Privacy Policy — Messy Moments, Thriving Hearts

What we collect

We only collect what's necessary to make the space work:

Email address — required to create and access your account.
Journal entries — the text you write, including any prompted responses and follow-up conversations.
Mood selections — the emotional state you choose before each entry, if you use that feature.
Onboarding preferences — the choices you make when first setting up your space, used to personalise your reflections.
Reflection usage — a monthly count of how many reflections you've received, used to apply free account limits.
Membership information — whether you're on the free or Gentle Membership plan, and the status of that membership. We do not store payment card details — payments are processed by LemonSqueezy on our behalf.
Username — optional, set in your account settings.
Journaling streak — calculated from your entry dates and displayed back to you.

We do not collect your name, phone number, or location. We do not run advertising on this platform, and we do not sell your information to anyone.

How your journal entries are processed

Important: When you submit a journal entry, the text is sent to Anthropic's API to generate your AI reflection. Anthropic processes this on our behalf. Your entry is not stored by Anthropic and is not used to train their models, under their current API data usage policy. You can review how Anthropic handles this at anthropic.com/privacy.

Outside of that processing step, your journal entries live in your private account. They are not read by us, not shared with anyone, and not used for any purpose other than displaying them back to you.

Third-party services we use

MMTH is built on a small set of trusted services. Here is what each one does and where you can review their own privacy policies.

Supabase

Handles authentication — your email, password, and login sessions — and stores your journal entries in a secure, private database. Row-level security means only your account can access your data.

Supabase privacy policy

Anthropic

Processes journal entry text to generate your personalised AI reflection. Anthropic does not store entries or use them to train their models under their current API policy.

Anthropic privacy policy

LemonSqueezy

Processes payments for Gentle Membership. We never see or store your payment card details — these are handled entirely by LemonSqueezy.

LemonSqueezy privacy policy

Vercel

Hosts this website and its serverless functions. Network-level request data (such as IP addresses) may be processed as part of serving the site.

Vercel privacy policy

Google Fonts

Serves the typefaces used on this site. Google may log font requests. You can opt out of Google Fonts logging by using a browser extension that blocks font requests.

Google privacy policy

We do not share your information with anyone beyond the services listed above.

How your data is stored

Your account credentials are managed by Supabase Auth, which stores passwords using secure hashing. Your journal entries are stored in a private Supabase Postgres database with row-level security enabled — only your account can access them.

This site does not use tracking cookies. Supabase Auth stores your session in your browser's local storage to keep you signed in between visits.

How we improve the experience

We may use anonymous, aggregated information — such as how many reflections are written each month, or which resources are most visited — to understand what's most helpful and to improve platform stability and usability. This information is never linked to you personally, and your journal content is never part of any aggregated analysis.

We do not run third-party advertising analytics, and we do not use your data to profile, target, or advertise to you.

Your rights and controls

Your writing belongs to you. You are in full control of your data at all times.

Download your journal

Save a readable copy of your entries, reflections, and conversations at any time. No waiting or requests needed — it's always available.

Account → Your journal

Delete your account

Permanently removes your account and everything associated with it. This cannot be undone, so we recommend downloading your journal first if you'd like to keep a copy.

Account → Leave MM,TH

Update your information

Change your email, password, or username at any time.

Account → Privacy & security

If you have a request that isn't covered by these controls, you can reach us at hello@messymomentsthrivinghearts.com.

Data retention

Your data is retained for as long as your account is active. If you delete your account, all data is permanently removed from our systems immediately. We do not retain backups of deleted accounts.

Children's privacy

This service is intended for adults aged 18 and over. We do not knowingly collect data from anyone under 18. If you believe a minor has created an account, please contact us so we can remove their data.

Changes to this policy

If we make material changes to this policy, we'll update the date at the top of this page. For significant changes, we'll notify you by email. Continued use of the service after changes constitutes acceptance of the updated policy.

Contact

Questions about your data or this policy: hello@messymomentsthrivinghearts.com