Effective date: July 2, 2026
Sojo ("we," "us," "our") is a personal journaling app. This policy explains what information Sojo collects, how it's used, and the choices you have. It covers the app as it exists today and the near-term features described below (marked planned).
If you have questions about this policy, contact us at sodamoneyhelp@gmail.com.
Account information. When you sign up, we collect your email address and password (handled securely by our authentication provider, Supabase — we never see or store your raw password). You may optionally provide a display name.
Content you create. Journal entries, goals, and related activity (streaks, goal check-ins) that you write or generate inside the app. This content is stored so it's available across your devices and so the app can back it up.
Calendar data (optional, read-only) (planned). Once calendar integration launches, if you choose to connect your device calendar, Sojo reads event titles and times to show alongside your daily goals. Sojo never writes to, modifies, or deletes anything in your calendar, and calendar access is entirely optional.
Purchase and subscription information (planned). Once subscriptions launch, Sojo uses RevenueCat to manage purchases. When you subscribe, the RevenueCat SDK sends your purchase receipt off your device to RevenueCat, which validates it directly with Apple's App Store or Google Play's billing systems — this is standard for how in-app subscriptions work on both platforms. RevenueCat and Apple/Google retain the full transaction and purchase history as part of providing their services. Sojo's own systems do not store a purchase history — we only store your current subscription status (e.g., active/inactive, which tier) so the app knows which features to unlock. We never see or store your payment card details.
Push notification tokens (planned). Once push notifications launch, if you enable them, Sojo registers a device-specific push token with Expo's push notification service so we can deliver notifications to your device (e.g., a daily journaling reminder, a streak-at-risk nudge). This token identifies your device for notification delivery only — it's not linked to any advertising profile, and it isn't shared with anyone besides Expo, who use it solely to route the notification to your device.
Photos (optional, paid feature) (planned). Once photo attachments launch, if you choose to add a photo to a journal entry, Sojo uploads it to Supabase Storage (compressed first to reduce file size) and stores a reference to it in that entry. Photos are private to your account — or, for shared journals, visible to that journal's members, same as any other content you write there. You can delete a photo at any time, which removes it from both the entry and our storage. Photos are never used for anything beyond displaying them back to you in your journal.
Usage analytics. Sojo uses Firebase Analytics (Google) to understand which screens and features people actually use, so we know what to improve. This means basic usage events — which screens you visit and when, and how often — tied to an anonymous, per-install identifier that Firebase generates. We do not link analytics data to your account identity (we never send your email, display name, or user ID to Firebase), and we've explicitly disabled Android/iOS advertising ID collection in our Firebase configuration, so analytics data cannot be used to track you across other apps or for ad targeting.
Automatically collected information. Basic technical data needed to operate the app and diagnose problems (e.g., device type, app version, crash logs).
We do not collect: advertising identifiers, precise location, contacts, browsing history outside the app, or any data for ad targeting. Sojo does not show ads and does not sell your data.
We do not use your journal content, goals, or calendar data for advertising, profiling, or any purpose beyond operating the app for you.
Your account and content are stored with Supabase, our backend provider, which uses industry-standard encryption in transit and at rest. A copy of your data is also cached locally on your device (via local SQLite storage) so the app works offline and syncs when you're back online.
Sojo relies on a small number of service providers to operate:
| Service | Purpose | What they see |
|---|---|---|
| Supabase | Authentication, database, backend and file storage | Account info, journal/goal content, photos (planned) |
| Firebase Analytics (Google) | Anonymous usage analytics | Screen views, usage events, anonymous per-install ID — never your account identity |
| Expo (push notifications) (planned) | Delivering notifications | Device push token |
| RevenueCat (planned) | Subscription/purchase management | Purchase receipts and transaction history, anonymized user ID |
| Google Play / Apple billing (planned) | Payment processing | Payment details (never shared with us) |
Each of these providers is contractually and technically limited to using your data only to provide their service to Sojo — not for their own advertising or resale.
A future version of Sojo will let you optionally invite friends to write in a shared journal. If you use this feature, the people you invite will be able to see the shared journal's content, including entries you write in it. Content in your personal (non-shared) journals is never visible to anyone but you.
Sojo is not directed at children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us at sodamoneyhelp@gmail.com and we will delete it.
We use industry-standard measures (encryption in transit via HTTPS/TLS, encryption at rest, access-controlled backend infrastructure) to protect your information. No system is 100% secure, but we take reasonable steps to protect your data from unauthorized access.
We may update this policy as Sojo adds features (e.g., shared journals, subscriptions, photo uploads). We'll update the effective date above when changes are made. Material changes affecting how your data is used will be communicated in-app.
Questions, concerns, or data requests: sodamoneyhelp@gmail.com