app logo CBT Thought Capture

Your Private Journaling Companion for Personal Growth

Privacy Policy

1. Introduction

Welcome to CBT Thought Capture ("the App"). We are committed to protecting your privacy and ensuring you have a positive experience on our app. This Privacy Policy explains our practices regarding data collection, use, and protection.

Important Notice: CBT Thought Capture is a thought journaling and reflection tool. It is NOT a substitute for professional mental health treatment, therapy, or medical advice. If you are in crisis or experiencing a mental health emergency, please contact emergency services or a mental health professional immediately.

2. What Data We Collect

2.1 Data Stored Locally

CBT Thought Capture collects and stores the following information exclusively on your device:

Data Type Purpose Storage Location
Thought Records Store your journaling entries including situations, thoughts, emotions, and evidence Local Device Storage (SQLite)
Emotion Ratings Track before/after emotional intensity on a 1-10 scale Local Device Storage (SQLite)
PIN Hash Secure authentication using encrypted PIN storage Secure Local Storage (flutter_secure_storage)
Biometric Data Reference Enable fingerprint/face recognition authentication Secure Local Storage (Device-managed)

2.2 Data We Do NOT Collect

  • Personal identifying information (name, email, phone number)
  • Location data
  • Contact lists or device contacts
  • Photos or media files (except what you intentionally enter as text)
  • Device identifiers or advertising IDs
  • Browsing history or usage tracking
  • Any data sent to external servers

3. How We Use Your Data

Your data is used exclusively for the following purposes:

  • Thought Journal Storage: To save and retrieve your thought records when you use the app
  • Security: To authenticate you via PIN and biometric methods
  • Analytics Display: To generate analytics and insights about your emotional patterns (displayed locally only)
  • Data Persistence: To maintain your entries across app sessions

4. Data Security

4.1 Encryption & Protection

We implement multiple layers of security to protect your sensitive mental health data:

  • Secure Local Storage: PIN and biometric authentication settings are stored using platform-specific secure storage (iOS Keychain, Android Keystore)
  • Database Encryption: All thought records are stored in a local SQLite database on your device
  • No Network Transmission: Your data never leaves your device and is never transmitted to our servers or third parties
  • Device-Level Security: Relies on your device's built-in security mechanisms (PIN, biometric, OS-level protections)

4.2 Data Deletion

You retain full control of your data:

  • Delete individual thought records directly within the app
  • Clear all data by uninstalling the app (automatic device cleanup)
  • Access app settings to manage stored data at any time

5. Third-Party Services

5.1 Services We Use

CBT Thought Capture uses the following third-party services:

  • Google Play Services: For app distribution and crash reporting (anonymous crash data only)
  • Flutter Framework: Open-source development framework (no data collection)

5.2 What We Don't Share

We do NOT:

  • Share your thought records with any third parties
  • Sell or monetize your personal data
  • Send your data to analytics services like Google Analytics or Firebase
  • Use your data for advertising or marketing
  • Store data on cloud servers or external databases
  • Share data with healthcare providers or insurance companies

6. Children's Privacy

CBT Thought Capture is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13 without verified parental consent, we will delete such information promptly.

7. Your Privacy Rights

7.1 Access & Control

You have the right to:

  • Access all your thought records stored in the app
  • Export or backup your data (feature may be added in future versions)
  • Delete any or all of your records
  • Understand what data is stored and how it's protected

7.2 GDPR Compliance (EU Users)

If you are located in the European Union, you have the following rights under GDPR:

  • Right to access your personal data
  • Right to rectification (correction) of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability

Since all data is stored locally on your device, you can exercise these rights directly by managing your app data through device settings or uninstalling the app.

8. Data Retention

Your data is retained on your device for as long as:

  • You have the app installed
  • You have not manually deleted the data
  • You have not cleared the app's data through device settings

When you uninstall the app, all associated data is automatically deleted from your device by your operating system.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated policy in the app
  • Updating the "Last Updated" date at the top of this policy
  • Requesting your consent if required by law

Your continued use of the app after changes constitutes your acceptance of the updated Privacy Policy.

10. Disclaimer & Limitation of Liability

IMPORTANT DISCLAIMERS:
  • CBT Thought Capture is a journaling and self-reflection tool, NOT a medical device or treatment
  • It does not diagnose, treat, cure, or prevent any disease or mental health condition
  • It is not a substitute for professional mental health care, therapy, or medical consultation
  • You should not rely solely on this app for mental health support
  • If you are experiencing suicidal thoughts, self-harm urges, or a mental health crisis, please seek immediate professional help

11. Crisis Resources

If you are struggling with your mental health, please reach out to professional resources:

  • National Suicide Prevention Lifeline (US): 988 (call or text)
  • Crisis Text Line (US): Text HOME to 741741
  • International Association for Suicide Prevention: Find Crisis Hotlines
  • SAMHSA National Helpline (US): 1-800-662-4357 (free, confidential, 24/7)

Please reach out to a mental health professional, trusted friend, or family member if you need support.

12. Contact Us

Privacy Questions or Concerns?

If you have questions about this Privacy Policy, your data, or our privacy practices, please contact us through our contact form.

We will respond to your inquiry within 30 days.

13. Legal Basis & Compliance

  • GDPR: Compliant with EU General Data Protection Regulation
  • CCPA: Compliant with California Consumer Privacy Act
  • Google Play Policies: Compliant with Google Play Store developer policies
  • Apple App Store Policies: Compliant with Apple App Store privacy guidelines
  • HIPAA: Not a HIPAA-covered entity (does not store Protected Health Information as defined by HIPAA)

14. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of [Your Jurisdiction], and you irrevocably submit to the exclusive jurisdiction of the courts in that location.

Last Updated: December 24, 2025

© 2025 Sephanie.com. All rights reserved.

Privacy Policy | Terms of Service | Contact