: on-device file storage and Firebase Storage (Google Cloud). Web app: browser cache and Firebase Storage (Google Cloud) |
| Account credentials (Apple) | Native app: Keychain. Web: managed by Firebase Auth and your browser session per Firebase defaults |
| Account identity (Firebase) | Firebase Auth (Google Cloud) |
| App settings | On-device UserDefaults, iCloud Key-Value Store, and Firebase Firestore |
| Partner shared data (check-ins, photos, reports, messages) | Firebase Firestore and Firebase Storage (Google Cloud) |
| Push notification token | Firebase Firestore (Google Cloud) |
| Encryption keys and recovery metadata (Premium) | On-device Keychain (iOS) or browser-local storage (web); wrapped key material in Firebase Firestore users/{uid}/crypto/ (owner-only) |
| Partnership encryption key metadata | Firebase Firestore partnerships/{id}/cryptoKeys/ (partnership members only) |
| Web usage analytics events | Google Analytics for Firebase / Google Analytics 4 (web only; no journal or partner content in event parameters) |
| Subscription status | On-device and Firebase entitlement records; managed by Apple StoreKit for iOS purchases and Stripe for web purchases |
Firebase services are hosted on Google Cloud Platform. Our Firebase project is configured in the United States region. Google encrypts data in transit (TLS) and at rest. For details, see Google Cloud’s security practices.
5. Sharing and Disclosure
- We do not sell or rent your personal data.
- We do not share your data for advertising or cross-context behavioral profiling.
- Google Firebase / Google Cloud Platform processes data necessary for sync, storage, authentication, push notifications, Cloud Functions, and web-only Google Analytics, subject to the Google Cloud Data Processing Addendum and Google’s Privacy Policy.
- Apple services (Sign in with Apple, StoreKit, APNs, iCloud Key-Value Store) process data necessary for app functionality, subject to Apple’s Privacy Policy.
- Stripe processes web Premium checkout, trial, billing portal, renewal, cancellation, and payment-method handling, subject to Stripe’s Privacy Policy.
- Partner sharing: When active, your connected partner can access shared check-in data, photos, reports, and messages stored in Firebase Firestore. You control what is shared and can disconnect at any time.
- Email providers process support emails you send to us.
- Legal obligations: We may disclose information if required by law or to protect rights, safety, or security.
6. Partner Content Safety
Partner messages, nudges, and shared check-ins are user-generated content. The app provides:
- In-app reporting for inappropriate partner content
- Block and unblock controls for partner connections
- Disconnect to stop all future sharing
- Support contact (t30journal@gmail.com) for moderation and safety follow-up
When you disconnect from a partner, no new data is shared. Previously shared copies stored in Firebase Firestore may persist until the other person deletes them or deletes their account. Data already downloaded to the other person’s device is subject to their own device management.
7. Your Choices and Controls
| Action | How |
|---|---|
| Grant or revoke Camera, Photos, Location, Face ID, or Notification permissions | iOS Settings > T30 Journal |
| Enable or disable partner push notifications | In-app Settings |
| Choose your role and sharing preferences | In-app Settings |
| Disconnect from a partner | In-app partner settings |
| Export your journal data | In-app (PDF / image export) |
| Delete your account and all in-app data | In-app Settings > Data & Privacy |
8. Data Retention
- Journal data is retained on-device and in Firebase Firestore until you delete individual entries or delete your account.
- Partner shared data (check-ins, photos, reports, messages) in Firebase Firestore under a partnership is removed when either partner deletes their account (the partnership document and its subcollections are deleted server-side as part of that user’s account deletion). It is also removed if you disconnect or delete content through in-app partner controls where applicable.
- Account credentials (Sign in with Apple) are retained in Keychain until you sign out or delete your account. Firebase Auth records are deleted when your account is deleted.
- Push notification tokens are retained in Firestore while your account is active and are removed when the Firebase Auth account is deleted.
- App settings are retained until you uninstall the app or reset them.
- Support emails are retained only as long as necessary for support, legal, and operational purposes.
- Encryption keys and recovery metadata are retained in Keychain or browser-local storage and in Firestore until you delete your account or rotate keys in-app where supported. If you lose your recovery code and all signed-in devices, encrypted cloud journal fields may become permanently unreadable.
9. Security
Your journal data is protected by:
- On-device encryption provided by iOS
- Firebase Authentication (only you can access your own data)
- Firestore security rules that enforce per-user and per-partnership access control
- Google Cloud encryption in transit (TLS) and at rest for all Firebase-hosted data
- Client-side AES-256-GCM encryption of selected Firestore fields for Premium sync (keys in Keychain or browser-local storage; plaintext recovery codes are not stored on our servers)
- Keychain encryption for account credentials and encryption keys
- Optional App Lock (Face ID, Touch ID, or device passcode)
Cloud Functions operate with administrative privileges scoped to specific operations (push routing, partnership verification, report aggregation). We follow the principle of least privilege in function design.
We recommend keeping your device passcode enabled and your iOS version up to date.
10. Children’s Privacy
T30 Journal is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us at t30journal@gmail.com and we will delete it.
11. International Users
T30 Journal stores data on your device, optionally in your iCloud Key-Value Store (for settings), and in Firebase (Google Cloud). Our Firebase project is hosted in the United States. If you are located outside the United States, your data will be transferred to and processed in the United States.
Google Cloud provides data transfer mechanisms including Standard Contractual Clauses (SCCs) for transfers from the European Economic Area, the United Kingdom, and Switzerland. See the Google Cloud Data Processing Addendum for details.
If you contact our support, your email may also be processed in the United States.
12. Your Privacy Rights
Depending on where you live, you may have rights including access, correction, deletion, data portability, and the right to object to or restrict processing.
- For data stored in the app: Use the in-app controls described in Section 7, including account and data deletion.
- For complete server-side data removal or other inquiries: Contact t30journal@gmail.com.
California Residents (CCPA/CPRA)
We do not “sell” or “share” (as defined by the CCPA/CPRA) your personal information. We do not use personal information for cross-context behavioral advertising. You have the right to know, delete, and correct your personal information. To exercise these rights, use the in-app controls or contact us.
European Economic Area and United Kingdom (GDPR/UK GDPR)
Legal bases for processing:
| Basis | Applies To |
|---|---|
| Performance of a contract | Providing app functionality (journaling, sync, partner sharing, subscriptions) |
| Legitimate interests | App reliability, abuse prevention, support, push notification delivery |
| Consent | Optional permissions (Location, Camera, Photos, Notifications, Face ID) |
Sub-processors: Google Cloud Platform (Firebase Auth, Firestore, Storage, Cloud Messaging, Cloud Functions) processes data on our behalf under the Google Cloud Data Processing Addendum, which includes Standard Contractual Clauses for international transfers.
You may withdraw consent for optional permissions at any time through iOS Settings. You have the right to lodge a complaint with your local data protection authority. We encourage you to contact us first at t30journal@gmail.com so we can address your concern.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Effective date” at the top. We encourage you to review this policy periodically.
14. Contact Us
If you have questions or concerns about this Privacy Policy or your data:
- Email: t30journal@gmail.com
- Website: t30journal.com
- Privacy Policy: t30journal.com/privacy-policy
- Terms of Use (App Store): Apple Standard EULA