Privacy Policy
ShadowART — Mood Journal & Shadow Work Companion
1. Introduction
Welcome to ShadowART ("we," "our," or "us"). ShadowART is a mood journaling and psychological self-reflection application designed for iOS. We are deeply committed to protecting your privacy and ensuring that your most personal thoughts remain yours alone.
This Privacy Policy explains what information we collect, how we use it, and what choices you have regarding your data when you use the ShadowART mobile application (the "App").
By downloading, installing, or using ShadowART, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not use the App.
2. Our Privacy Philosophy
ShadowART is built on a privacy-first architecture. We believe that deeply personal reflections and psychological self-exploration require the highest level of data protection. To that end:
- All journaling content and psychological analysis are processed entirely on your device. No journal text, emotional analysis, shadow archetype detection, or keyword extraction is ever transmitted to external servers.
- Analytics are disabled by default. You must explicitly opt in to share anonymous usage data.
- We do not sell, rent, or share your personal data with third parties for advertising, marketing, or data brokerage purposes.
- You maintain full control over your data at all times, including the ability to export or permanently delete everything.
3. Information We Collect
3.1 Information You Provide Directly
When you use ShadowART, the following data is created and stored locally on your device:
a) Visual Mood Entries
- Your selected visual mood representation
- Associated sub-emotion labels (e.g., "Peace," "Frustrated")
- Dominant color data extracted from your selection
- Timestamp of each entry
b) Journal Entries & Reflections
- Free-text journal content and personal reflections you write
- Micro-notes recorded during post-session reflections (up to 80 characters)
- Impact scores you assign to reflection sessions
c) Shadow Insights (Pro Feature)
- Shadow archetype detection results (e.g., Inadequacy, Invisibility, Deprivation, Defense, Control)
- Confidence scores for archetype analysis
- Personalized affirmation text generated from your entries
- Psychological commentary and analysis descriptions
- Trigger phrases identified within your text
- Extracted keywords and their semantic relationships
- Sentiment scores derived from your writing
d) User Progress & Preferences
- Daily streak count and total entry count
- Dominant shadow archetype over time
- Onboarding completion status
- Subscription status (Free or Pro)
- Notification preferences and custom ritual times
- Biometric authentication preferences (enabled/disabled)
- Analytics opt-in preference
3.2 Information Collected Automatically (Opt-In Only)
Anonymous Usage Analytics
ShadowART uses Firebase Analytics to collect anonymous, aggregate usage data — but only if you explicitly opt in through the App's Settings screen. Analytics are disabled by default.
If you choose to opt in, the following anonymous events may be recorded:
- App open events
- Feature usage events (e.g., visual entry saved, journal submitted, analysis completed)
- Session duration (in seconds, without content)
- Subscription-related events (paywall viewed, subscription started)
- Settings interactions (data exported, data reset)
- Onboarding flow completion
What is never collected, even with analytics enabled:
- Journal text or reflection content
- Keywords, trigger phrases, or archetype results
- Any personally identifiable information (name, email, phone number)
- Device identifiers linked to personal identity
- Location data
- Browsing history or cross-app tracking data
3.3 Information We Do NOT Collect
ShadowART does not collect, access, or request:
- Your name, email address, phone number, or any account credentials
- Camera or photo library data
- Microphone input or voice recordings
- Location or GPS data
- Contacts, calendar, or address book data
- Health or fitness data (HealthKit)
- Financial information (payment processing is handled entirely by Apple)
- Advertising identifiers or cross-app tracking data
- Browsing history
4. How We Use Your Information
4.1 On-Device Processing
All core functionality is performed locally on your device:
- Natural Language Processing (NLP): Sentiment analysis, emotion detection, shadow archetype identification, keyword extraction, and semantic similarity scoring are all performed using Apple's on-device NaturalLanguage framework. No text content leaves your device.
- Language Detection: Automatic detection of your writing language (e.g., English, Turkish, Spanish) is performed on-device using Apple's NLLanguageRecognizer.
- Audio Playback: Ambient soundscapes and text-to-speech affirmations are synthesized and played locally. No audio is recorded or transmitted.
4.2 Analytics Data (If Opted In)
If you choose to enable analytics, anonymous usage data is used solely to:
- Understand which features are most valuable to users
- Identify and fix technical issues
- Improve the overall user experience
- Inform future feature development
Analytics data is processed by Firebase (Google LLC) under their data processing terms. No personal content or identifying information is included in analytics events.
4.3 Subscription Management
Subscription purchases and billing are handled entirely by Apple through the App Store and StoreKit. We do not process, store, or have access to your payment information, credit card details, or Apple ID credentials. The yearly subscription plan includes a 7-day free trial. Free trial eligibility and billing are managed entirely by Apple.
5. Data Storage & Security
5.1 Local Storage
All personal data (journal entries, mood selections, shadow insights, keywords, and progress metrics) is stored locally on your device using Apple's Core Data framework with the following protections:
- Device-Level Encryption: Local data is protected with
NSPersistentStoreFileProtectionKey set to .complete, meaning your data is encrypted whenever your device is locked.
- No External Database: There is no external server or cloud database storing your content by default.
5.2 iCloud Sync (Pro Feature, Optional)
Pro subscribers may enable iCloud synchronization to keep their data in sync across multiple Apple devices. When enabled:
- Data is transmitted and stored using Apple's CloudKit infrastructure
- All data in transit and at rest is encrypted by Apple
- Synchronization is governed by Apple's iCloud Terms of Service and Privacy Policy
- You can disable iCloud sync at any time through the App's settings
- Disabling sync does not delete data already synced; you must manage iCloud storage through your device's Settings
5.3 File Sharing & Data Export
ShadowART allows you to export your data via the iOS Files app. This feature is provided for your convenience and for compliance with data portability rights. Exported files are stored in your device's local file system or iCloud Drive under your control.
