My Evening

Privacy Policy

Last updated: May 9, 2026

Our Commitment to Your Privacy

My Evening is built on a simple principle: your personal reflections belong to you alone. We believe an evening ritual app should help you put your phone down, not collect your data.

This Privacy Policy explains how My Evening ("we", "us", "our") handles information when you use our iOS application ("the App") and our website at myevening.app ("the Website"). By using the App or Website, you agree to the practices described in this policy.

Data Controller

My Evening is operated by Ivan Sokalskyi, prowadzący jednoosobową działalność gospodarczą pod firmą "My Evening" (sole proprietorship registered in Poland), NIP 8982299245, REGON 526716694, EU VAT ID PL8982299245, wpisany do CEIDG. Registered office: ul. Edwarda Abramowskiego 45, 51-663 Wrocław, Poland.

For questions about data handling, contact us at privacy_myevening@rongan.me or by post at the address above. Full operator details are also published on our Legal Notice page.

Information We Do Not Collect

We want to be clear about what we do not collect:

  • Your gratitude entries, tomorrow plans, or any journal content (stored only on your device)
  • Recordings of your voice (audio is streamed for transcription and discarded; never written to disk)
  • Your phone number, postal address, contacts, photos, location, or other device data
  • Your HealthKit data (never transmitted off your device)
  • Your browsing history, cookies, advertising identifiers, or cross-app tracking signals
  • Your payment information (handled entirely by Apple)

We do receive your Apple identity through Sign in with Apple — see the On-Device Data Storage section below for exactly what is stored.

On-Device Data Storage

All journal content you create in My Evening — gratitude entries, tomorrow plans, session history, person profiles, and preferences — is stored exclusively on your device using Apple's SwiftData framework. There is no cloud sync of journal content, and no way for us to access your entries.

Our backend at myevening.app stores only what is needed to authenticate you and operate the service: a SHA-256 hash of the Apple sub claim that identifies your account, your email and full name if you chose to share them at sign-in, rate-limit counters, and active WebSocket connection counts. Journal text is sent to the backend transiently for voice transcription and person detection, but is never persisted at the backend or at the upstream providers (ElevenLabs, OpenAI).

Data retention: on-device data remains as long as the App is installed. If you delete the App, iOS permanently removes the locally stored data; we have no ability to recover it because it was never on our servers. Backend account data persists until you sign out or delete your account from Settings.

Data backup: Your on-device data may be included in your iCloud or local device backups as managed by Apple and your device settings. We do not control or access these backups.

Voice Data and Transcription

When you use voice input, microphone audio streams from your iPhone over an authenticated WebSocket connection to our backend at myevening.app, which proxies the audio to ElevenLabs (Scribe v2 model) for real-time transcription. The transcript is returned to your device and saved locally.

What is stored: only the transcript, which lives on your device.

What is not stored: the audio. Recordings exist only in memory while transcription is running, and are discarded the moment the connection closes — at our backend and at ElevenLabs alike.

Voice transcription requires an authenticated session and a network connection. If neither is available, you can switch to text input. There is no on-device speech recognition fallback at this time.

Person detection: after a gratitude entry is saved, the entry text and your existing person list are sent to OpenAI (gpt-5-nano via the Responses API) so the app can recognize people you mention across nights. Like transcription, this happens in memory at the provider — neither the entry text nor the response is retained at OpenAI. Our OpenAI account is configured to opt out of model training.

AI Features and Person Detection

My Evening uses two AI systems, both classified as "limited-risk" under the EU AI Act (Regulation 2024/1689). We disclose them here so you know when AI is involved in producing what you see in the app:

  • Voice transcription (ElevenLabs Scribe v2). Converts audio you speak into the corresponding transcript. Used for transcription only; not used to identify you as a speaker.
  • Person detection (OpenAI gpt-5-nano via the Responses API). When you save a gratitude entry, the entry text and your existing person list are sent to the model, which returns suggestions about which person each entry mentions. You remain in control: the model output is a suggestion — not a decision — that you can accept, reject, edit, or ignore.

No automated decision-making with legal or significant effects. The AI features do not produce legal effects (e.g., approval / denial decisions, eligibility scoring, contractual changes). They are user-interface aids. We therefore do not consider them to fall within GDPR Art. 22 ("decisions based solely on automated processing").

We do not use AI to generate text for you, to impersonate a real person, to produce deepfakes or synthetic media, or for emotion recognition or biometric categorization.

