Privacy Policy
Last Updated: February 21, 2026
Rich Code Studio LLC ("we," "us," "our") operates Stagewell AI, a personal wellness and growth application. This Privacy Policy explains what information we collect, how we use and protect it, and your choices regarding your data.
Our privacy commitment. Stagewell AI is designed with privacy at its core. Sensitive text content (journals, mood notes, dreams, coaching memories, financial notes) is end-to-end encrypted before leaving your device. Personal identifiers are stored in your device's secure Keychain. You can control exactly what data is shared with our AI coaching service, and you can switch to fully local AI processing at any time.
1. Information We Collect
1.1 Account Information
- Email address (via email sign-up, Google Sign-In, or Sign in with Apple)
- Display name
- Age range and gender (optional, provided during onboarding)
- Profile photo URL (from Google or Apple OAuth; stored on-device only)
1.2 Wellness & Health Data You Create
- Mood check-ins: mood type, intensity, triggers, optional notes
- Journal entries: text content, prompts used, tags
- Dream journal: narratives, interpretations, symbols
- Sleep, exercise, hydration, and energy logs
- Body weight entries
- Nutrition logs: food items, calories, macronutrients
- Meditation session records
- Wins and gratitude entries
- Habit tracking: names, completion history, streaks
- Goal tracking: titles, descriptions, progress
- Connection and relationship check-ins
1.3 Financial Wellness Data
- Budget entries (amounts, categories)
- Savings entries (amounts)
- Financial stress assessments
Financial notes are end-to-end encrypted. Dollar amounts are stored unencrypted for analytics display.
1.4 Apple HealthKit Data (With Your Permission)
If you grant access, we may read:
- Step count, heart rate, heart rate variability, resting heart rate, VO2 max
- Sleep analysis, respiratory rate
- Workout data, active and basal energy burned
- Dietary energy intake
We may also write the following to HealthKit:
- Mindfulness minutes (from meditation sessions)
- Dietary energy (from nutrition logging)
Raw HealthKit data stays on your device. Only summarized values (e.g., average steps, sleep hours) may be included in AI coaching prompts if you enable health data sharing in Settings.
1.5 Location Data (With Your Permission)
- Used for weather-based wellness forecasts via Apple WeatherKit
- Optionally attached to journal multimedia entries (GPS coordinates stored in Core Data)
1.6 Calendar Data (With Your Permission)
- Read access to calendar events for stress prediction and day planning
- Write access to add wellness habits to your calendar for reminders
Calendar data is processed on-device only and is not sent to any server.
1.7 Photos, Camera, and Microphone (With Your Permission)
- Photos and camera: for journal attachments, profile photos, and food photo analysis
- Microphone: for voice journal entries
- Speech recognition: for voice-to-text transcription of voice entries
Photos and voice recordings are stored locally on your device and in your iCloud (via CloudKit). They are not uploaded to our servers.
1.8 AI Coaching Conversations
- Messages you send to the AI coach
- AI-generated responses
- Coaching memories the AI develops about your preferences and patterns
1.9 Usage & Analytics Data
- Feature usage events (which tools you use, session duration)
- App lifecycle events (opens, closes, backgrounding)
- Onboarding flow completion and assessment scores
- Subscription and paywall interactions
- Maslow stage progression
- Device type, OS version, app version
Analytics are tied to an internal user ID. We do not use Apple's Identifier for Advertisers (IDFA) or any cross-app tracking identifier.
2. How We Use Your Information
- Core functionality: Personalized wellness tracking, journaling, mood analysis, habit tracking, and progress through Maslow's stages of personal growth
- AI coaching: To generate contextual, personalized coaching responses. Depending on your AI Data Sharing settings (see Section 3), this may include recent journal excerpts, mood patterns, health summaries, habit data, nutrition averages, and goal lists
- Cross-device sync: To sync your data across your Apple devices via iCloud (CloudKit) and our backend (Supabase)
- Analytics: To understand how features are used and improve the app. Analytics use anonymous internal identifiers, not advertising IDs
- Accountability partners: If you opt in, to share limited progress data (streaks, daily completion, mood summaries) with your chosen accountability partner
- Subscription management: To process and validate in-app purchases via Apple StoreKit
3. AI Coaching & Your Privacy Choices
3.1 How AI Coaching Works
When you use the AI coach, your messages are sent through our secure server-side proxy (Supabase Edge Function) to OpenAI's API for processing. The AI may also receive contextual information to personalize its responses.
3.2 What Context the AI Receives
By default, the AI coach may receive the following context alongside your message:
- Your first name (for personalized greetings)
- Health summaries (steps, sleep hours, heart rate averages)
- Recent journal excerpts (up to 500 characters each from your 3 most recent entries)
- Mood patterns, habit names and streaks, nutrition averages, and goal titles
- Your current Maslow stage
3.3 AI Data Sharing Controls
You can control exactly what the AI coach receives. In Settings > AI Coach > AI Data Sharing, you can independently toggle:
- Share your name — When off, the AI uses a generic greeting instead of your first name
- Share health data — When off, HealthKit summaries, physiological context, and wellness forecasts are excluded from AI prompts
- Share journal excerpts — When off, journal content is never included in AI prompts
All three are enabled by default. Changes take effect immediately on your next coaching message.
3.4 Privacy Mode (Local AI)
You can switch to fully local AI processing by configuring a local language model (e.g., LM Studio) in Settings > AI Coach. In this mode, no coaching data leaves your device or local network.
