Privacy Policy

Effective Date: February 12, 2026

Last updated: February 12, 2026

Welcome to the "That Day" App ("the App", "we", "us"). We value and protect your personal information and privacy. This Privacy Policy explains how we collect, use, store, share, and protect your information, as well as the rights you may exercise. By using the App, you indicate that you have read and agreed to this policy.

This App is provided and managed by independent developer Zhao Yang, who is responsible for personal information processing.

This App is intended for recording and reflection and does not constitute medical advice, diagnosis, or treatment services.

1. Scope

This policy applies to the personal information processing activities that occur when you use the "That Day" iOS client. If you access third-party websites or services (e.g., Apple, cloud service provider pages), their processing behavior is subject to their own privacy policies.

2. Information We Process

We only process information to the extent necessary to provide the features:

1) Information you actively provide

  • Diary content, moments, tags, notebook information
  • Photos, videos, audio, and related metadata (e.g., creation time, duration) you add
  • Location names/addresses, mood records, and other content you fill in

2) Permission Information (with your authorization)

  • Location (for location recording and related experiences)
  • Photo Library/Camera (for importing, shooting, and saving media)
  • Microphone/Speech Recognition (for voice recording and transcription)
  • HealthKit (for reading/writing health-related data within your authorized scope, such as emotional states)
  • Biometrics (Face ID/Touch ID) for local unlocking

3) Subscription and Transaction Information

  • Subscription status, product identifiers, expiration dates, and restore purchase results obtained through Apple StoreKit
  • We do not process your full payment card information

4) Technical and Operational Information

  • Essential technical information, errors, and performance data required for the device and app to run (for security, stability, and troubleshooting)

5) AI Feature Request Data (when actively triggered by you)

  • When you use AI-related features, we send the input content required for the feature to the backend gateway and model service providers for processing and return the results
  • We follow the principle of data minimization and only send the content necessary to implement the feature

3. How We Use This Information

The purposes for which we process information include:

  • Providing recording, editing, searching, importing/exporting, backup, and synchronization functions
  • Providing app lock and identity authentication (PIN/Biometrics)
  • Providing AI summarization, insights, route naming, and other functions
  • Providing subscription purchase, restoration, and benefit management
  • Ensuring service security, stable operation, troubleshooting, and abuse prevention
  • Fulfilling legal obligations, handling disputes, and maintaining legal rights

4. Legal Basis for Processing

Under applicable law, we may process information based on:

  • Performance of a contract (providing requested services to you)
  • Your consent (e.g., location, health, microphone, AI content processing, etc.)
  • Legitimate interests (security protection, service optimization)
  • Legal obligations (compliance and regulatory requirements)

You can withdraw relevant permissions at any time in the system settings. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

5. Sensitive Information

Information such as location, health, and biometrics is considered sensitive personal information in some jurisdictions. We only process such information within the scope of your authorization or as permitted by law, and we take higher-level protection measures.

6. Information Sharing and Third Parties

We do not sell your personal information. We only share the minimum range of information in necessary scenarios:

  • Apple services (e.g., CloudKit, StoreKit, HealthKit) for synchronization, subscription, and health data capabilities
  • Cloud and AI service providers for processing AI requests you actively trigger
  • Infrastructure/security service providers for hosting, network distribution, and stability assurance
  • Cooperation with regulatory, judicial, or law enforcement requirements according to law
  • Necessary transfers during mergers, reorganizations, or other transactions in accordance with the law

We will use reasonable efforts to require relevant service providers to take appropriate security and confidentiality measures.

7. Cross-border Transfer

Since we may use global service providers, your information may be processed outside of your country/region. We will take necessary compliance measures (such as standard contractual clauses or other legal mechanisms) according to applicable laws.

8. Data Storage and Retention

We retain data according to the principle of data minimization:

  • Content you create is generally kept until you delete it
  • Subscription and quota records are retained for the period necessary for benefit verification and compliance auditing
  • Security and operation logs are retained for a reasonably necessary period
  • You can export, delete, or clear data through in-app functions

9. Your Rights

Depending on the applicable laws in your region, you may have the following rights:

  • Access, copy, correct, or delete personal information
  • Restrict or object to processing
  • Data portability (where applicable)
  • Withdraw consent
  • Lodge a complaint with a competent regulatory authority

10. Minors

The App does not provide services to children under 13 (or the legal minimum age in your region). If you believe there has been processing of minor information without guardian consent, please contact us, and we will handle it as soon as possible.

11. Security Measures

We take industry-standard security measures to protect information, including but not limited to transmission encryption, access control, minimum privilege, and secure storage (e.g., Keychain). However, no system can guarantee absolute security.

12. Policy Updates

We may update this policy due to feature changes or legal requirements. Significant changes will be notified via in-app prompts or other reasonable means. Continued use after the update indicates your acceptance of the updated policy.

13. Contact Us

To exercise your privacy rights, submit data access/correction/deletion requests, or inquire about privacy-related issues, please contact:

norasun@gmail.com

Regional Supplements

EU/EEA/UK

You may exercise rights of access, correction, deletion, restriction, objection, portability, etc., according to law, and may lodge a complaint with your local data protection regulator.

United States (including California)

We do not sell personal information. You may request information, deletion, and correction according to law; where applicable, you can request to limit the use of sensitive information.

Mainland China

We follow the principles of lawfulness, legitimacy, and necessity in processing personal information. For sensitive information (e.g., location, health, biometrics), we take separate authorization and protection measures. You can request to view, copy, correct, delete, and withdraw consent according to law.

Brazil

You can request confirmation of processing, access, correction, deletion, anonymization, and portability according to law.