For the operator's internal AI-related risk assessment, see our Data Protection Impact Assessment summarized in our Privacy Policy; the full DPIA is maintained internally and provided to supervisory authorities on request.

Analytics

My Evening does not use a third-party analytics SDK. No Google Analytics, no Firebase, no Facebook SDK, no TelemetryDeck, no Adjust, no AppsFlyer, no advertising identifiers.

Debug builds of the App write diagnostic events to Apple's os.log system for engineering purposes. These logs stay on your device and contain no entry content, person names, or identifiers.

We comply with Apple's App Tracking Transparency (ATT) framework. My Evening does not track you across other companies' apps or websites, and we do not request ATT permission because we do not engage in tracking.

If we ever introduce privacy-respecting product analytics in the future, we will update this Privacy Policy first and disclose what is collected before collection begins.

HealthKit Integration

If you grant permission, My Evening uses Apple HealthKit during onboarding to help you set your bedtime. We comply fully with Apple's HealthKit guidelines:

  • Read: we read your most recent sleep sample so we can pre-fill your bedtime in the time picker.
  • Write (opt-in only): if you choose, we write a single inBed sleep sample to HealthKit so your bedtime appears in the Health app. This stays on your iPhone and is never sent to our servers.
  • HealthKit data is only used within the App to personalize your experience
  • HealthKit data is never transmitted off your device
  • HealthKit data is never shared with third parties
  • HealthKit data is never used for advertising or marketing

You can revoke HealthKit access at any time through your iPhone's Settings > Privacy & Security > Health > My Evening.

Subscriptions and Payments

Subscription purchases are processed and managed entirely by Apple through the App Store using StoreKit 2. We do not process payments, store credit card numbers, or have access to your payment information. Your purchase history with Apple is governed by Apple's Privacy Policy.

We receive anonymized transaction confirmations from Apple to verify your subscription status. These confirmations do not include your name, email, or payment details.

Third-Party Services

My Evening minimizes third-party dependencies. The external services involved are:

  • Apple Sign In — Authentication. Apple returns an identity token; we hash the sub claim with SHA-256 to form your account ID. Email and full name are stored only if you share them through Apple's sheet.
  • Apple StoreKit 2 — Subscription management on Apple's servers.
  • Apple HealthKit — Bedtime read and optional inBed write, on-device only, if you grant permission.
  • ElevenLabs (Scribe v2) — Voice transcription. Audio is streamed transiently and not stored after each session.
  • OpenAI (Responses API, gpt-5-nano) — Person detection on saved gratitude entries. Entry text is processed transiently and not retained.
  • Microsoft Azure — Hosting for the myevening.app backend (transcription proxy and authentication) and for this website. Azure may keep standard server logs (see "This Website" below).

We do not use advertising networks, social media SDKs, crash reporting services that transmit personal data, data brokers, or any other third-party services that collect user information.

For a complete dated list of sub-processors with locations, transfer mechanisms, and DPA references, see our dedicated Sub-processors page. We give at least 30 days' notice on that page before adding a new sub-processor that processes personal data.

Last sub-processor change: 2026-05-09.

Notifications

My Evening sends local notifications as bedtime reminders if you enable them. These notifications are scheduled and delivered entirely on your device by iOS. They are never processed by our servers. You control notification permissions through your iPhone's Settings.

Children's Privacy

My Evening is not directed at children under the age of 13. We do not knowingly collect any information from children under 13. Since we do not collect personal information from any users, there is no mechanism through which children's data could be gathered. If you believe a child under 13 is using the App in a way that concerns you, please contact us at privacy_myevening@rongan.me.

For users in the European Economic Area, GDPR Article 8 requires parental consent for children under 16 (or the age set by the relevant EU member state, which may be as low as 13). If you are under 16 and located in the EEA, you must have your parent or legal guardian's consent before using the App. Since we do not collect personal information, we cannot verify age or consent; we rely on parents and guardians to supervise use of the App.

