dreamyprivacypolicy.github.io

Privacy Policy

Effective Date: November 14, 2025 Last Updated: November 14, 2025 Document Version: 2.0

---

Introduction

Welcome to Dreamy (“we,” “our,” “us,” or “the App”). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, share, and protect your information when you use our mobile application and related services.

Your dreams are deeply personal, and we understand the sensitive nature of the content you share with our app. This policy outlines our commitment to keeping your dream journal private and secure, while being transparent about how we use third-party services to provide AI-powered features.

IMPORTANT: By using Dreamy, you acknowledge that certain features require sharing your data with third-party AI services. You maintain full control over which features you use and can opt-out at any time.

---

Table of Contents

1. Information We Collect
2. How We Use Your Information
3. Third-Party AI Services & Data Sharing
4. Data Storage and Security
5. Your Privacy Rights and Controls
6. Data Retention
7. Age Restrictions & Content Moderation
8. Children’s Privacy
9. International Data Transfers
10. Third-Party Services
11. Changes to This Policy
12. Contact Us
13. Legal Disclaimer & Limitations of Liability

---

Information We Collect

Personal Information

• Profile Data: App preferences, settings, language preferences, and subscription status
• Device Information: Device type, operating system version, app version, unique device identifier (for technical support and app functionality only)
• Payment Information: Processed securely through Apple App Store or Google Play Store (we do not collect, store, or have access to your payment card details)

Dream Content

• Dream Entries: All text content, titles, dates, emotions, tags, and metadata you add to your dreams
• Dream Elements: Characters, places, objects, animals, actions, emotions, and themes you record
• AI Memory Phrases: Personalized insights and patterns extracted from your dreams (stored locally)
• Usage Patterns: Frequency of app usage, feature usage statistics, dream count

Automatically Collected Data

• Technical Data: Crash reports, performance metrics, error logs (anonymized where possible)
• Analytics: Anonymous usage statistics to improve app functionality (can be disabled in settings)

User-Generated Content

The App allows you to create and store personal dream journal entries. This content is user-generated and may include sensitive personal information, thoughts, and experiences. You are solely responsible for the content you create and store in the App.

---

How We Use Your Information

Core Functionality

• Dream Storage: Securely store and organize your dream entries locally on your device
• AI Analysis (Premium Feature - Requires Explicit Consent): Process dream content through third-party AI services for interpretation, pattern recognition, and personalized insights
• Synchronization: Sync your data across multiple devices (optional, requires explicit activation)
• Personalization: Customize your app experience based on preferences and language settings
• Memory Building: Generate and store personalized AI memory phrases locally to improve interpretation quality over time

Service Improvement

• App Enhancement: Analyze aggregated, anonymized usage patterns to improve features
• Technical Support: Diagnose and resolve technical issues reported by users
• Security: Monitor for suspicious activity and prevent unauthorized access
• Quality Assurance: Test and improve AI interpretation accuracy

Communication

• Support Responses: Respond to your inquiries and support requests
• Service Updates: Notify you of important app updates, security patches, or policy changes
• Premium Features: Information about subscription benefits, renewals, and billing (through App Store/Google Play)

---

Third-Party AI Services & Data Sharing

AI-Powered Features (Premium Subscription Required)

EXPLICIT CONSENT REQUIRED: Before using any AI-powered features, you will be prompted to provide explicit permission for sharing your dream content with third-party AI services.

