Privacy Policy
Last Updated: October 22, 2025
At RoastMyDay, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information.
1. Information We Collect
Account Information:
- Email address
- Display name (optional)
- Profile photo (optional)
- Authentication credentials (hashed passwords)
- Account creation date
Voice Recordings:
- Audio files of your daily descriptions
- Duration and file size
- Recording timestamps
Roast Data:
- Transcribed text from your voice recordings
- AI-generated roast responses
- Productivity scores (1-10)
- Date and time of each roast
Usage Data:
- Streak statistics (current, best, total roasts)
- Average scores and performance metrics
- Feature usage (which screens you visit)
- App crashes and errors
- Device information (model, OS version)
Subscription Data:
- Subscription status (trial, premium, expired)
- Billing information (managed by App Store/Play Store)
- Trial usage (days remaining, roasts used)
2. How We Use Your Information
Provide Core Services:
- Process your voice recordings through AI
- Generate personalized roasts and feedback
- Track your daily streaks and statistics
- Store your roast history
- Manage your subscription
Improve the App:
- Analyze usage patterns
- Fix bugs and crashes
- Develop new features
- Optimize AI responses
Communicate with You:
- Send daily reminder notifications
- Alert you about streak status
- Notify about subscription changes
- Respond to support requests
3. Third-Party Services
We use the following third-party services to operate RoastMyDay:
OpenAI:
- Processes your voice recordings (speech-to-text)
- Generates AI roast responses (GPT-4o-mini)
- Creates text-to-speech audio (TTS)
- Content moderation
- Privacy Policy: https://openai.com/privacy
Firebase (Google):
- Authentication services
- Cloud database (Firestore)
- File storage (Cloud Storage)
- Analytics and crash reporting
- Push notifications
- Privacy Policy: https://firebase.google.com/support/privacy
RevenueCat:
- Subscription management
- In-app purchase processing
- Trial tracking
- Privacy Policy: https://www.revenuecat.com/privacy
4. Data Storage and Retention
Where Your Data is Stored:
- User accounts: Firebase Firestore (Google Cloud)
- Voice recordings: Firebase Cloud Storage (temporarily)
- Roast audio: Firebase Cloud Storage
- App analytics: Firebase Analytics
How Long We Keep Your Data:
- Account information: Until you delete your account
- Voice recordings: Automatically deleted after 30 days
- Roast text and scores: Until you delete your account or individual roasts
- Roast audio files: Until you delete your account
- Analytics data: Anonymized and kept for 24 months
- Crash logs: 90 days
5. Data Security
Technical Safeguards:
- All data transmitted via HTTPS encryption
- Passwords are hashed and never stored in plain text
- API keys are secured on backend servers
- Firebase Security Rules protect database access
- Regular security audits and updates
Access Controls:
- You can only access your own data
- Employees have limited access on need-to-know basis
- Two-factor authentication for admin accounts
Note: No method of transmission or storage is 100% secure. We cannot guarantee absolute security.
6. Your Privacy Rights
Access:
- View all data we have about you
- Export your data in JSON format
Correction:
- Update your profile information
- Correct inaccurate data
Deletion:
- Delete individual roasts
- Delete your entire account and all associated data
- Request data deletion via support
Portability:
- Export your roast history
- Download your data
To exercise these rights, go to Settings > Account or contact support@roastmyday.app
7. GDPR Compliance (EU Users)
If you are in the European Union, you have additional rights under GDPR:
- Legal basis for processing: Consent and contractual necessity
- Right to withdraw consent at any time
- Right to lodge a complaint with a supervisory authority
- Data Processing Agreement available upon request
- We do not make automated decisions that significantly affect you
International Data Transfers:
- Your data may be processed in the United States
- We use Standard Contractual Clauses for transfers
- Firebase and OpenAI comply with EU-US data transfer frameworks
8. Children's Privacy
RoastMyDay is not intended for children under 13 years old:
- We do not knowingly collect data from children under 13
- If we learn we have collected such data, we will delete it
- Parents can contact us to request deletion of child data
- Users must be 13+ to create an account
9. Changes to Privacy Policy
We may update this Privacy Policy from time to time:
- We will notify you of significant changes via email or in-app notification
- Changes take effect immediately upon posting
- Continued use of the App constitutes acceptance
- You can always view the latest version in the App
10. Contact Us
For privacy-related questions or requests:
- Email: privacy@roastmyday.app
- Support: support@roastmyday.app
- Website: www.roastmyday.app
Response time: We will respond to privacy requests within 30 days.
Your Privacy Matters
We are committed to protecting your privacy and handling your data responsibly. If you have any concerns, please contact us.