Your data. Full stop.

1. What we collect

We collect:

• Your email address, to create and manage your account.
• Anonymous analytics events (via PostHog, EU-hosted), to understand how the app is used in aggregate. Events are not linked to your name or email — they are associated with an anonymous device identifier that we do not connect to your identity.
• Voice audio, when you record a journal entry. Audio is sent to our server to generate your reflection and is not stored by Nagi after the response is returned. See Section 3 for detail.

Legal basis (GDPR):

• Email: necessary to perform the service you've signed up for (Art. 6(1)(b))
• Voice audio: necessary to deliver your reflection (Art. 6(1)(b))
• Analytics: based on your consent, which you can withdraw at any time in Settings > Privacy (Art. 6(1)(a))

Your email address is required to create an account — without it, you cannot use Nagi. Providing your voice when recording is required to receive a reflection — without it, that feature cannot function. Analytics collection is optional: you can use Nagi fully without enabling it.

2. What we don't collect

Your journal entries are stored on your device only — Nagi has no copy of them and no means of accessing them. Your conversations with guides and your reflections never leave your phone.

3. Voice & AI processing

When you record, audio is sent to our server only to generate your reflection. Nagi does not store your audio. Our AI processor (Anthropic) generates your reflection and does not retain your audio beyond the session, per our data processing agreement with them.

Your audio is processed by Anthropic, a US company. We have a data processing agreement with Anthropic that requires them to handle your data in accordance with applicable privacy laws and prohibits them from using it to train AI models. This agreement satisfies the cross-border disclosure requirements of the Australian Privacy Act 1988 (APP 8).

How your reflection is generated: When you record a journal entry, your voice is transcribed and processed automatically by an AI system to produce your reflection. No human at Nagi reads your journal entries. The AI identifies themes in what you share to formulate the guide's follow-up questions and your written reflection. You can delete any reflection from within the app at any time.

4. Analytics

We use PostHog (EU-hosted) to understand how the app is used in aggregate — for example, how many people use the Zen Monk guide, or where people drop out of onboarding.

Analytics events are not linked to your name or email. They are associated with an anonymous device identifier that we do not connect to your identity. We do not use this data for advertising or share it with third parties. You can opt out in Settings > Privacy at any time.

5. Data retention

• Email address: held for as long as your account is active, plus 30 days after deletion to resolve any pending issues.
• Analytics data: retained for 12 months, then automatically deleted.
• Voice audio: not retained — discarded after your reflection is generated.
• Journal entries: stored on your device only. Uninstalling the app deletes them.

6. Security

Your account is protected by industry-standard authentication (Supabase Auth). All data in transit between the app and our servers is encrypted using TLS. Journal entries are stored on your device only and are not transmitted to our servers.

7. Your rights

You have the right to:

• Access the personal information we hold about you
• Correct inaccurate information
• Delete your account and all associated data
• Restrict or object to how we process your data
• Receive your data in a portable format (data export available in app)
• Withdraw consent for analytics at any time (Settings > Privacy)
• Lodge a complaint with the Office of the Australian Information Commissioner (oaic.gov.au) or, for EU residents, your national data protection authority

To exercise any of these rights, email [email protected]. We'll respond within 30 days.

8. Contact & changes

Questions: [email protected] — we respond within 2 business days.

If we make material changes to this policy, we'll notify you by email before they take effect.