What AI Services We Use

We use OpenAI’s GPT models (a third-party artificial intelligence service) to provide the following premium features:

1. Dream Interpretation: Analyze dream content to identify symbols, themes, and potential meanings
2. Pattern Recognition: Detect recurring themes and emotional patterns across your dreams
3. Memory Phrase Generation: Create personalized insights based on your dream history
4. Dream Reports: Generate comprehensive weekly and monthly dream analysis reports
5. Contextual Questions: Generate relevant questions to deepen dream understanding

What Data Is Shared with OpenAI

When you use AI-powered features, the following data is transmitted to OpenAI:

• Dream Content: The full text of your dream entries
• Dream Elements: Characters, places, objects, emotions, and themes you’ve recorded
• AI Memory Context: Up to 10 personalized memory phrases stored locally (to provide contextual interpretation)
• Language Preference: Your selected language (French or English) to ensure responses in your preferred language

What Data Is NOT Shared

• Account Information: Your email, device ID, or any personally identifiable account information
• Payment Information: No payment or billing information is ever shared
• Other Dreams: Only the specific dream(s) you choose to interpret are shared
• Analytics Data: Usage statistics and app analytics are never shared with AI services

How Third-Party AI Services Use Your Data

OpenAI’s Data Usage Policies (as of January 2025):

• OpenAI processes your data to provide AI interpretation services
• According to OpenAI’s API Data Usage Policy: API data is not used to train OpenAI’s models unless you explicitly opt-in to data sharing for training purposes (which this App does NOT do)
• OpenAI retains API requests for a limited time (typically 30 days) for abuse monitoring and service improvement, then deletes them
• OpenAI does not sell your data to third parties

IMPORTANT: While we do not authorize OpenAI to train models on your data, you should review OpenAI’s Privacy Policy at https://openai.com/privacy for complete details about their data handling practices.

Data Transmission Security

• Encryption in Transit: All data sent to OpenAI is encrypted using industry-standard TLS 1.3 encryption
• No Data Storage by AI Provider: OpenAI does not permanently store your dream content for purposes beyond temporary processing
• Request Logging: We log anonymous metadata about AI requests (timestamp, token count, model used) for troubleshooting, but do not log the actual dream content
• No Cross-User Data Sharing: Your dreams are never shared with other users or used to improve other users’ experiences

Your Control Over AI Features

You have complete control:

• Opt-In Required: AI features are disabled by default and require your explicit consent
• Per-Dream Control: You choose which specific dreams to interpret with AI
• Disable Anytime: You can disable AI features at any time in Settings
• Delete AI Data: You can delete all AI-generated interpretations and memory phrases from within the App
• Premium Subscription Control: AI features require an active Premium subscription, giving you subscription-level control

We Do NOT Share Your Dreams For

• Marketing or Advertising: Your dream content is NEVER used for advertising purposes
• AI Model Training: Your dreams are NOT used to train external AI models (we do not opt-in to OpenAI training programs)
• Data Sales: We NEVER sell your personal information or dream data to third parties
• Analytics: Dream content is NEVER included in analytics or aggregated statistics
• Social Sharing: Your dreams are NEVER shared publicly or with other users unless you explicitly export and share them yourself

Limited Exceptions for Data Disclosure

We may disclose personal information or dream content only in these specific, legally required circumstances:

• Legal Requirements: When required by law, court order, subpoena, or government request
• Safety Concerns: To prevent imminent harm to you or others (e.g., if content indicates risk of self-harm or harm to others)
• Service Providers: To trusted technical partners who help operate our service (under strict confidentiality agreements and only to the extent necessary)
• Business Transfer: In case of merger, acquisition, or asset sale (with continued privacy protection commitments)

Important: We will notify you of legal requests for your data unless prohibited by law, and we will challenge overly broad or inappropriate requests.

---

Data Storage and Security

Local Storage (Primary)

• Primary Storage: All dream data is encrypted and stored locally on your device using industry-standard AES-256 encryption
• Offline Access: Your dreams remain fully accessible even without internet connection
• Device Security: Data is protected by your device’s built-in security features (passcode, biometric authentication)
• No Server Storage by Default: Unless you enable cloud backup, your dreams never leave your device

Cloud Backup (Optional)