Your Rights Under GDPR (European and UK Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have certain rights under the General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and the equivalent UK GDPR + Data Protection Act 2018:

  • Right to access (Art. 15) — All your data is stored on your device and fully accessible to you within the App at all times. For backend-stored data (hashed Apple sub identifier, optional email/name), email privacy_myevening@rongan.me and we will respond within 30 days.
  • Right to rectification (Art. 16) — Edit your entries directly in the App. To correct your email or name held by us, contact us via the email above.
  • Right to erasure (Art. 17) — Delete individual entries in the App, or delete your account and all backend data via Settings → Delete Account in the App. Uninstalling removes on-device data.
  • Right to portability (Art. 20) — Export all your data as a JSON file from Settings → Export. Your data is also included in your iOS backups. The export is in a portable, machine-readable format.
  • Right to restrict processing (Art. 18) — Most processing happens on your device, where you control it. To restrict backend-side processing, contact us; we may suspend your account.
  • Right to object (Art. 21) — You can stop using the App at any time; no further processing occurs on our side after account deletion.
  • Right not to be subject to automated decision-making (Art. 22) — Not applicable: our AI features produce suggestions, not decisions with legal or significant effects.

Legal basis for processing: Authentication data (your hashed Apple identifier and any email or full name you shared at sign-in) is processed on the basis of contract performance (GDPR Art. 6(1)(b)) so that we can provide the App and its voice and AI-assisted features. Application logs are processed on the basis of our legitimate interest in operating and securing the service (Art. 6(1)(f)). Voice audio sent to ElevenLabs and entry text sent to OpenAI for person detection are processed transiently as part of providing those features and are not retained at our backend or at the providers.

UK consumers. If you are in the UK, your rights under the UK GDPR and Data Protection Act 2018 mirror those listed above. You may complain to the Information Commissioner's Office at ico.org.uk if you believe we have mishandled your personal data.

EEA consumers. You may complain to the supervisory authority in your member state, or to the Polish data-protection authority (Urząd Ochrony Danych Osobowych — UODO) at uodo.gov.pl as our lead supervisory authority.

International transfers. Journal content stays on your device and is not transferred. When you use voice transcription or person detection, audio and entry text are sent transiently to providers in the United States. The applicable safeguards per provider are:

  • ElevenLabs (United States) — voice audio. Transfer is governed by EU Standard Contractual Clauses (Module 2: controller → processor) included in the ElevenLabs Data Processing Addendum, plus our internal Transfer Impact Assessment. UK transfers additionally rely on the UK International Data Transfer Addendum where applicable.
  • OpenAI (United States) — gratitude-entry text. Transfer relies primarily on the EU-US Data Privacy Framework (OpenAI L.L.C. is DPF-certified) and on EU SCCs as a fallback, both included in OpenAI's Data Processing Addendum. The OpenAI EEA contracting party is OpenAI Ireland Ltd. (Dublin).
  • Microsoft Azure (Ireland / Netherlands) — backend hosting. Backend resources are deployed in the EU Data Boundary (North Europe region). Where Microsoft acts as a sub-processor outside the EEA, the Microsoft Online Services DPA includes EU SCCs and the UK IDTA.

See our Sub-processors page for the full list and our internal Transfer Impact Assessments are available to supervisory authorities on request.

Your Rights Under CCPA / CPRA (California Residents)

If you are a California resident, the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA") gives you the following rights with respect to your personal information ("PI").

Notice at Collection

We collect the limited categories of PI listed below at the moment you sign in or use voice/AI features. We use this PI only for the business purposes described, retain it only as long as needed for those purposes (see retention discussion above), and do not sell it or share it for cross-context behavioral advertising.

Categories of PI Collected

  • Identifiers — SHA-256 hash of your Apple sub claim; optional email and full name if you share them at sign-in.
  • Audio/electronic information — voice audio, processed transiently for transcription, never stored.
  • Internet/network activity — standard server log entries (IP address, user-agent, timestamps) generated by Microsoft Azure.
  • Other user-provided content — gratitude entries, tomorrow tasks, breathing-session metadata. These remain on your device. Gratitude-entry text is sent transiently to OpenAI for person detection and is not retained.
  • Geolocation: none.
  • Sensitive personal information: none. We do not use any data for inference about race, religion, health, sexual orientation, etc.

Sources

  • Directly from you (entries, voice input, app interactions).
  • From Apple via Sign in with Apple (the hashed identifier and any name/email you choose to share).

Business and Commercial Purposes

  • Authenticate your account and provide the App's features (gratitude, planning, breathing, history).
  • Transcribe voice input (ElevenLabs) and detect mentioned people in gratitude entries (OpenAI).
  • Operate the service: rate limiting, fraud prevention, security monitoring, application logs.
  • Provide subscription billing via Apple StoreKit 2.

