Privacy Policy

Effective date: July 13, 2026 (beta)

Provided by: the Loomy team (“we”, “us”, “our”)

Loomy is in an invite-only beta. This policy reflects the app's actual data practices during the beta and will be finalized (including formal legal review) before general availability. 本政策以英文版本为准。

The short version

Loomy is a private, local-first journal. Your entries, photos, voice notes, location history, and health readings are stored on your device — we do not keep a copy of your journal on a server.

This is a summary; the full policy below controls.

1. Scope

This policy explains how the Loomy mobile app handles information. It does not cover third-party services you connect to Loomy (such as a wearable service or your device platform), which are governed by their own privacy policies.

2. Information stored on your device

Loomy keeps your content locally in an on-device database and file storage. This includes, depending on how you use the app:

We do not transmit this on-device data to us. Some of it is sent to third-party processors only in the specific situations described in Sections 3–5.

3. AI features and what gets sent

When you use an AI feature, Loomy sends the content that feature needs to a third-party AI provider, which processes it and returns a result. Requests are relayed through our own service, which does not store your content.

When you…What is sent for processing
Compose / “lay out” a dayThe day's journal text, a compact digest of that day's metrics, and place/timeline context
Transcribe a voice noteThe audio recording for that clip
Generate an album coverA short text prompt derived from the day's summary
Generate a health reportA de-identified statistical digest (averages, correlations, symptom counts) — not your raw entries

The provider processes this data on our behalf, solely to return the result, under its own terms. We do not use your content to train any model. If you never use AI features, no journal content leaves your device through this path.

AI output can be wrong or incomplete and is not professional, medical, or mental-health advice (see the Terms of Service).

4. Location, weather, and maps

If you grant location permission, Loomy logs your location in the background to build your daily “footprint” and timeline. This processing happens on your device — your raw location trace is not uploaded to us or to a routing service. Narrow exceptions send limited location data to third parties so those features work:

You can decline or later revoke location permission in your device settings; those features degrade gracefully.

5. Third parties who may process your data

We have no advertising, analytics, attribution, or crash-reporting SDKs in the app, and we do not sell or rent your information to anyone.

5a. The waitlist (loomyjournal.com)

If you ask for an invitation on our website, we store the email address you give us, the optional note you write, and the language you were reading the site in. That is the only personal data we collect on a server, and we use it for exactly one purpose: to send you an invitation code. We do not add you to a newsletter, we do not use it for advertising, and we do not share or sell it.

Your journal is not connected to this in any way — signing up to the waitlist does not create an account, and no journal content ever reaches our servers.

Write to us at the address in Section 13 and we will delete your waitlist entry.

6. Permissions we request

7. Retention and deletion

Because your data lives on your device, you control retention:

8. Security

Your data stays on your device. Wearable tokens are stored in the OS secure keystore, and optional App Lock adds a biometric/passcode gate. No method of storage or transmission is 100% secure, and we cannot guarantee absolute security.

9. Children

Loomy is not directed to children under 13, and we do not knowingly collect data from them. If you believe a child has used Loomy, contact us and we will help.

10. International users

Some processors above may process data in the United States or other countries. By using AI or connected features you understand that the relevant data may be processed in those locations.

11. Your rights

Because Loomy is local-first, you already hold your data directly: you can access and export it, correct it by editing, and delete it — all from within the app, without contacting us. Depending on where you live, you may have additional rights under laws such as the GDPR or CCPA; contact us to exercise them.

12. Changes

We may update this policy. Material changes will be reflected by a new effective date and, where appropriate, an in-app notice.

13. Contact

Questions or requests: hello@loomyjournal.com.