• Opt-In Only: Cloud backup is disabled by default and requires your explicit activation
• End-to-End Encryption: All data is encrypted on your device before transmission using AES-256 encryption
• Secure Transmission: Data transfer uses TLS 1.3 encryption
• Your Keys Only: You control the encryption keys; we cannot decrypt your cloud-backed dreams without your device access
• Geographic Control: Cloud data is stored in secure data centers compliant with international security standards

Security Measures

• Bank-Level Encryption: AES-256 encryption for all dream content (the same standard used by financial institutions)
• Access Controls: Secure authentication protocols protect your account
• Data Isolation: Each user’s data is completely isolated from other users
• Regular Security Audits: Periodic security assessments and vulnerability testing
• Automatic Logout: Optional automatic logout for added security
• Security Incident Response: Immediate notification in case of any security breach

Security Limitations

While we implement strong security measures, no system is 100% secure:

• Device Security: If your device is compromised (jailbroken, rooted, malware), data security may be affected
• Your Responsibility: You are responsible for maintaining strong device passwords/biometrics
• Network Security: Public Wi-Fi networks may pose risks; we recommend using trusted networks

---

Your Privacy Rights and Controls

Access and Control

• Data Access: View all personal information and dream content we store
• Data Export: Download your complete dream journal in multiple formats (JSON, PDF, TXT)
• Data Correction: Update or correct any inaccurate information at any time
• Data Deletion: Request complete removal of your account and all data (takes effect within 30 days)

Privacy Controls

• Granular Settings: Control what data is collected and processed
• AI Opt-In/Opt-Out: Explicitly enable or disable AI analysis features
• Cloud Sync Control: Choose whether to enable cloud synchronization
• Analytics Opt-Out: Disable anonymous usage analytics in Settings
• Export Control: Export and review all your data at any time

Regional Privacy Rights

GDPR (European Union)

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure (“right to be forgotten”)
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent at any time
• Right to lodge a complaint with supervisory authorities

CCPA (California)

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed and to whom
• Right to say no to the sale of personal information (Note: We do NOT sell data)
• Right to access personal information
• Right to equal service and price, even if you exercise privacy rights
• Right to deletion of personal information

Other Jurisdictions

We comply with applicable local privacy laws including UK GDPR, Brazil’s LGPD, Canada’s PIPEDA, and other regional regulations.

How to Exercise Your Rights

To exercise any of these rights:

1. Email us at: dreamy.application@gmail.com with “Privacy Rights Request” in the subject line
2. Use the in-app Settings > Privacy > Data Management section
3. Provide your device ID or account identifier for verification
4. We will respond within 30 days (or as required by local law)

---

Data Retention

Active Accounts

• Dream Data: Stored indefinitely while your account is active (you control deletion)
• Account Information: Maintained for the duration of your account
• AI Interpretations: Stored locally with your dreams until you delete them
• Usage Analytics: Anonymized, aggregated data may be retained for service improvement

Account Deletion

When you delete your account:

• Immediate Deactivation: Account access is immediately disabled
• Personal Data Removal: Personal information deleted within 30 days
• Secure Deletion: All traces permanently removed from active systems
• Cloud Backup Cleanup: Cloud backups completely purged within 90 days
• Anonymous Data: Aggregated, anonymized analytics may be retained (cannot be linked back to you)
• Legal Retention: We may retain minimal data if required by law (e.g., payment records for tax purposes)

Inactive Accounts

• Inactive Period: Accounts inactive for 3+ years may be flagged for review
• Deletion Notice: We will attempt to notify you via last known contact before deletion
• Grace Period: 60-day grace period to reactivate before permanent deletion

---

Age Restrictions & Content Moderation

Age Rating

Dreamy is rated 12+ (Apple App Store) / Teen (Google Play Store)

This rating reflects:

• Mild infrequent mature themes that may appear in user-generated dream content
• Rare/mild content related to horror/fear themes common in dreams
• User-generated content that may not be suitable for children under 12

