Privacy Policy for DailyInk

Effective Date: 01/01/2026
Last Updated: 01/01/2026

DailyInk ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you use our daily journaling service. It applies to all visitors, users, and account holders of DailyInk, regardless of how you access the service.

DailyInk is a platform operated by LifeEcho LLC. While some users may be referred by nonprofit or community partners, all services and data are managed solely by LifeEcho LLC.

1. Introduction / Overview

This Privacy Policy explains what data we collect, how we use it, and what rights you have. All data is collected and managed by:

• LifeEcho LLC – the sole data controller for all users

Contact: support@lifeecho.org

LifeEcho LLC is not a covered entity under HIPAA and does not offer services regulated by the Health Insurance Portability and Accountability Act (HIPAA). While we prioritize data security, our services are not intended to transmit or store protected health information (PHI). Users are explicitly instructed not to submit PHI through our service.

2. What Data We Collect

• Personal Identification Information: Name, email address, phone number (if provided)
• Device Information: IP address, browser type, operating system, device type
• Usage Data: Pages visited, time on site, button clicks, user interactions, entry access logs (including timestamps and user identification)
• Cookies and Tracking: Analytics cookies, session cookies, essential cookies
• User-Generated Content: Journal entries, text content, feedback or reviews
• Location Data: General geolocation based on IP
• Payment Data: Processed via third-party services (e.g., Stripe). We do not store full payment details.

3. How and Why We Collect Data

• Forms: Signup and contact forms
• Cookies: For analytics, session management, and essential functionality
• Automated Tracking: Website analytics and usage monitoring
• User Content: Journal entries you create and save
• Authentication: Microsoft Azure AD authentication data

We collect this data to:

• Provide and improve our services
• Process transactions and manage accounts
• Send service-related communications
• Analyze usage patterns and improve user experience
• Ensure security and prevent fraud
• Comply with legal obligations

Legal Basis for Processing (GDPR): We process your personal data based on the following legal grounds:

• Contract Performance: To provide our services and fulfill our contractual obligations to you
• Legitimate Interest: To improve our services, ensure security, prevent fraud, and analyze usage patterns
• Consent: For analytics cookies and optional features where you have provided explicit consent
• Legal Obligation: To comply with applicable laws and regulations

4. How We Use Your Data

We use your data to:

• Deliver daily journal links and manage your account
• Store and secure your journal entries
• Process payments and manage subscriptions
• Send service updates, reminders, and support communications
• Improve our platform and develop new features
• Detect and prevent fraud or abuse
• Comply with legal requirements

5. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

• Service Providers: Third-party vendors who help us operate our service:
  • Microsoft Azure - Cloud hosting and infrastructure services (Privacy Policy)
  • Stripe - Payment processing services (Privacy Policy)
  • Google Analytics - Website analytics (only with your consent) (Privacy Policy)
  • Google reCAPTCHA Enterprise - Bot protection and spam prevention (Privacy Policy)
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly authorize sharing

6. Data Security

We implement industry-standard security measures to protect your data, including encryption, secure authentication, and regular security assessments. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide our services. When you delete your account or request data deletion, we will delete your personal information within 30 days, except where we are required to retain it for longer periods by law or for legitimate business purposes, such as:

• Resolving disputes or enforcing agreements
• Complying with legal obligations or court orders
• Preventing fraud or security issues
• Maintaining business records as required by law

If we discontinue the service, we will provide advance notice and an opportunity to download your data before permanent deletion. You may request deletion of your data at any time by contacting support@lifeecho.org.

8. Your Rights

Depending on your location, you may have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Object to processing of your data
• Request data portability
• Withdraw consent where applicable
• Opt out of marketing communications

To exercise these rights, contact us at support@lifeecho.org.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain your session and authentication state
• Remember your preferences
• Analyze website usage and performance (with your consent)
• Provide essential site functionality

Cookie Consent: When you first visit our website, you will see a cookie consent banner that allows you to accept or reject analytics cookies. Essential cookies required for the site to function are always enabled. Analytics cookies (such as Google Analytics) are only loaded after you provide explicit consent. Your consent preference is stored for 365 days, after which you will be asked again.

Types of Cookies We Use:

• Essential Cookies: Required for the site to function. These include session cookies for authentication and security. These cookies expire when you close your browser or after a period of inactivity.
• Analytics Cookies (Optional): Used to analyze website usage and improve user experience. We use Google Analytics, which sets cookies such as _ga (expires after 2 years) and _gid (expires after 24 hours). These cookies are only set if you consent to analytics tracking.
• Preference Cookies: Store your cookie consent preference for 365 days to remember your choice.

You can manage cookie preferences through your browser settings or by using our cookie consent banner. You can change your consent preference at any time. Some features may not work properly if essential cookies are disabled.

We also use Google reCAPTCHA Enterprise to protect our contact form from spam and abuse. reCAPTCHA is subject to Google's Privacy Policy and Terms of Service.

10. International Data Transfers

Your data may be processed and stored in the United States or other countries where our service providers operate. By using DailyInk, you consent to the transfer of your data to these locations.

GDPR Compliance: If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we ensure that your personal data is protected when transferred outside these regions. We rely on appropriate safeguards, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission with our service providers
• Adequacy decisions by the European Commission where applicable
• Other legally recognized transfer mechanisms

If you have questions about international data transfers or wish to exercise your rights under GDPR, please contact us at support@lifeecho.org.

11. Third-Party Links

Our service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

12. HIPAA Disclaimer

DailyInk is not a HIPAA-covered entity. We are not intended for medical, therapeutic, or emergency communication purposes. Users should not submit protected health information (PHI) via the platform.

13. Children's Privacy

DailyInk is not intended for children under 13. We do not knowingly collect data from minors. If we become aware, we will delete the information promptly.

14. User Controls

• Manage cookies through browser settings or consent banner
• Unsubscribe from marketing via opt-out links
• Request deletion of your account via support@lifeecho.org

15. Updates to the Policy

This Privacy Policy may be updated periodically. We will notify you via email or on-site alerts for significant changes.

Last Updated: 01/01/2026

16. Contact Information

Questions or concerns? Contact us:

Email: support@lifeecho.org
EU Data Protection Contact: support@lifeecho.org

17. Disclaimer on Medical Use

DailyInk is not intended for medical, therapeutic, or emergency communication purposes. If you are in distress or need urgent help, please contact appropriate emergency services.

For California Residents: Visit our "Do Not Sell or Share My Info" page to exercise your CCPA/CPRA rights. We do not sell personal information but may use certain data for personalized experiences unless opted out. You have the right to not be discriminated against for exercising your privacy rights.