Last updated: February 6, 2026
MyBons.ai ("we," "our," or "us") operates the MyBons.ai mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.
Personal Information: When you create an account, we collect your email address for authentication purposes.
Journal Content: The text, photos, and videos you add to journal entries are stored locally on your device. If you enable cloud sync, this content is stored securely on our servers (Supabase).
Usage Data: We track basic usage metrics such as the number of entries created and features used, solely for enforcing subscription limits and improving the App.
AI Processing: When you use AI features (reflections, mantras, insights), your journal text is sent to OpenAI's API for processing. OpenAI does not use this data for training purposes per their API data usage policy.
We use the information we collect to:
Your journal entries are stored locally on your device by default. If you sign in and enable sync, entries are encrypted in transit and stored securely on Supabase (hosted on AWS).
Private entries are protected with a passcode that is hashed using SHA-256 before storage. We cannot access or recover your passcode.
We implement commercially reasonable security measures to protect your data, including encryption in transit (TLS/SSL) and at rest.
We use the following third-party services:
Supabase: Authentication and cloud data storage. Subject to Supabase's privacy policy.
OpenAI: AI-powered reflections and insights. Journal text is sent to OpenAI's API. OpenAI's API data usage policy states that data submitted via the API is not used for model training.
RevenueCat: Subscription and in-app purchase management. Subject to RevenueCat's privacy policy.
PostHog: Privacy-respecting analytics to understand how features are used and improve the App. We collect anonymous usage events but never collect or store the content of your journal entries through analytics. PostHog is GDPR-compliant. Analytics are only enabled if you grant tracking permission via Apple's App Tracking Transparency prompt.
Apple: Subscription payment processing via the App Store. Subject to Apple's privacy policy.
Your journal entries are retained as long as you maintain your account. Deleted entries are moved to a "Recently Deleted" folder and permanently removed after 30 days.
You may delete your account and all associated data at any time from within the App (Settings → Delete Account & Data) or by contacting us at jtchitla@mybonsaijournal.com. Account deletion is permanent and cannot be undone.
You have the right to:
To exercise any of these rights, contact us at jtchitla@mybonsaijournal.com.
The App is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion, and the right to opt-out of the sale of personal information. We do not sell personal information.
We may update this Privacy Policy from time to time. We will notify you of changes by updating the "Last updated" date at the top of this policy. Your continued use of the App after changes constitutes acceptance of the updated policy.
If you have questions about this Privacy Policy, please contact us at:
jtchitla@mybonsaijournal.com