Age Verification

• Account Creation: Users must confirm they are 13 years of age or older (17+ in some jurisdictions) to create an account
• Parental Consent: Users between 13-17 should have parental consent (we recommend parental supervision)
• Age Declaration: By using the App, you represent and warrant that you meet the minimum age requirements

Content Guidelines

While Dreamy is a personal, private journal app, users agree to:

• Not Create Illegal Content: No content depicting illegal activities, child abuse, or exploitation
• Personal Use Only: Dreams are for personal reflection, not for sharing harmful or abusive content
• Appropriate Content: Dreams should not contain excessive violence, graphic sexual content, or hateful material if the app is used by minors with parental supervision

Content Moderation Mechanisms

Because your dreams are private and stored locally, we do not actively monitor content. However:

• Reporting Mechanism: Users can report concerning content if encountered through shared features (future versions)
• AI Safety Filters: Our AI interpretation service (OpenAI) has built-in content policy filters that may refuse to process content violating OpenAI’s Usage Policies
• Parental Controls: Parents should supervise minor users and review content using device-level parental controls
• Age-Appropriate AI Responses: AI interpretations are designed to provide thoughtful, non-graphic responses suitable for mature teenagers and adults

Prohibited Content

Users may not use Dreamy to create, store, or process:

• Content depicting child sexual abuse or exploitation (CSAM)
• Content that promotes terrorism or violent extremism
• Content that violates intellectual property rights of others
• Spam, malware, or malicious content

Violation Consequences: Accounts found to violate these policies may be immediately suspended or terminated, and we may report illegal content to law enforcement as required by law.

---

Children’s Privacy

Dreamy is NOT intended for children under 13 years of age.

COPPA Compliance (United States)

In compliance with the Children’s Online Privacy Protection Act (COPPA):

• We do not knowingly collect personal information from children under 13
• We do not knowingly allow children under 13 to create accounts
• If we discover we have collected information from a child under 13, we will immediately delete that information
• Parents who believe their child under 13 has provided information should contact us immediately at dreamy.application@gmail.com

International Child Privacy

We comply with international child privacy laws including:

• EU GDPR (age of digital consent: 13-16 depending on country)
• UK GDPR (age of digital consent: 13)
• Other applicable regional child privacy regulations

Parental Notice

If you are a parent or guardian and believe your child is using Dreamy:

1. Review Content: Use your device’s parental controls to review app content
2. Supervision Recommended: We recommend supervising usage for users under 18
3. Contact Us: Contact us to delete your child’s account if they are under the minimum age
4. Report Concerns: Report any concerns about age-appropriate content to dreamy.application@gmail.com

---

International Data Transfers

Global Service

• Worldwide Access: Dreamy is available globally
• Data Localization: Data is primarily stored locally on your device
• Cloud Storage: If you enable cloud backup, data may be transferred internationally to secure data centers
• AI Processing: When using AI features, dream content is transmitted to OpenAI servers (primarily located in the United States)

Protection Measures for International Transfers

• Standard Contractual Clauses (SCCs): For EU data transfers, we rely on European Commission-approved SCCs
• Adequacy Decisions: We rely on adequacy decisions where available (e.g., EU-US Data Privacy Framework for applicable services)
• Encryption in Transit: All international data transfers use TLS 1.3 encryption
• Data Minimization: Only necessary data is transferred internationally
• Third-Party Agreements: Our AI service provider (OpenAI) complies with international data protection standards

Your Rights Regarding International Transfers

If you are located in the EU, UK, or other jurisdictions with strict data transfer laws:

• You have the right to obtain information about safeguards for international transfers
• You can object to international transfers in certain circumstances
• Contact us for more details about specific transfer mechanisms

---

Third-Party Services

We use the following third-party services to operate Dreamy:

App Store Platforms

• Apple App Store: Subject to Apple’s Privacy Policy for app downloads, payments, and subscription management (https://www.apple.com/legal/privacy/)
• Google Play Store: Subject to Google’s Privacy Policy for app downloads, payments, and subscription management (https://policies.google.com/privacy)

