Privacy Policy
Effective Date: April 2026
Overview
Moss Journal is designed with privacy as a core principle. Your data belongs to you and stays on your device by default.
Data Collection
What We Collect:
- Session logs (product, strain, dose, method, time, context, notes)
- Effect ratings (sleep, pain, anxiety, mood, focus)
- Tolerance break information (start date, target days, goal)
- Symptom logs during breaks
Where It's Stored:
- All data is stored locally on your device using browser localStorage
- No data is sent to our servers or any third party by default
- Your data is never transmitted over the network unless you explicitly export it
Data Export
You control all exports from Moss Journal:
- JSON Export: Download your raw data as an unencrypted JSON file
- Encrypted Backup: Export with AES-256 encryption using a passphrase you provide
- Doctor CSV: Generate a clinician-friendly summary for medical consultation
All exports are generated on your device. We never see the files you download.
Service Worker
Moss Journal uses a service worker to enable offline functionality. The service worker:
- Caches the app's resources (HTML, CSS, JavaScript) for offline use
- Does not transmit any of your journal data
- Can be disabled at any time through your browser or device settings
Third-Party Services
Moss Journal does not use:
- Analytics or tracking services
- Cloud storage or backup services
- Advertising networks
- Third-party APIs or services that process your data
iOS App Privacy
When installed as an iOS app via Capacitor:
- All data storage and processing happens on your device
- No network requests are made to external servers for your journal data
- The app does not request access to camera, microphone, photos, or contacts
- Offline functionality is fully supported
Security
Your data security depends on:
- Device Security: Keep your device locked and secure
- Encrypted Backups: Use a strong passphrase when creating encrypted exports
- Backup Storage: Store encrypted backups securely (not in public cloud)
Your Rights
You have complete control over your data:
- Export your data anytime in JSON or encrypted format
- Delete your data by clearing your browser's local storage or app data
- No account required, no subscription, no lock-in
Changes to This Policy
We will notify you of any material changes to this privacy policy through in-app notifications or by updating the effective date above.
Contact
If you have questions about this privacy policy, please contact us through the app's support channels.