λΘ
SKIÁ
Privacy Policy
Effective July 9, 2026
Skiá is a personal time-based journaling app operated by an individual
developer ("we", "us"). This policy explains what we collect, why, and the
control you have over it. Questions: reflexskia@gmail.com.
What we collect
- Account info. When you sign in with Google we receive your email address and basic profile identifier. We do not receive your Google password.
- Your journal. The entries you create — activity labels, reflection notes, categories, ratings, and start/end times.
- Preferences. Your chosen theme.
- Web time (browser extension only, optional). If you install the Skiá browser extension and turn on "Web time", it records how long the active tab's website domain is in focus (for example x.com — 19m) so you can see your own daily web-time totals. It records the domain and duration only — never full URLs, page titles, page content, or your browsing history. It is off by default, tracks only the active tab, and never runs on incognito windows or when you are signed out.
- Health data (optional, Health Connect). If you connect Health Connect, Skiá reads — read-only — your steps, sleep, calories, exercise, nutrition, heart rate, and blood-oxygen so it can show that context alongside your entries in Patterns. It is off by default and only reads what you grant. See the Health Connect section below for how this data is handled.
We do not use third-party advertising or analytics/tracking
SDKs, and we do not collect your location, contacts, photos, or device
identifiers for tracking.
How we use it
- To provide the core service: storing your journal and syncing it across your devices.
- To power features you choose to use — for example AI-assisted review of your own entries.
We do not sell your data or use it for advertising.
Health Connect data
If you choose to connect Health Connect, Skiá reads the following
read-only: steps, sleep, active and total calories,
exercise, nutrition, heart rate, and blood-oxygen. This data is used
only to display body context next to your journal
entries in the Patterns view — for example, seeing how your sleep or
activity lines up with your logged focus and mood.
- Connecting Health Connect is optional and off by default; Skiá reads only the data types you grant.
- Health data stays on your device and is used solely for the in-app insights above. It is never sold, never used for advertising, and never shared with third parties.
- The only way health data leaves your device is if you export your own data to a CSV file.
- You can revoke Skiá's access at any time in Health Connect, and you can disconnect it in the app.
Storage & security
Your data is stored with our cloud database provider (Supabase). The
sensitive content of your entries (labels, notes, categories, ratings) is
encrypted before it is stored (AES-256-GCM), and all data
is transmitted over HTTPS. Entry timestamps are stored unencrypted so the
app can order and filter your timeline.
Important: this is not end-to-end encryption. We retain the
ability to decrypt your entries so that features like AI-assisted review and
data export can work. Treat anything you log as readable by the service.
Sharing with others
We share data only with the providers needed to run the app:
- Google — for sign-in.
- Supabase — for authentication and database hosting.
- AI service providers — only when you use a feature that sends your entries for review, and only for that purpose.
We do not share your data with anyone else.
Retention & deletion
We keep your data until you delete it. You can permanently delete your
account and all entries at any time in the app:
Menu → Settings → Delete account. This removes your account
and every entry immediately and cannot be undone. See our
account deletion page for details, or to
request deletion if you can't access the app.
Children
Skiá is not directed to children under 13, and we do not knowingly collect data from them.
Changes
We may update this policy; the effective date above will change when we do.
Contact
reflexskia@gmail.com