Privacy Policy

Last updated: February 2026

Overview

Threshold Journeys (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website and mobile application.

In short: Your journal entries are yours. We don't read them, sell them, or use them for advertising. Period.

Website (meganriley.eu)

Contact Form

When you submit our contact form, we collect your name, email address, area of interest, and your message. This information is used solely to respond to your inquiry. We do not add you to any marketing list unless you explicitly opt in via the checkbox on the form.

Newsletter

If you check the newsletter opt-in box on the contact form, we will store your email address to send occasional updates about new offerings, retreats, and astrology readings. You can unsubscribe at any time by contacting us directly.

Cookies

This website uses only essential cookies. We store your cookie preference in your browser's local storage so we do not ask you again. We do not use any analytics, advertising, or third-party tracking cookies. No data is sent to Google, Facebook, or any other advertising network.

Hosting

This website is hosted on Vercel. Vercel may process your IP address as part of standard web hosting. Vercel does not set tracking cookies on production deployments. All fonts and assets are served directly from our domain with no external requests.

App Data Collection

Information You Provide

Account Information

  • Email address (for authentication)
  • Password (encrypted, never stored in plain text)
  • Display name (optional)
  • Chapter name for your journey (optional)

Assessment Data

  • Your responses to the archetype assessment
  • Your archetype result and scores
  • Threshold intensity preference

Journal Content

  • Text entries you write
  • Voice recordings you create
  • Titles and tags you add
  • Timestamps of your entries

Information Collected Automatically

Usage Data (if you opt in)

  • App opens and session duration
  • Features used (assessment, journaling, etc.)
  • Crash reports and error logs

Device Information (minimal)

  • Device type (for app optimization)
  • Operating system version
  • Timezone (for notification scheduling)

How We Use Your Information

What We Use It For

  • Providing the Service: Authenticating your account, storing and syncing your journal entries, delivering personalized prompts based on your archetype
  • Improving the App: Understanding which features are most valuable, fixing bugs and improving performance (only with your consent)

What We Never Do

  • Read your journal entries
  • Sell your data to third parties
  • Use your content for advertising
  • Train AI models on your writing
  • Share your information with marketers
  • Create profiles to target you with ads

Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

Data TypeLegal BasisPurpose
Account credentialsContractRequired to provide the service
Journal entriesConsentYou choose to create and store content
Assessment responsesConsentTo provide personalized archetype experience
Analytics dataConsentOnly collected if you opt in
Security logsLegitimate InterestProtect against fraud and unauthorized access

You may withdraw your consent at any time through the app settings. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Data Storage & Security

Encryption

  • At Rest: All data stored on our servers is encrypted using AES-256
  • In Transit: All data transmitted uses TLS 1.3 encryption
  • Sensitive Content: Journal entries and assessment responses receive additional column-level encryption

Where Data Is Stored

Your data is stored on Supabase servers located in the United States. Supabase is SOC 2 Type II certified and provides enterprise-grade security.

Local Storage

Some data is stored locally on your device for offline access:

  • Cached prompts
  • Local draft entries
  • Session tokens (in secure storage)

Data Retention

Retention Periods

We retain different types of data for specific periods:

Data TypeRetention PeriodAfter Account Deletion
Account informationDuration of accountDeleted within 24 hours
Journal entriesDuration of accountDeleted within 24 hours
Assessment resultsDuration of accountDeleted within 24 hours
Voice recordingsDuration of accountDeleted immediately
Analytics (if opted in)26 monthsAnonymized immediately
Security logs90 daysRetained for 90 days
Backup copies30 days rollingPurged within 30 days

Inactive Accounts

Accounts inactive for more than 24 months may be flagged for deletion. We will send email notifications before any action is taken, giving you the opportunity to retain your account.

Account Deletion

When you delete your account:

  • We initiate deletion within 24 hours
  • Most data is removed immediately
  • Backups are purged within 30 days
  • Voice recordings are deleted immediately from storage

Data Export

You can export all your data at any time from Settings > Privacy > Export My Data. Exports are provided in JSON format and include your profile information, all journal entries, assessment results, and voice recording transcriptions.

Your Rights

You have the right to:

  • Access: Request a copy of all data we have about you
  • Correct: Update or fix any inaccurate information
  • Delete: Request deletion of your account and data
  • Export: Download your data in a portable format
  • Opt Out: Disable analytics at any time

How to Exercise Your Rights

  • In-App: Settings > Privacy > [action]
  • Email: privacy@thresholdjourneys.app

We respond to all requests within 30 days.

Third-Party Services

Services We Use

ServicePurposeData Shared
SupabaseDatabase & AuthAccount data, encrypted content
ExpoApp UpdatesDevice type, app version

What We Don't Use

  • No Google Analytics
  • No Facebook SDK
  • No advertising networks
  • No data brokers

Children's Privacy

Threshold Journeys is not intended for children under 13. We do not knowingly collect information from children under 13. If we discover we have collected such information, we will delete it immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do:

  • We'll update the “Last updated” date
  • We'll notify you in the app for significant changes
  • We'll never reduce your privacy protections without consent

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

  • Right to know what data we collect
  • Right to delete your data
  • Right to opt-out of sale (we don't sell data)
  • Right to non-discrimination for exercising your rights

European Privacy Rights (GDPR)

If you are in the European Economic Area:

  • Legal basis: Consent and legitimate interest
  • Data controller: Threshold Journeys
  • You may lodge complaints with your local supervisory authority

Contact Us

Questions about this Privacy Policy? Email us at privacy@thresholdjourneys.app

This policy is written in plain language because we believe privacy policies should be understandable. If anything is unclear, please contact us.