Categories of Recipients

We share PI only with the sub-processors listed on our Sub-processors page (Apple, ElevenLabs, OpenAI, Microsoft Azure), each acting as a service provider under written contract. We do not share PI with advertisers, data brokers, or analytics companies.

Your Rights

  • Right to know the categories and specific pieces of PI we have collected about you.
  • Right to delete the PI we hold about you (Settings → Delete Account in the App, or contact us by email/postal mail).
  • Right to correct inaccurate PI (CPRA-added right, effective Jan 2023).
  • Right to opt out of sale or sharing for cross-context behavioral advertising.
  • Right to limit the use of sensitive PI — N/A as we do not collect or use sensitive PI for inference.
  • Right to non-discrimination for exercising any of the above.

Do Not Sell or Share My Personal Information

We do not sell or share your PI as those terms are defined under the CCPA/CPRA, and we have not in the preceding 12 months. Because we do not engage in sale or sharing for cross-context behavioral advertising, no "Do Not Sell or Share" link is required (per CCPA Reg. § 7026). We honor Global Privacy Control (GPC) signals for any future change in posture. We do not knowingly collect or sell PI of consumers under 16 without affirmative opt-in.

Financial Incentives

We do not offer financial incentives in exchange for the collection, sale, or retention of personal information.

How to Submit a Request

Designated request methods:

We verify requests by matching the requester's email or Apple ID to our records. We aim to respond within 45 days (with one 45-day extension if necessary, as permitted by the CCPA). Authorized agents may submit requests on behalf of consumers with written authorization.

Other U.S. State Rights

Several U.S. states have privacy laws that grant similar rights to those listed above. Even where we do not meet a specific statutory threshold, we extend the same posture to residents of these states as a matter of policy:

  • Colorado (CPA) — access, correction, deletion, portability, opt-out of sale / targeted advertising / profiling. Effective 1 Jul 2023.
  • Connecticut (CTDPA) — access, correction, deletion, portability, opt-out of sale / targeted advertising / profiling. Effective 1 Jul 2023.
  • Utah (UCPA) — access, deletion, portability, opt-out of sale / targeted advertising. Effective 31 Dec 2023.
  • Oregon (OCPA) — access, correction, deletion, portability, opt-out, plus the right to know specific third parties to whom we have disclosed PI. Effective 1 Jul 2024.
  • Texas (TDPSA) — access, correction, deletion, portability, opt-out. Effective 1 Jul 2024. We are subject to TDPSA from day one as it has no quantitative threshold.
  • Virginia (VCDPA) — access, correction, deletion, portability, opt-out of sale / targeted advertising / profiling. Effective 1 Jan 2023.
  • Iowa (ICDPA) — access, deletion, portability, opt-out of sale / targeted advertising. Effective 1 Jan 2025.
  • Montana (MCDPA) — access, correction, deletion, portability, opt-out. Effective 1 Oct 2024.
  • Florida (FDBR) — primarily applies to controllers with $1B+ revenue; we are out of scope for the privacy provisions but extend the same rights here for transparency. Effective 1 Jul 2024.
  • Other 2025–2026 effective laws: Delaware (DPDPA, 1 Jan 2025), New Hampshire (1 Jan 2025), New Jersey (15 Jan 2025), Tennessee (1 Jul 2025), Indiana (1 Jan 2026), Kentucky (1 Jan 2026), Maryland (1 Oct 2025), Minnesota (31 Jul 2025), Rhode Island (1 Jan 2026). Rights are similar to the laws listed above; contact methods are the same.

Universal Opt-Out Mechanisms. We honor Global Privacy Control (GPC) signals universally on this website, even where state law does not strictly require it.

To exercise any of these state rights, contact us via the methods listed in the CCPA section above. We will route requests to the appropriate state's framework based on your stated residency.

