Privacy Policy for Journya Mobile App (journya.com)
General
This Privacy Policy provides information about the type, scope, and purpose of the processing of personal data within our app, website, and associated services.
The terms used in this Privacy Policy, such as “processing” or “controller,” are defined in Art. 4 of the GDPR (General Data Protection Regulation) and the corresponding provisions of the Swiss Data Protection Act (DSG).
Controller
Company Name: Innopulse Consulting GmbH
App Name: Journya (journya.com)
Address: Gotthardstrasse 30, 6300 Zug, Switzerland
Email: info@journya.com
Phone: +41 79 508 28 06
Commercial Register Number: CH-170.4.021.748-3
UID/VAT: CHE-219.727.921
Types of Data Processed
We process the following types of data:
General Data:
Inventory data: (e.g., names, addresses)
Contact data: (e.g., email addresses, phone numbers)
Content data: (e.g., journal entries, uploaded photos, videos, voice notes)
Usage data: (e.g., visited pages, content preferences, access times)
Meta/communication data: (e.g., device information, IP addresses, operating system).
Data Collected via Contact Form:
First and last name (required)
Email address (required)
Phone number (optional)
Message content (required)
Important Note: Data collected via the contact form is used exclusively to respond to inquiries and is not used for marketing purposes without prior consent. Data is not sold or shared with third parties. Additionally, we use Google reCAPTCHA on our contact form to prevent spam and misuse.
Children’s Data:
The Journya app and website are not intended for children under the age of 13 (or 16, depending on regional legal requirements). We do not knowingly collect data from children. If we become aware that personal data of a child has been collected without parental consent, it will be deleted immediately.
Processing of Special Categories of Data
As a general rule, no special categories of data (e.g., health-related data, racial/ethnic information) are processed unless explicitly required by law or provided voluntarily by the user (e.g., in journal entries).
Purpose of Processing
We process personal data for the following purposes:
To provide the app and website, including all functions and content.
To respond to user inquiries and enable communication.
To maintain and improve app and website security.
To measure reach and conduct marketing activities.
To process bookings, payments, and manage subscriptions.
To collect app and website usage data via Google Analytics.
To integrate third-party services such as Google Maps, Stripe, Cloud Storage, and social media platforms.
To enable users to synchronize data with third-party calendars.
Legal Basis for Processing
The legal bases for processing data include:
Consent (Art. 6 (1)(a) GDPR): When users provide explicit consent for specific purposes, such as marketing emails.
Contractual Obligation (Art. 6 (1)(b) GDPR): Processing is necessary for the performance of a contract (e.g., enabling journaling services).
Legal Obligation (Art. 6 (1)(c) GDPR): When processing is required to comply with legal obligations.
Legitimate Interests (Art. 6 (1)(f) GDPR): For app improvement, analytics, and ensuring security.
Data Retention and Deletion
Personal data is retained only as long as necessary to fulfill the purposes described or as required by law.
Journal entries and content data: Stored until the user manually deletes the content or deletes their account.
Subscription and payment information: Retained as required for accounting and legal compliance (e.g., tax purposes).
Backups: Securely stored and deleted periodically in line with internal retention policies.
When the retention period expires, data is securely deleted or anonymized.
Security Measures
We take technical and organizational measures to protect personal data:
Data encryption: All sensitive data (e.g., passwords, backups) is secured using the AES encryption standard.
Secure servers: Data is hosted on secure servers via AWS Cloud Switzerland and One.com.
App security: App access can be protected using PIN codes, biometric authentication, or passwords.
Third-Party Processors and Transfers
We work with trusted service providers (data processors) to deliver services:
Hosting providers: AWS Cloud Switzerland, One.com.
Payment providers: Stripe Inc.
Analytics providers: Google Analytics.
Calendar integrations: Google Calendar, Apple Calendar, Microsoft Calendar.
Social media platforms: Facebook, Instagram, Twitter, LinkedIn, Medium.
We use Standard Contractual Clauses (SCCs) to ensure that data transferred to third countries (e.g., developers in Pakistan or Kosovo) complies with GDPR and DSG standards.
Automated Decision-Making and Profiling
Journya may use automated tools to analyze user data, such as mood trends or journaling habits. These tools are solely intended to enhance the user experience and have no legal or similarly significant impact on users.
User Rights
Users have the following rights under GDPR:
Right to access: Obtain confirmation of whether personal data is being processed.
Right to rectification: Correct inaccurate or incomplete data.
Right to erasure (“right to be forgotten”): Request the deletion of data under certain conditions.
Right to restrict processing: Limit the processing of personal data in specific situations.
Right to data portability: Receive personal data in a structured, machine-readable format.
Right to object: Object to data processing for direct marketing or other purposes.
Right to withdraw consent: Revoke consent for data processing at any time.
To exercise these rights, contact us at info@journya.com.
Cookies and Tracking Technologies
Journya uses cookies and similar tracking technologies to:
Provide personalized user experiences.
Analyze app and website traffic.
Optimize app performance.
For details, refer to our Cookie Policy.
Data Breach Notification
In the event of a data breach affecting personal data, we will notify affected users and relevant authorities within 72 hours, as required by GDPR.
Third-Party Services and Integrations
Google Maps
Integrated for location-based features.
Privacy Policy: Google Privacy Policy.
Stripe API
Used for secure payment processing.
Privacy Policy: Stripe Privacy Policy.
Cloud Synchronization
Services include Google Drive, Dropbox, and OneDrive.
Privacy Policies:
Google Privacy Policy
Dropbox Privacy Policy
Social Media Integrations
Journya may process data when users interact with our profiles on platforms such as:
Facebook: Facebook Privacy Policy
Instagram: Instagram Privacy Policy
LinkedIn: LinkedIn Privacy Policy
Twitter: Twitter Privacy Policy.
Changes to the Privacy Policy
We may update this Privacy Policy to reflect changes in services or legal requirements. Users are encouraged to review the latest version on our website or app.
Contact Us
If you have any questions about this Privacy Policy or data protection practices, contact us:
Email: info@journya.com
Phone: +41 79 508 28 06
Updated: December 2024