Shalem Privacy Policy

Effective date: May 4, 2026 Last updated: May 4, 2026

This is the privacy policy for Shalem, the iOS, Android, and web application operated by Zan - Zari Labs OÜ (Estonian registry code 17286420), with operating base in Rome, Italy. This policy describes what we collect, what we do not collect, where data lives, who can access it, and what rights you have.

We have written this in plain language. The goal is for you to understand what is happening with your data, not to bury commitments under defined terms. If anything here is unclear, email support@shalemapp.com and we will clarify.

1. The short version

• Reflection content stays out of our servers. When you type or speak something into Shalem to receive a reflection, that input is processed and immediately discarded. It is not retained, not aggregated into training sets, and not shared with model providers for training.
• Journals stay on your device. All journaling is local. There is no cloud sync. We made this choice deliberately, accepting the trade-off that journals do not migrate across devices.
• We collect your email if you give it to us. Joining the waitlist or signing up for premium creates a record with your email and subscription status. That is it.
• Anonymous usage events. We track which screens are visited (not what is typed) for product analytics. These are aggregated after 90 days.
• No third-party data sale, ever. We do not sell user data and we have no business model that would require us to.

The longer version follows.

2. What we collect

Email address. Collected when you join the waitlist (POST /api/waitlist) or when you create a premium subscription. Stored in our database (Supabase, EU Ireland region) until you ask us to delete it.

Subscription status. If you subscribe to Premium, RevenueCat records your subscription state (active, cancelled, expired). We use this to grant or revoke access to premium features.

Anonymous usage events. Which screens you visit, how long sessions last, what features are used. These events are not tied to your reflection content — we record that you used the Soul Check-in feature, not what you typed into it. After 90 days, individual events are aggregated and de-individualized.

Audio playback metrics. If you use audio narration, we record aggregate playback metrics (duration, completion rate) without tying them to the specific input that generated the audio.

Device-level information that platform stores require. Apple and Google receive certain technical identifiers as part of distributing the app. We do not control or expand on what they collect — see Apple's and Google's privacy policies for that.

3. What we do not collect

Reflection input. When you ask Shalem for a reflection, the text or voice input is processed and discarded. We do not log it, retain it, or store it. This is enforced at the application layer and verified in code review.

Journal content. Your journal lives on your device. We never see it. If you uninstall the app or change device, journal content does not migrate, because it never left your device in the first place.

Voice recordings. If you use voice input for a reflection, the audio is transcribed locally where possible, or sent through a transient processing pipeline that does not retain the audio. Voice files are not retained.

Cross-app tracking identifiers beyond what platform stores require. We do not embed third-party SDKs whose purpose is cross-app tracking.

4. Where data lives

Non-content data (account email, subscription status, anonymous events) is stored on Supabase infrastructure in the EU Ireland region.

Audio generation runs through ElevenLabs under a processing agreement. ElevenLabs generates audio in response to a request and returns it; the audio is not retained by ElevenLabs for training purposes.

Subscription billing is handled by Apple App Store, Google Play, and RevenueCat. They each have their own privacy policies governing payment data.

Email correspondence with support@shalemapp.com lives in our standard email infrastructure.

5. International transfers

Data may be processed in:

• The European Union (Supabase EU Ireland — primary infrastructure).
• The United States (Apple, Google, RevenueCat for subscription management; ElevenLabs for audio generation).

Where required, standard contractual clauses are in place. The EU is our primary jurisdiction for non-content data.

6. Legal basis under GDPR

For users in the European Economic Area, we rely on the following GDPR Article 6 lawful bases:

• Contract performance (Article 6(1)(b)) — for processing necessary to provide the service you signed up for, including subscription management and account email.
• Legitimate interests (Article 6(1)(f)) — for anonymous usage analytics that help us improve the product. You can object to this processing at any time.
• Consent (Article 6(1)(a)) — for marketing email if you opt in. You can withdraw consent at any time.

7. Retention

• Email addresses: retained until you ask us to delete them.
• Subscription records: retained for the duration of the subscription plus the period required by tax and consumer-protection law in the relevant jurisdiction (typically 7–10 years).
• Anonymous usage events: individual records retained for 90 days, then aggregated.
• Reflection content: not retained. Period.
• Journal content: lives on your device. We have no copy.
• Email correspondence with support: retained for 24 months for support continuity, then deleted.

8. Your rights

If you are in the EEA (or in any jurisdiction with comparable data-protection law), you have the following rights:

• Access — to know what we hold about you.
• Rectification — to correct inaccurate data.
• Deletion — to have your data deleted ("right to be forgotten").
• Portability — to receive your data in a portable format.
• Objection — to object to processing based on legitimate interests.
• Restriction — to ask us to limit processing while a dispute is resolved.
• Withdrawal of consent — for processing based on consent.

To exercise any right, email support@shalemapp.com from the address associated with your Shalem account. We respond within 30 days.

9. Children's privacy

Shalem is rated 13+ on the App Store and is not directed at children. We do not knowingly collect data from anyone under 13. If you believe we have collected data from someone under 13, email support@shalemapp.com and we will delete it.

10. Third-party processors

Current processors:

• Supabase — database and auth infrastructure (EU Ireland).
• ElevenLabs — audio generation.
• RevenueCat — subscription state management.
• Apple App Store / Google Play — distribution and payment processing.
• Vercel — web hosting.
• Resend — transactional email delivery.

This list is current as of the effective date above. Changes to the processor list will be reflected in updates to this policy. We notify users of material changes by in-app notice and email to subscribers.

11. Security

• All transit is TLS.
• Database access is keyed and audited.
• Application code is reviewed before deploy.
• The app does not embed third-party SDKs whose behavior we have not vetted.
• We do not have a public bug bounty program at this time, but we welcome responsible disclosure — email support@shalemapp.com with [SECURITY] in the subject.

12. Breach notification

In the event of a personal-data breach affecting Shalem users, we will notify the relevant supervisory authority and affected users in accordance with GDPR Article 33 and Article 34 timelines. Notification will be issued by email to affected users at the address on file.

13. Changes to this policy

When this policy changes materially, we update the "Last updated" date at the top, post an in-app notice, and email all users with an active account. Non-material changes (typo fixes, clarifications) are made silently with the date updated.

14. Contact for privacy questions

All privacy questions, including requests to exercise GDPR rights, go to:

support@shalemapp.com (subject line: [PRIVACY] for fastest routing)

We do not maintain a separate Data Protection Officer email. Privacy queries land in the same inbox as everything else and are handled with the same priority as any other formal request.

15. Operator details

Shalem is operated by:

Zan - Zari Labs OÜ Estonian Business Registry code: 17286420 Operating base: Rome, Italy Founder: Zarihoun Traore

For formal legal notices, email support@shalemapp.com with [LEGAL] in the subject and we will provide the appropriate registered mailing address for your jurisdiction's requirements.