Daylogue is a personal AI-powered journaling app that helps you track your moods, discover emotional patterns, and gain meaningful insights into your wellbeing through daily, weekly, and monthly check-ins.

How does mood tracking work in Daylogue?

Daylogue uses simple daily check-ins where you rate your mood, energy, and stress levels. The AI analyzes your entries over time to identify patterns and provide personalized insights about your emotional wellbeing.

Is my journal data private and secure?

Yes, Daylogue prioritizes your privacy. Your journal entries are stored securely and are only accessible to you. We use encryption and follow best practices for data protection.

Is Daylogue private and secure?

Yes. Daylogue uses local-first storage (your data stays on your device first) and end-to-end encryption. Even Daylogue staff cannot read your journal entries. Your encryption keys stay under your control.

Does Daylogue sell my data?

No. Daylogue has no ads, no data selling, and no third-party trackers. We make money from subscriptions, not from your emotional insights. Your data will never be sold to advertisers or anyone else.

Can I export or delete my Daylogue data?

Yes. You can export all your check-ins, insights, and data anytime in standard formats. You can also permanently delete everything whenever you want, no questions asked. Your data, your choice.

What encryption does Daylogue use?

Daylogue uses AES-256 encryption at rest and TLS 1.3 encryption in transit. Your data is encrypted before it leaves your device with end-to-end encryption, meaning we literally cannot read your journal entries.

Is Daylogue HIPAA compliant?

Daylogue is designed with HIPAA Security Rule principles in mind for our technical safeguards. We do not claim HIPAA compliance and do not currently offer Business Associate Agreements. Our zero-knowledge encryption means we cannot access your encrypted data.

Is Daylogue HIPAA compliant?

Daylogue does not claim HIPAA compliance. We are designed with HIPAA Security Rule principles in mind for our technical safeguards, but we are not a covered entity, have not undergone formal HIPAA audits, and do not currently offer Business Associate Agreements (BAAs).

What does HIPAA-aligned mean for Daylogue?

HIPAA-aligned means our technical safeguards follow the standards outlined in the HIPAA Security Rule: access controls, AES-256 encryption at rest, audit controls, transmission security with TLS 1.3, and integrity controls. It does not mean we are HIPAA certified or compliant.

Can healthcare professionals use Daylogue?

Daylogue is designed for personal use. If you are a healthcare professional considering Daylogue for work-related journaling, please consult your organization's compliance team first. We do not offer BAAs and cannot guarantee HIPAA compliance for professional healthcare use.

Does Daylogue offer Business Associate Agreements (BAAs)?

No, Daylogue does not currently offer Business Associate Agreements. This is one of the key reasons we explicitly state that we do not claim HIPAA compliance. BAAs are a requirement for formal HIPAA compliance when handling protected health information.

Built with serious privacy standards

We use the same security principles that protect healthcare data. Here's exactly what that means for your journal.

Transparency First

Let's talk about what this actually means

No jargon, no fine print games. Just honest answers about how we protect your words.

First, a quick HIPAA primer

HIPAA is a U.S. law that tells hospitals, insurers, and their partners how to protect patient data. Daylogue isn't a healthcare company. We're a personal journaling app. But that doesn't mean we take privacy any less seriously.

Why we say "HIPAA-aligned"

We built our security using the same technical standards that protect medical records. Strong encryption when your data is stored. Strong encryption when it travels. Access controls that make sure only you can see your entries. Logging that helps us catch anything suspicious. These are real protections, not marketing words.

What we're not claiming

There's no official "HIPAA certified" stamp. It doesn't exist. We haven't done a formal HIPAA audit. We don't sign Business Associate Agreements (BAAs). And when you use AI features, your content is briefly decrypted so the AI can read it. We want you to know all of this upfront.

Why we're telling you all this

Most apps bury this stuff in legal documents. We think you deserve better. Your journal holds real thoughts and real feelings. You should know exactly how we protect them. Not because the law requires it, but because it's the right thing to do.

The Technical Details

How we actually protect your data

For the security-minded folks who want specifics.

Access Controls

Every user gets a unique ID. Sessions time out automatically. New devices need your approval before syncing.

Audit Controls

We log activity so we can spot anything unusual. You can see your own sync history too.

Integrity Controls

Cryptographic signatures verify your data hasn't been tampered with. If something changes, we'll know.

Transmission Security

TLS 1.3 encrypts everything moving between your device and our servers. No one can listen in.

Encryption at Rest

Your entries are encrypted with AES-256-GCM before they're stored. Even we can't read them.

Authentication

Secure login with email verification. No password? No problem. Magic links are just as safe.

All safeguards actively protecting your data

The honest details

A few things worth knowing before you dive in.

Daylogue is a personal journal. It's for you, about you, owned by you.

We follow healthcare-grade security standards because your thoughts deserve protection.

We don't offer Business Associate Agreements (BAAs) at this time.

If you work in healthcare and want to use this professionally, check with your compliance team first.

Work in healthcare?

You're welcome here for personal journaling. But if you're thinking about using Daylogue for anything work-related, talk to your compliance team first. We built this for personal reflection, not clinical notes or patient information.

We don't offer BAAs, so we can't meet the formal requirements your organization might need.

Questions?

Still have questions?

We're happy to get into the details. Security nerds welcome.

Security DetailsAI & PrivacyPrivacy Policy