Privacy Policy
Lucid — Dream Journal
Last updated: March 26, 2026
1. Who We Are
Lucid ("the App") is developed and operated by the developer ("we", "us", "our"). If you have questions about this policy, contact us at [email protected].
2. Data We Collect
Account Information
- Email address and display name (if you sign up with email, Google, or Apple)
- Authentication tokens from Google or Apple (used solely to verify your identity)
- You may use the App anonymously without providing any personal information
Dream Journal Content
- Voice recordings you create within the App (audio files)
- Dream text — transcripts, edits, summaries, and follow-up answers
- Ratings you assign (clarity, lucidity, sleep quality, restedness)
- Dream analysis data — extracted entities (locations, characters, objects), dream signs, and graph relationships
App Usage & Settings
- Preferences: wake/bed time, notification settings, language, reality check configuration
- Gamification data: streaks, achievements, level/XP
- Your timezone (for scheduling notifications)
- Device push token (to deliver notifications to your device)
Analytics & Diagnostics
- Anonymous usage events (e.g. "dream saved", "map viewed") — no dream content is included
- Crash reports and error logs (without personally identifiable information)
3. How We Use Your Data
- Core functionality: transcribing audio, analyzing dreams, building your dream map, generating personalized insights and intentions
- Sync across devices: keeping your journal backed up and accessible
- Notifications: sending reminders, reality checks, and WBTB alarms at your chosen times
- Improving the App: understanding usage patterns and fixing bugs
We do not sell your data. We do not use your dream content for advertising. We do not train AI models on your data.
4. Third-Party Services
We use the following third-party services to provide App functionality:
| Service | Purpose | Data Shared |
|---|
| OpenAI | Speech-to-text, dream analysis, text-to-speech | Audio recordings, dream text |
| Google Sign-In | Authentication | OAuth token (email, name) |
| Apple Sign-In | Authentication | Identity token (email, name) |
| Firebase Cloud Messaging | Push notifications | Device push token |
| Sentry | Error tracking | Crash reports (no PII) |
| PostHog | Product analytics | Anonymous usage events |
Each service processes data according to their own privacy policies. We send only the minimum data required for each service to function.
5. Data Storage & Security
- Dream data is stored locally on your device (SQLite) and synced to our server (PostgreSQL on Railway) over encrypted connections (HTTPS/TLS)
- Audio files are stored on our server and accessible only to your account
- Passwords are hashed with bcrypt and never stored in plain text
- Authentication tokens are stored in your device's secure keychain (expo-secure-store)
6. Data Retention
- Your data is retained as long as your account is active
- When you log out, all local data is deleted from your device
- You can request full account deletion by emailing [email protected]
7. Your Rights
You have the right to:
- Access your data — your full dream journal is available in the App at all times
- Delete your data — request account and data deletion via email
- Use the App anonymously — no email or personal information required
- Opt out of analytics — contact us and we will disable tracking for your account
8. Children's Privacy
Lucid is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal information, please contact us so we can delete it.
9. Changes to This Policy
We may update this policy from time to time. We will notify users of material changes through the App or by email. Continued use of the App after changes constitutes acceptance of the updated policy.