Privacy Policy

Last updated: July 3, 2026

Your Privacy Matters

Yeoun (여운, "the feeling that lingers") is designed with your privacy as a core principle. Your journal entries, mood data, and personal reflections are yours alone. This policy explains what data we collect, how we use it, and what controls you have.

Data Storage

All journal entries, mood scores, focus ratings, emotion tags, photos, stickers, and hwachyo (화초, plant) progress are stored locally on your device using SQLite. This data never leaves your phone unless you explicitly choose to use AI-powered features (described below).

Authentication

We use Supabase for authentication. When you create an account, we collect your email address solely for the purpose of account creation and login. If you sign in with Apple, we receive only the information Apple provides (which may include a relay email address if you choose "Hide My Email"). Your password is hashed and never stored in plaintext.

What We Collect

We collect the minimum data necessary to provide the service:

Analytics and Crash Reporting

We collect anonymous product-interaction events (e.g., which screens you visit and which features you use) through Amplitude to improve the app. These events are not linked to your identity. We also use Sentry to collect crash reports and performance data so we can fix bugs quickly. Crash and performance data may include device model and OS version but does not include journal content.

What We Don't Collect

We do not collect location data, contacts, browsing data, or advertising data. We do not use advertising SDKs. We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes.

Photos

If you attach photos to journal entries, those photos are stored locally on your device. Camera and photo library access is only requested when you initiate adding a photo. Photos are never uploaded to our servers.

AI-Powered Features

Yeoun Premium includes optional AI-powered features: wellness check-ins, event detection, and pattern insights. These features are powered by Anthropic (Claude) through secure cloud processing via our backend infrastructure (Supabase Edge Functions).

When you use these features, sanitized portions of your journal text (with personal information minimized), mood and focus scores, and emotion tags may be sent to our servers for processing. Your data is never used to train AI models. It is processed transiently and may be retained briefly by Anthropic for abuse and safety monitoring per their usage policy. Yeoun never stores journal content on our servers. No AI features are activated until you provide explicit consent through the in-app prompt.

You can revoke AI consent at any time from your Profile settings. Revoking consent immediately stops all AI data processing.

Data Retention

Your journal data is stored locally on your device and retained as long as you use the app. Your authentication credentials (email) are retained on Supabase servers until you delete your account. Subscription records are retained by Apple and RevenueCat per their respective policies. Yeoun never stores journal content on our servers; Anthropic may retain data briefly for safety monitoring per their policy.

Data Deletion

You can delete individual journal entries at any time within the app. To delete your account and all associated data, go to Profile → Delete Account. This permanently erases your journal entries, plant progress, preferences, and authentication credentials from both your device and our servers. Uninstalling the app also removes all locally stored data.

Third-Party Services

Yeoun uses the following third-party services:

California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

To exercise any of these rights, contact us at [email protected]. We will respond within 45 days.

Children's Privacy

Yeoun is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

Security

We implement industry-standard security measures to protect your data, including HTTPS encryption for all network communications, parameterized database queries, input sanitization, JWT authentication for all API requests, and prompt injection defense for AI features. However, no method of electronic transmission or storage is 100% secure.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date at the top of this page. Your continued use of Yeoun following the posting of changes constitutes acceptance of those changes.

Questions?
If you have questions about this privacy policy or your data, contact us at [email protected].