6. Biometric Authentication
ShadowART offers optional biometric authentication (Face ID or Touch ID) to protect access to the App. When enabled:
- Biometric data is processed entirely by Apple's LocalAuthentication framework
- We do not access, store, or transmit biometric data
- Biometric templates never leave Apple's Secure Enclave on your device
- You can enable or disable biometric lock at any time through Settings
7. Notifications
ShadowART may send local notifications as gentle reminders for your daily reflection practice. These notifications:
- Are generated and scheduled entirely on your device
- Are not push notifications from a remote server
- Do not contain personal data or journal content
- Can be fully customized or disabled in the App's Settings
- Follow the schedule you set through the ritual time picker
8. Third-Party Services
8.1 Firebase (Google LLC)
ShadowART integrates Firebase for optional, opt-in analytics only. Firebase may process:
- Anonymous event data (feature usage, session duration)
- Device type and operating system version (anonymized)
- App version information
Firebase does not receive any journal content, personal reflections, or psychological analysis data from ShadowART.
For more information, see Google's Privacy Policy and Firebase Data Processing Terms.
8.2 Apple (StoreKit & CloudKit)
- StoreKit: Handles all subscription purchases and billing. We do not access your payment details.
- CloudKit: Provides optional iCloud sync for Pro users. Governed by Apple's Privacy Policy.
For more information, see Apple's Privacy Policy.
8.3 No Other Third Parties
ShadowART does not integrate:
- Advertising networks or ad SDKs
- Third-party analytics platforms (other than Firebase, opt-in only)
- Social media SDKs or login providers
- Data brokers or data enrichment services
- Crash reporting services that transmit personal data
- Any other third-party service that accesses your content
9. Children's Privacy
ShadowART is not directed at children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe that a child has provided us with personal information, please contact us and we will take steps to delete such information.
10. Your Rights & Choices
10.1 Data Access & Portability
You can export all of your data at any time through the App's Settings. The export includes all journal entries, mood selections, shadow insights, and progress data in a portable format.
10.2 Data Deletion
You can permanently delete all of your data at any time through the App's Settings using the "Reset All Data" function. This action is irreversible and removes all locally stored content, progress metrics, and preferences.
10.3 Analytics Opt-Out
You can disable analytics at any time through the App's Settings. When disabled, no usage data is collected or transmitted. Analytics are disabled by default.
10.4 Notification Control
You can enable, disable, or customize notification timing through the App's Settings at any time.
10.5 Biometric Authentication
You can enable or disable biometric lock at any time through the App's Settings.
10.6 iCloud Sync (Pro)
You can enable or disable iCloud synchronization at any time. Disabling sync stops future data transmission but does not automatically delete previously synced data from iCloud.
11. International Data Transfers
By default, all data remains on your device and is not transferred internationally. If you enable:
- Firebase Analytics (opt-in): Anonymous usage data may be processed by Google in the United States or other countries where Google operates. This processing is governed by Google's Data Processing Terms.
- iCloud Sync (Pro, opt-in): Data may be stored in Apple's data centers, which may be located outside your country of residence. This is governed by Apple's Privacy Policy.
12. Data Retention
- Local Data: Retained on your device indefinitely until you manually delete individual entries or reset all data.
- Analytics Data: If opted in, anonymous analytics data is retained per Firebase's default retention policy (typically 2 months for detailed data, 14 months for aggregated data).
- iCloud Data: If enabled, retained per Apple's iCloud storage policies until you manually delete it.
- Subscription Records: Managed by Apple and subject to Apple's data retention policies.
13. Compliance
13.1 GDPR (European Union)
If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation:
- Right of Access: Export your data through Settings.
- Right to Rectification: Edit or update your journal entries directly in the App.
- Right to Erasure: Delete all data using the "Reset All Data" function.
- Right to Data Portability: Export your data in a portable format.
- Right to Restrict Processing: Disable analytics and iCloud sync.
- Right to Object: Opt out of analytics data collection at any time.
Since all data processing occurs on your device by default, no data controller registration is required for on-device processing.
13.2 CCPA (California, USA)
If you are a California resident, you have the right to:
- Know what personal information is collected (described in Section 3)
- Request deletion of your personal information (available via Settings)
- Opt out of the sale of personal information — we do not sell personal information
- Non-discrimination for exercising your privacy rights
13.3 Apple App Store Guidelines
ShadowART complies with Apple's App Store Review Guidelines, including:
- App Tracking Transparency: We do not track users across apps or websites
- Required reason APIs: Used only for their stated purposes
- Privacy Nutrition Labels: Accurately reflect our data practices
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:
- The "Last Updated" date at the top of this policy will be revised
- Significant changes may be communicated through an in-app notice
- Continued use of the App after changes constitutes acceptance of the updated policy
We encourage you to review this Privacy Policy periodically.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Email: yumavdev@gmail.com
Developer: Buğra Günay
16. Summary
| Category |
Details |
| Data Storage |
Local device (default), iCloud (Pro opt-in) |
| Analytics |
Firebase, disabled by default, opt-in only |
| Journal Content Shared |
Never — all processing on-device |
| Third-Party Advertising |
None |
| Data Sold to Third Parties |
Never |
| Biometric Data Accessed |
Never (handled by Apple Secure Enclave) |
| Camera/Photos/Microphone |
Not accessed |
| Location Data |
Not accessed |
| User Control |
Full export & delete available |
| Encryption |
Device-level encryption (NSFileProtectionComplete) |