Privacy Policy

Effective date: April 6, 2026

Dayward (“we”, “our”, “the app”) is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights.

1. Data We Collect

Account information: Email address and password (or OAuth provider identity) used to create your account.

Profile data: Name, sleep/work schedule, preferred planning times, energy preferences, and timezone. You provide this during onboarding.

Goals and plans: Goals you create (titles, descriptions, hours/week targets, priorities), scheduled session blocks, fixed commitments, and goal phases/roadmaps.

Reflections and journal entries: Post-session reflections (focus, energy, difficulty ratings, notes) and training log entries you write. These feed back into the AI coaching system to improve your plans.

Mentor conversations: Messages you exchange with the AI mentor feature.

Device calendar data: If you grant calendar access, we read events from your device calendar (via Apple EventKit) to detect scheduling conflicts. Calendar events are processed locally and are not stored on our servers.

Usage data: Session completion/skip patterns, performance-by-hour metrics, and weekly review data. This is used to personalize your scheduling.

2. How We Use Your Data

• Core functionality: Creating your account, generating weekly plans, scheduling sessions, and tracking goal progress.
• AI-powered features: Your goals, reflections, journal entries, and session history are sent to our AI service to generate personalized session plans, coaching insights, and weekly reviews. See Section 4 for details.
• Adaptive scheduling: Reflection ratings and completion patterns are analyzed to learn your peak performance hours and adjust future scheduling.
• Notifications: If enabled, we use your push token to send session reminders.

3. Data Storage

Your data is stored in a Supabase-hosted PostgreSQL database (cloud infrastructure provided by AWS). All data is associated with your authenticated user ID and protected by Row Level Security policies, meaning only you can access your own data.

Authentication tokens are stored securely in the iOS Keychain. Offline cached data is stored in the app’s sandboxed Application Support directory on your device.

4. AI Data Processing

We use Anthropic’s Claude APIto power AI features (session plans, mentor chat, weekly reviews, goal assessments). When you use these features, relevant context (goal details, recent reflections, schedule information) is sent to Anthropic’s servers for processing.

Per Anthropic’s data policy, prompts sent via the API are not used to train their models and are not retained beyond the request. We do not send your email, password, or payment information to Anthropic.

5. Third-Party Services

• Supabase (database, authentication) — supabase.com/privacy
• Anthropic (AI processing) — anthropic.com/privacy
• Apple (StoreKit for subscriptions, APNs for notifications, EventKit for calendar)
• Google (OAuth sign-in, if you choose this method)

We do not sell your data to any third party. We do not use advertising SDKs or analytics trackers.

6. Data Retention

Your data is retained for as long as your account is active. You can delete your account at any time from Settings, which permanently removes all your data from our servers (goals, blocks, reflections, journal entries, mentor conversations, and your profile).

7. Your Rights

• Access: All your data is visible within the app.
• Deletion:Delete your account from Settings > Delete Account. This is irreversible and removes all server-side data.
• Portability: Contact us to request an export of your data.
• Correction: You can edit your profile, goals, and entries directly in the app.

If you are in the EU/EEA, you have additional rights under GDPR including the right to restrict processing and to lodge a complaint with a supervisory authority.

8. Children’s Privacy

Dayward is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with data, please contact us and we will delete it.

9. Security

We protect your data with: HTTPS encryption in transit, Row Level Security on all database tables, JWT-based authentication, API key proxying through secure edge functions, and iOS Keychain for credential storage.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes through the app or via email. The effective date at the top of this page indicates when the policy was last revised.

11. Contact

For privacy questions or data requests, contact us at: support@dayward.ai