What They Collect: App download history, payment information, subscription status, app usage time (controlled by platform settings)

AI Services

• OpenAI (GPT Models): Used for AI-powered dream interpretation (requires Premium subscription and explicit consent)
  • Data Shared: Dream content, dream elements, AI memory context (as described in Section 3)
  • Privacy Policy: https://openai.com/privacy
  • Data Usage: API data not used for model training; retained temporarily for abuse monitoring

Firebase Services (Google)

• Firebase Remote Config: Used to update AI prompts and app configurations remotely

  • Data Shared: Device type, app version (no personal information or dream content)
  • Privacy Policy: https://firebase.google.com/support/privacy

• Firebase Crashlytics: Used for crash reporting and app stability monitoring

  • Data Shared: Anonymized crash logs, device type, OS version, app version
  • Privacy Policy: https://firebase.google.com/support/privacy

Analytics Services (Optional)

• Anonymous Analytics: Anonymous usage statistics (can be disabled in Settings)
  • Data Shared: Feature usage, session duration, app version (no personal information or dream content)
  • Opt-Out: Available in Settings > Privacy > Analytics

No Other Third Parties

• No Advertising Networks: We do not use advertising networks or ad tracking
• No Social Media Integration: We do not share data with social media platforms
• No Data Brokers: We do not sell or share data with data brokers or marketing companies

Your Control Over Third-Party Services

• AI Services: Opt-in required; can be disabled at any time
• Analytics: Can be disabled in Settings
• Crashlytics: Can be disabled in Settings (may affect our ability to fix bugs)
• Remote Config: Cannot be disabled (required for app updates, but shares no personal data)

---

Changes to This Policy

Policy Updates

We may update this Privacy Policy from time to time to reflect:

• Changes in legal requirements
• New features or services
• Improved privacy practices
• User feedback

Notification of Changes

• Effective Date: All changes will show a new “Last Updated” date at the top
• Material Changes: For significant changes affecting your rights, we will notify you via:
  • In-app notification
  • Email (if you provided one)
  • Prominent notice on this page
• Continued Use: Your continued use of Dreamy after changes take effect constitutes acceptance of the updated policy
• Right to Object: If you disagree with changes, you may delete your account and cease using the App

Review History

You can request previous versions of this Privacy Policy by contacting dreamy.application@gmail.com.

---

Contact Us

If you have any questions, concerns, requests, or complaints regarding this Privacy Policy or our privacy practices, please contact us:

Email: dreamy.application@gmail.com Subject Line: Please include “Privacy Policy” in your subject line for faster processing

Response Time: We will respond to all inquiries within 30 days (or as required by applicable law)

Data Protection Officer (for EU inquiries): dreamy.application@gmail.com with subject “DPO Request”

Complaints: If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority (for EU/UK users).

---

Legal Disclaimer & Limitations of Liability

Developer Protection

PLEASE READ THIS SECTION CAREFULLY. IT LIMITS OUR LIABILITY AND AFFECTS YOUR LEGAL RIGHTS.

No Warranty

THE APP AND ALL SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO:

• No Warranty of Accuracy: AI-powered interpretations are provided for entertainment and self-reflection purposes only. We make no warranties about the accuracy, reliability, completeness, or usefulness of any AI-generated content.
• No Professional Advice: Dreamy is NOT a substitute for professional medical, psychological, or therapeutic advice. Dream interpretations are not intended to diagnose, treat, cure, or prevent any medical or mental health condition.
• No Data Loss Guarantee: While we implement robust security measures, we cannot guarantee against data loss due to device failure, user error, software bugs, or other unforeseen circumstances. You are responsible for backing up your important data.
• No Uninterrupted Service: We do not guarantee that the App will be available at all times or that services will be uninterrupted, secure, or error-free.

Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

• No Liability for Indirect Damages: We are not liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of data, loss of profits, emotional distress, or other intangible losses.
• Aggregate Liability Cap: Our total liability to you for all claims arising from your use of the App shall not exceed the amount you paid for Premium subscription fees in the 12 months preceding the claim (or $50 USD if no fees were paid).
• Third-Party Services: We are not responsible for the actions, privacy practices, or content of third-party services (including OpenAI) that you choose to use through the App.
• User-Generated Content: You are solely responsible for any content you create, store, or share through the App. We are not liable for any consequences arising from your content.

Indemnification

You agree to indemnify, defend, and hold harmless Dreamy, its developers, affiliates, and service providers from any claims, losses, liabilities, damages, costs, or expenses (including legal fees) arising from:

• Your use or misuse of the App
• Your violation of this Privacy Policy or Terms of Service
• Your violation of any third-party rights, including intellectual property or privacy rights
• Any content you create or share through the App
• Your violation of any applicable laws or regulations

User Responsibility

YOU ARE RESPONSIBLE FOR:

• Content Appropriateness: Ensuring content you create complies with our Content Guidelines and applicable laws
• Device Security: Maintaining the security of your device, including using strong passwords and keeping software updated
• Backup: Creating your own backups of important data (we recommend using the Export feature)
• Age Compliance: Ensuring you meet minimum age requirements and have parental consent if required
• Legal Compliance: Using the App in compliance with all applicable local, state, national, and international laws

Third-Party AI Disclaimer

IMPORTANT: When you use AI-powered features:

• You acknowledge that AI interpretations are generated by third-party AI systems (OpenAI) and may contain errors, inaccuracies, or inappropriate content
• We do not endorse, verify, or take responsibility for the content of AI-generated interpretations
• AI interpretations reflect patterns and probabilities, not factual assessments or professional opinions
• You use AI-generated content at your own risk and discretion

Severability

If any provision of this Privacy Policy is found to be invalid or unenforceable under applicable law, that provision shall be modified to reflect the parties’ intention or eliminated to the minimum extent necessary, and the remaining provisions shall remain in full force and effect.

Governing Law

This Privacy Policy and any disputes arising from it shall be governed by the laws of [Your Jurisdiction], without regard to conflict of law provisions. Any legal action must be brought in the courts of [Your Jurisdiction].

Survival

The following sections shall survive termination of your account or this Privacy Policy: Legal Disclaimer & Limitations of Liability, Indemnification, Data Retention (for legally required periods), and any other provisions that by their nature should survive.

---

Legal Compliance

This Privacy Policy complies with applicable privacy laws and regulations including:

• GDPR (General Data Protection Regulation - EU)
• UK GDPR (United Kingdom)
• CCPA (California Consumer Privacy Act)
• COPPA (Children’s Online Privacy Protection Act - USA)
• LGPD (Lei Geral de Proteção de Dados - Brazil)
• PIPEDA (Personal Information Protection and Electronic Documents Act - Canada)
• Apple App Store Review Guidelines (including 5.1.1(ix), 5.1.2(i), and related sections)
• Google Play Developer Policy Center
• Other applicable regional privacy regulations

---

Summary of Key Points

For Quick Reference (This summary does not replace the full policy):

• Your Dreams Stay Private: We never sell your dream data
• AI is Opt-In: AI features require your explicit permission and Premium subscription
• Third-Party AI: Dream content is shared with OpenAI (only when you use AI features)
• Local Storage: Dreams stored locally on your device by default
• Strong Encryption: AES-256 encryption for all dream content
• Your Control: Delete data anytime, disable AI anytime
• Age Rating: 12+ / Teen - Not for children under 13
• No Professional Advice: AI interpretations are for entertainment only
• Limited Liability: See Section 13 for important legal limitations

---

Your privacy is our priority. Dream safely with Dreamy.

If you have questions or concerns about this Privacy Policy, please contact us at dreamy.application@gmail.com.

---