Canadian Users (PIPEDA)

For Canadian residents, our processing is governed by the Personal Information Protection and Electronic Documents Act ("PIPEDA"), and we follow its 10 fair-information principles:

  1. Accountability. Ivan Sokalskyi (operator) is responsible for all personal information under our control, including information transferred to sub-processors.
  2. Identifying purposes. Purposes are stated in this Privacy Policy at or before collection.
  3. Consent. Express consent is obtained for sensitive uses (e.g., HealthKit access, microphone access). Implied consent is relied on for transactional and operational processing.
  4. Limiting collection. We collect only what is necessary for the App's features.
  5. Limiting use, disclosure, retention. Voice audio and gratitude-entry text are processed transiently and never retained. Account data is retained only until you delete your account.
  6. Accuracy. You can edit your entries directly in the App.
  7. Safeguards. See our public SECURITY.md for our security posture.
  8. Openness. This Privacy Policy and our Sub-processors page are publicly available.
  9. Individual access. Email privacy_myevening@rongan.me to request access to information we hold about you.
  10. Challenging compliance. Concerns can be sent to the email above. You may also contact the Office of the Privacy Commissioner of Canada at priv.gc.ca.

Quebec Users (Law 25)

If you reside in Quebec, the Act respecting the protection of personal information in the private sector (as amended by Law 25, "Bill 64") applies in addition to PIPEDA.

  • Person in Charge of the Protection of Personal Information. The operator, Ivan Sokalskyi, acts as the Person in Charge. Contact: privacy_myevening@rongan.me.
  • Confidentiality incidents. Where required, we will notify the Commission d'accès à l'information (CAI) and affected individuals of confidentiality incidents posing serious risk of injury, in accordance with the Act.
  • Right to data portability (Art. 27). You can export your entries as JSON via Settings → Export.
  • Automated decision-making (Art. 12.1). Not applicable: our AI features produce suggestions, not decisions with legal effects.
  • Cross-border transfer assessment. Audio and entry text sent to U.S.-based ElevenLabs and OpenAI are subject to a privacy impact assessment (in addition to the GDPR Transfer Impact Assessments referenced above) and are governed by data processing agreements with adequate safeguards.
  • French-language considerations. Contracts and privacy notices are currently provided in English. We can provide translations or summaries on request to legal_myevening@rongan.me; we are evaluating full French versions of our policies for Quebec users.

You may file a complaint with the CAI at cai.gouv.qc.ca.

This Website

This website (myevening.app) is a static site hosted on Microsoft Azure Static Web Apps. The website:

  • Does not use cookies (first-party or third-party)
  • Does not collect personal data or form submissions
  • Does not use analytics or tracking scripts
  • Does not use fingerprinting or any identification technology
  • Does not store any data on your device (no localStorage, no sessionStorage)

Standard web server logs may be recorded by Azure, which may include IP addresses, browser type, and pages visited. These logs are managed by Microsoft under their privacy practices and are not accessed by us for any purpose.

For more information about how this website handles cookies and similar technologies, see our Cookie Policy.

Data Security

Your data is protected by iOS's built-in security features including device encryption, secure enclave, and app sandboxing. Since your data never leaves your device, the primary security boundary is your iPhone's own security. We recommend:

  • Keeping your iPhone software up to date
  • Using a strong device passcode or biometric authentication (Face ID / Touch ID)
  • Enabling Find My iPhone for remote data protection

Data Breach Notification

Since your personal data is stored exclusively on your device and never transmitted to our servers, the risk of a data breach on our side involving your personal information is effectively zero. However, we take our obligations seriously:

  • If we become aware of a security incident affecting our anonymous analytics data or any aspect of our infrastructure, we will investigate promptly
  • In the unlikely event that a breach affects personal data, we will notify the relevant supervisory authority within 72 hours as required by GDPR Article 33
  • If a breach is likely to result in a high risk to your rights and freedoms, we will notify affected individuals without undue delay as required by GDPR Article 34
  • We will document any security incidents and the measures taken in response

If you believe your device has been compromised and your locally stored My Evening data may be at risk, we recommend changing your device passcode and reviewing Apple's guidance on securing your iPhone.

Do Not Track and Global Privacy Control

Our website respects Do Not Track (DNT) browser signals and Global Privacy Control (GPC) preferences. Since our website does not use cookies, tracking scripts, or analytics of any kind, there is no tracking behavior to disable — your preferences are honored by default.

The My Evening iOS App does not track you across other apps or websites. We do not participate in cross-app tracking and have declared zero tracking to Apple in our App Store privacy nutrition labels.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and may provide notice within the App. Since we do not collect email addresses, we encourage you to review this page periodically.

Continued use of the App after changes are posted constitutes acceptance of the updated policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us using any of the channels below:

We aim to respond to all privacy inquiries within 30 days. For GDPR/UK GDPR data-subject requests we use the same email and postal channels.