3.5 AI Training
Your coaching conversations are processed through OpenAI's API. Per OpenAI's API data usage policy, API inputs and outputs are not used to train OpenAI's models. We do not use your personal data or private journal entries to train any general-purpose AI models.
4. How We Protect Your Information
4.1 End-to-End Encryption
The following data is encrypted on your device using AES-256-GCM before being sent to our servers. We cannot read this content:
- Journal entry text
- Mood entry notes
- Dream entry content
- Coaching memory content
- Sleep, budget, savings, weight, energy, connection, and financial check notes
Your encryption key is stored in your Apple Keychain and can optionally sync via iCloud Keychain for cross-device access.
4.2 Secure Storage
- Personal identifiers (email, name, age range, gender) are stored in your device's Apple Keychain, not in plaintext storage
- AI service API keys (if you configure direct provider access) are stored in the Keychain
- Authentication tokens and encryption keys are stored in the Keychain with
kSecAttrAccessibleWhenUnlockedThisDeviceOnlyprotection - On-device data is encrypted at rest until the device is first unlocked after reboot
4.3 Network Security
- All network traffic uses TLS encryption
- SSL certificate pinning for AI provider connections
- HMAC-SHA256 request signing with anti-replay protection (5-minute window, nonce)
- Row-Level Security (RLS) on all database tables — users can only access their own data
4.4 Biometric Authentication
You can enable Face ID or Touch ID as an app lock in Security Settings to protect access to your wellness data.
4.5 What We Cannot Access
- Raw Apple HealthKit data (stays on your device per Apple's requirements)
- End-to-end encrypted content on our servers (journals, mood notes, dreams, coaching memories, financial notes)
- Your device passcode or biometric data
- Photos and voice recordings (stored locally and in your iCloud only)
5. Who We Share Data With
We do not sell your data. We do not share your data with advertisers or data brokers.
5.1 Third-Party Service Providers
| Service | Purpose | Data Shared |
|---|---|---|
| Supabase | Backend database, authentication, AI proxy | Account info, wellness data (sensitive text fields are E2E encrypted) |
| OpenAI | AI coaching (via server-side proxy) | Coaching messages and wellness context summaries (subject to your AI Data Sharing settings) |
| PostHog | Product analytics | Internal user ID, usage events, age range, gender (no IDFA, no session replay) |
| Sign-In authentication | OAuth tokens (email, name, photo URL) | |
| Apple | Sign in with Apple, iCloud sync, HealthKit, WeatherKit, StoreKit | Per Apple's platform terms |
| Open Food Facts | Nutrition database lookup | Barcode numbers and food search terms only (no user identifiers) |
5.2 Accountability Partners
If you opt in to the accountability partner feature, your chosen partner can see limited data: daily completion status, habit streaks, and mood entries. Partnership access requires mutual consent and can be revoked at any time.
5.3 Other Disclosures
We may disclose information:
- To comply with legal obligations or valid legal process
- To protect the safety of our users in situations involving imminent harm
- In connection with a merger, acquisition, or sale of assets (with prior notice)
- With your explicit consent
6. iCloud Sync
Stagewell AI uses Apple's CloudKit to sync your data across your Apple devices signed into the same iCloud account. This includes your wellness entries, journal content, mood data, habits, goals, and other app data stored in Core Data.
iCloud sync is managed by Apple and subject to Apple's Privacy Policy. You can disable iCloud sync for Stagewell AI in your device's Settings > [Your Name] > iCloud.
7. Data Retention & Deletion
- Active accounts: Data is retained as long as your account is active
- Account deletion: Available in-app via Settings. Deletes your data across 14+ database tables on our backend, plus your authentication account. iCloud data is managed by Apple per your iCloud settings
- Analytics data: Retained per PostHog's data retention policies
- AI conversation data: Not retained by OpenAI beyond API processing (per their API data usage policy)
- Local data: Remains on your device until you delete the app or clear data in Settings
8. Your Rights & Choices
- Access: View all your data within the app
- Deletion: Delete your account and all associated server-side data in-app (Settings > Account)
- AI data sharing: Control what wellness context is shared with the AI coach (Settings > AI Coach > AI Data Sharing)
- Privacy Mode: Switch to local AI processing to keep all coaching data on-device
- HealthKit: Revoke health data permissions at any time in iOS Settings > Health > Stagewell AI
- Location: Revoke location permissions at any time in iOS Settings > Privacy & Security > Location Services
- Calendar: Revoke calendar permissions at any time in iOS Settings > Privacy & Security > Calendars
- iCloud sync: Disable CloudKit sync in iOS Settings > [Your Name] > iCloud
- Analytics: Analytics are anonymous and do not use advertising identifiers
9. Children's Privacy
Stagewell AI is intended for users 13 years of age and older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will promptly delete it.
10. International Data Transfers
Your data may be processed in the United States and other jurisdictions where our service providers operate. We ensure appropriate safeguards are in place for international transfers, including encryption in transit and contractual protections with our sub-processors.
11. Changes to This Policy
We will notify you of material changes to this Privacy Policy through the app or by email. The "Last Updated" date at the top of this page indicates when the policy was most recently revised. Continued use of the app after changes constitutes acceptance of the updated policy.
12. Contact Us
For privacy questions or data protection inquiries:
Email: privacy@stagewellai.com
For general support:
Email: support@stagewellai.com
This Privacy Policy is governed by applicable United States and Florida law, except where superseded by international data protection regulations (including GDPR and applicable state privacy laws).