Privacy Policy
Last updated: July 3, 2026
Draft — not yet legally reviewed
This policy reflects what the site actually does today. It has not yet been reviewed by counsel — get legal review as the product grows, especially if marketing expands into the EU.
1. Who we are
Ritual (“Ritual,” “we,” “us”) is operated by [LEGAL ENTITY NAME]. Contact: support@ritualjournaling.co.uk.
2. What we collect
When you purchase Ritual, Stripe (our payment processor) collects your email address, name, and payment details. We receive from Stripe your email address and the plan you purchased — never your card details. That email is stored as your access record and becomes your account key in the app.
3. Why we collect it
To grant and manage your access to Ritual, deliver receipts and essential service emails, and provide support. We do not sell or rent your email address to third parties, and we don’t send marketing email you haven’t opted into.
4. Where it's stored
Access records live in Supabase, our database provider. Payment records live in Stripe. Both are covered by their own security and compliance programs (SOC 2, PCI-DSS for Stripe).
5. Analytics
We use Vercel Analytics, a privacy-friendly, cookieless analytics service that records aggregate page views and interactions. It does not use cookies, does not fingerprint devices, and does not track you across sites — which is why you don’t see a cookie banner here.
6. Your rights
You can ask us at any time to show you, correct, export, or delete the personal data we hold about you. Email support@ritualjournaling.co.ukand we’ll act on it within 30 days. Deleting your access record ends your ability to use the product; refunds follow the policy in our Terms.
7. Contact
Questions about this policy: support@ritualjournaling.co.uk.
