Privacy Policy
For One Story
ONE STORY JOURNAL
PRIVACY POLICY
Last Updated: 16 February 2026
One Story Journal (“One Story,” “we,” “our,” or “us”) is committed to protecting your privacy and safeguarding your personal information.
This Privacy Policy explains how we collect, use, process, store, and protect information when you access or use our physical journal, mobile application, AI-powered features including Nova (“AI Services”), website, and related services (collectively, the “Services”).
By using the Services, you acknowledge that you have read and understood this Privacy Policy.
1. IMPORTANT NOTICE REGARDING AI SERVICES
Nova and other AI features provided through the Services:
Are automated software systems
Do NOT provide medical advice
Do NOT provide psychological advice
Do NOT provide therapy or counseling
Do NOT provide psychiatric services
Do NOT provide legal, financial, or professional advice
Do NOT diagnose, treat, prevent, or cure any condition
The AI Services are for informational and personal development purposes only.
You should not rely on Nova as a substitute for licensed medical professionals, physicians, therapists, psychologists, psychiatrists, attorneys, financial advisors, or other qualified professionals.
If you are experiencing a medical emergency or mental health crisis, seek immediate assistance from a licensed professional or emergency services.
Use of the AI Services is at your own discretion and risk.
2. INFORMATION WE COLLECT
We collect information necessary to operate, improve, and secure the Services.
A. Information You Provide
Name
Email address
Account credentials
Purchase and payment information
Journal entries and written reflections
Goals, check-ins, and progress inputs
Communications with support
B. Automatically Collected Information
Device type and identifiers
IP address
Browser and operating system
App interaction data
Usage behavior
Performance diagnostics
Log data
C. AI-Processed Content
Journal entries and reflections may be processed by automated systems to generate personalized prompts, insights, and coaching outputs.
3. HOW WE USE YOUR INFORMATION
We use your information to:
Provide and personalize the Services
Generate AI-driven prompts and insights
Track goal progress and performance metrics
Improve AI personalization accuracy
Maintain security and prevent fraud
Process transactions
Communicate service-related updates
Comply with legal obligations
We do not sell your personal information.
4. LEGAL BASIS FOR PROCESSING (INTERNATIONAL USERS)
For users located in jurisdictions requiring a legal basis for processing (including the European Economic Area and United Kingdom), we process data under the following lawful bases:
Performance of a contract
Legitimate business interests
Compliance with legal obligations
Consent (where required)
5. AI PROCESSING & MODEL IMPROVEMENT
Your journal content may be processed by AI systems to generate outputs.
We may use anonymized and aggregated data to:
Improve system performance
Enhance personalization
Analyze product effectiveness
Anonymized data cannot reasonably be used to identify you.
We do not make your private journal entries publicly available.
Where third-party AI infrastructure providers are used, they process data under contractual confidentiality and data protection obligations.
6. DATA SHARING
We may share information with trusted service providers solely for:
Payment processing
Cloud hosting
AI processing infrastructure
Analytics
Security monitoring
These providers are contractually bound to safeguard information.
We may disclose information:
To comply with legal obligations
To enforce our Terms
To protect rights, safety, or property
7. DATA SECURITY
We implement commercially reasonable administrative, technical, and physical safeguards designed to protect your information.
These measures include:
Encrypted data transmission
Secure cloud hosting environments
Access controls
Monitoring and logging systems
However, no system can guarantee absolute security.
8. DATA RETENTION
We retain information only as long as reasonably necessary to:
Provide Services
Maintain accounts
Comply with legal obligations
Resolve disputes
Improve products in anonymized formats
Upon account deletion, identifiable personal data will be deleted or de-identified within commercially reasonable timeframes, subject to legal requirements.
9. YOUR PRIVACY RIGHTS
Depending on your jurisdiction, you may have the right to:
Access your personal information
Correct inaccurate data
Request deletion
Restrict processing
Object to processing
Request data portability
Withdraw consent (where applicable)
California residents may have additional rights under applicable privacy laws, including the right to request disclosure of information collected and shared.
To exercise rights, contact: support@onestory.me
We may verify identity before fulfilling requests.
10. CHILDREN’S PRIVACY
The Services are not intended for individuals under 18 years of age.
We do not knowingly collect personal information from minors.
If we become aware of such collection, we will take appropriate steps to delete the information.
11. INTERNATIONAL DATA TRANSFERS
Information may be processed in the United States or other jurisdictions where we or our service providers operate.
Where required, appropriate safeguards are implemented for cross-border data transfers.
12. DATA BREACH NOTIFICATION
In the event of a data security incident affecting personal information, we will take appropriate steps consistent with applicable law, including notification where required.
13. GOVERNING LAW & DISPUTES
Your use of the Services is also governed by our Terms of Service, which contain important provisions regarding dispute resolution, limitation of liability, and arbitration.
We strongly recommend reviewing the Terms of Service carefully.
14. CHANGES TO THIS POLICY
We may update this Privacy Policy periodically.
Material changes will be communicated as required by law.
Continued use of the Services after updates constitutes acceptance.
15. CONTACT
For privacy inquiries:
support@onestory.me