Privacy Policy

1. Data Controller

Data Controller: Mohamad Sakkal

Trading as: MS

Location: Vienna, Austria

The Controller has not appointed a Data Protection Officer as the processing does not meet the thresholds requiring such appointment under Article 37 GDPR.

2. Legal Framework

This policy is governed by:

Regulation (EU) 2016/679 (General Data Protection Regulation - "GDPR")
Austrian Data Protection Act (Datenschutzgesetz - DSG)
Apple App Store Guidelines (including HealthKit requirements)

                 Health Data Notice: This App processes Special Category Data (health data) under Article 9 GDPR. Such processing is only permitted with your explicit consent.
            

3. Age Requirement

This Service is intended for users aged 16 years or older, in accordance with Article 8 GDPR regarding the age of digital consent. By using this App, you confirm that you are at least 16 years of age.

4. Data We Collect

4.1 Data You Provide

Data Category	Examples	Classification
Journal Entries	Text or voice entries about daily experiences, symptoms, and observations	Health Data
Medication & Supplement Logs	Names, dosages, timing, accommodations	Health Data
Personal Knowledge	Medical history and preferences you teach the AI	Personal Data

4.2 Apple HealthKit Data

With your explicit permission, we access:

HealthKit Data	Purpose
Sleep Analysis	Correlate rest patterns with symptoms
Heart Rate (BPM)	Identify physiological stress markers
Heart Rate Variability (HRV)	Track autonomic nervous system regulation
Workouts	Auto-log exercise in Daily Intake (type, duration, calories)

                 Apple HealthKit Compliance:

                HealthKit data will NOT be used for advertising, data mining, or sold to third parties. It is used solely to provide health insights within the App.

4.3 Technical Data

Data Type	Purpose	Retention
Error Logs	Debugging and stability	30 days
App Preferences	Store your settings	Until app deletion

5. AI Processing

                 Important: AI analysis is the core functionality of this Service. To use the App, you must consent to the processing of your entries by AI systems.
            

How It Works

When the App processes your entries:

Each entry is indexed for search. Producing the search embedding requires sending the entry text (with direct identifiers redacted, see below) to AWS Bedrock; the resulting numeric index is then stored on your device.
When you ask a question, your entries are ranked against it on your device using the local search index, and only the most relevant entries are selected.
The selected entry text (with direct identifiers redacted) is transmitted securely to the AI model
AI generates insights and recommendations
Data is processed transiently in memory and discarded immediately

What We Send to AI

Sent	NOT Sent
Journal entry text (with direct identifiers redacted)	Audio recordings
Medication & supplement logs	Device identifiers
Extracted pattern summaries	Raw HealthKit data streams
Sleep hours (from HealthKit, as context)	Your AWS credentials (used only to sign requests, never in the payload)

                 Identifier Redaction: Before any text leaves your device, the App automatically attempts to remove direct identifiers, your name (as set in your profile), email addresses, phone numbers, and postal addresses. This redaction is applied on a best-effort basis: it cannot guarantee removal of every identifier, particularly names of other people that you mention for the first time or identifying details embedded in free text. You should treat the content you write as text that, in redacted form, is sent to the AI provider.
            

AI Service Providers

Provider	Service	Purpose	Location
Amazon Web Services	AWS Bedrock, Anthropic Claude Haiku 4.5	Journal entry classification, pattern extraction, thread naming, and chat responses (user-selectable)	AWS region configured in-app (EU, Frankfurt, by default)
Amazon Web Services	AWS Bedrock, Anthropic Claude Sonnet 4.6	Chat responses and report generation (user-selectable)	AWS region configured in-app (EU, Frankfurt, by default)
Amazon Web Services	AWS Bedrock, Amazon Titan Embed Text V2	Generating the on-device search index from your entry text	AWS region configured in-app (EU, Frankfurt, by default)

On-Device Processing (no data leaves your device)

Technology	Purpose
WhisperKit (OpenAI Whisper small.en)	Voice-to-text transcription, runs entirely on-device; audio is never transmitted and is deleted after transcription
On-device search index (sqlite-vec + full-text search)	Storing and ranking your entries to find the relevant ones for a query, the search and ranking run on your device, though the embeddings that power it are generated by AWS Titan (see above)

                 Data Security:

                Data sent to AWS Bedrock is processed transiently in memory and discarded immediately after generating a response. It is not stored by AWS Bedrock and is not used to train AI models, as per AWS standard service terms. Voice transcription runs entirely on your device, no audio is ever transmitted. Search and ranking also run on your device; however, building the search index requires sending your entry text (with direct identifiers redacted) to AWS Titan to generate the embeddings.

6. Data Storage & Security

Local Storage

The majority of your data is stored locally on your device with:

iOS Data Protection (encrypted at rest), applied to both the journal database and the on-device search index
Keychain storage for your AWS credentials
No unencrypted export of health data

Security Measures

TLS encryption for all API communications
TLS certificate pinning to Amazon endpoints (rejects connections whose certificate chain is not Amazon-issued)
Cryptographically signed API requests (AWS Signature Version 4)
AWS access is authenticated with credentials you enter in the App, which are stored only in the device Keychain and used solely to sign requests to AWS Bedrock
Data minimization (only necessary data transmitted) and best-effort redaction of direct identifiers before transmission
Purpose limitation (data used only for stated purposes)

7. Data Retention

Data Category	Retention Period
Journal Entries, Patterns, Medications	Until you delete them
HealthKit Data (cached)	Until you revoke permission
AI-Generated Insights	Until you delete them
Technical Logs	30 days (automatic)

8. Your Rights Under GDPR

Right	How to Exercise
Access (Art. 15)	View all data in-app or request a copy
Rectification (Art. 16)	Edit entries directly in the App
Erasure (Art. 17)	Delete entries in-app or request full deletion
Data Portability (Art. 20)	Export to JSON/CSV in Settings
Withdraw Consent (Art. 7)	Stop using app and contact us for data deletion
Lodge Complaint (Art. 77)	Contact Austrian DPA (see below)

Austrian Data Protection Authority

Osterreichische Datenschutzbehorde

Barichgasse 40-42

1030 Vienna, Austria

Email: dsb@dsb.gv.at

Website: www.dsb.gv.at

9. Summary

Who we are	Mohamad Sakkal (MS), Vienna, Austria
What we collect	Journal entries, patterns, mood, HealthKit (with permission)
Why	AI-powered behavioral pattern analysis
Legal basis	Your explicit consent (required for health data)
Where data goes	Stored locally; AI processing is transient (not stored)
Retention	Until you delete; logs for 30 days
Age requirement	16 years or older

10. Contact

For questions or to exercise your rights:

Email: contact@msakkal.com

We respond within 30 days as required by GDPR.