Privacy Policy

Last Updated: [Date]

1. Introduction

Welcome to MyNaikan.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our personal reflection and wellness tracking service.

Our Core Principle: Your personal reflections are private. We are committed to protecting the confidentiality of your journal entries and maintaining transparency about any data we collect.

Not a Medical Service: MyNaikan.com is a self-help tool, not a healthcare provider. This means HIPAA privacy rules do not apply to our Service, though we maintain strict privacy standards.

2. Information We Collect

Account Information:

  • Email address (required for registration and account management)
  • Account creation date and subscription status (free or premium)
  • Any profile preferences you voluntarily set

Your Journal Content:

  • All text entries you write in your check-ins
  • Timestamp and metadata related to your entries
  • Tags, categories, or labels you assign to entries

Usage & Analytics Data:

  • Login dates and times
  • Feature usage (e.g., how often you check in, which analytics you view)
  • Device and browser information (type, IP address, operating system)
  • Page interaction data (clicks, navigation paths)

Payment Information (Premium Users):

  • Payment is processed through [Stripe/PayPal] (we do not store credit card numbers)
  • Billing address if required by payment processor
  • Transaction history and subscription renewal dates

Support Communications:

  • Emails or messages you send to our support team

3. How We Use Your Information

We use your information to:

  • Provide the Service: Create your account, authenticate logins, and deliver your private journal and analytics
  • Generate Personal Analytics: Analyze your entries to show you trends, patterns, and insights (visible only to you)
  • Communicate: Send essential emails (password resets, payment receipts, policy updates) and optional newsletters (you may opt out)
  • Process Payments: Manage billing for premium subscriptions
  • Improve the Service: Understand feature usage to enhance user experience (using aggregated, anonymized data)
  • Security: Monitor for suspicious activity and prevent unauthorized access
  • Legal Compliance: Respond to lawful requests from authorities when required by law

4. Information Sharing & Disclosure

We Do Not Sell Your Data. Period.

We Do Not Share Your Private Journal Entries with any third parties except in these specific circumstances:

  • With Your Consent: If you explicitly request that we share your data
  • Service Providers: We share minimal necessary data with trusted vendors who help us operate the Service:
    • Payment processors (Stripe/PayPal) for billing
    • Cloud hosting providers (AWS/Google Cloud) for data storage
    • Email delivery services (SendGrid/Mailgun) for transactional emails
    • Analytics providers (Plausible/Cloudflare) for aggregated site usage statistics
  • Legal Requirements: When required by subpoena, court order, or other legal process
  • Safety & Security: If we believe disclosure is necessary to prevent imminent harm or illegal activity
  • Business Transfers: In the event of a merger, acquisition, or sale of assets (we will notify you)

All third-party providers are contractually obligated to protect your data and use it only for the services they provide to us.

5. Data Security

We implement industry-standard security measures:

  • Encryption: All data is encrypted in transit (TLS/SSL) and at rest (AES-256)
  • Access Controls: Strict internal policies limit who can access user data (only essential personnel)
  • Authentication: Passwords are hashed using bcrypt; we support two-factor authentication
  • Regular Audits: Security assessments and penetration testing are conducted regularly
  • No Employee Access: Our employees cannot view the content of your private journal entries unless required for support (with your permission) or security investigations

Important Limitation: No internet-based service is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Your Rights & Choices

You have full control over your data:

  • Access & Export: Download all your entries and data through the "Export Data" feature in your account settings
  • Correction: Update your email address or account preferences anytime
  • Deletion: Permanently delete your account and all associated data through account settings. This action is irreversible
  • Opt-Out: Unsubscribe from non-essential emails via the link in any email footer
  • Data Portability: Export your entries in plain text or JSON format

Data Retention:

  • Active Accounts: We retain your data as long as your account is active
  • Deleted Accounts: All data is permanently deleted within 30 days of account deletion (except for legal/financial records we must retain)
  • Inactive Accounts: We may delete accounts inactive for 2+ years after providing notice

7. Cookies & Tracking Technologies

Essential Cookies: Required for login and security functions. These cannot be disabled.

Analytics Cookies (Optional): Help us understand how users interact with our features. You can disable these in your browser settings without affecting core functionality.

Third-Party Cookies: Our payment processor may use cookies for fraud prevention.

Your Choices: You can manage cookie preferences through your browser settings. Disabling cookies may limit some features.

8. Third-Party Services

We use the following third-party services that may collect information:

  • Payment Processing: [Stripe/PayPal] (subject to their privacy policies)
  • Hosting: [AWS/Google Cloud] (subject to their privacy policies)
  • Analytics: [Plausible Analytics/Cloudflare] (anonymized, no personal identifiers)

We are not responsible for the privacy practices of these third parties. Please review their policies.

9. International Data Transfers

We are based in [Your Country]. Your data is stored on servers located in [Your Region]. If you access the Service from outside this region, you consent to the transfer of your data to our servers.

For users in the European Economic Area (EEA), we comply with GDPR requirements for international data transfers.

10. Children's Privacy

Our Service is intended for users 18 years and older. We do not knowingly collect information from children under 18. If we discover a child under 18 has provided us with personal information, we will promptly delete their account and all associated data.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will:

  • Notify you via email for significant changes
  • Post the updated policy on our website with a new "Last Updated" date
  • Provide a summary of key changes

Your continued use of the Service after changes constitutes acceptance. If you disagree with changes, you may delete your account.

12. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Request disclosure of categories of personal information we collect
  • Request deletion of your personal information
  • Opt-out of the sale of personal information (note: we do not sell data)

To exercise these rights, email us at privacy@mynaikan.com. We will verify your identity before processing requests.

13. General Data Protection Regulation (GDPR) Compliance

If you are in the European Economic Area, our legal basis for processing your data includes:

  • Performance of Contract: To provide the journaling service you signed up for
  • Consent: For optional analytics cookies and marketing emails (which you can withdraw)
  • Legitimate Interests: For security, fraud prevention, and service improvement

You have the right to lodge a complaint with your local data protection authority.

14. Contact Us

For questions about this Privacy Policy or your data:

  • Privacy Email: privacy@mynaikan.com
  • General Support: support@mynaikan.com
  • Legal Contact: legal@mynaikan.com
  • Mailing Address: [Your Business Address]
  • Data Protection Officer: [Name/Email if applicable]

We aim to respond to privacy inquiries within 30 days.

15. Data Protection Officer

If you have concerns about how we handle your data, you can contact our Data Protection Officer at: dpo@mynaikan.com

Your trust is the foundation of MyNaikan.com. We are committed to transparency and protecting the privacy of your personal reflections.

← Back to Home