Privacy Policy

Last updated: 2025

What We Collect

• Email address (for authentication)
• Journal entries (encrypted at rest with AES-256-GCM)
• Reminders you create
• Mood selections
• Basic usage analytics (no personal content)

What We Never Do

• We never sell your data to anyone
• We never share your entries with your employer or hospital
• We never share data with licensing boards
• We never use your entries to train AI models
• We never show ads

Encryption

Your journal entries are encrypted using AES-256-GCM before being stored in our database. Even if our database were compromised, your entries would be unreadable without the encryption key.

Data Deletion

You can delete your account and all associated data at any time from the Settings page. This action is permanent and cannot be undone. All your journal entries, reminders, and mood data will be permanently removed from our systems.

HIPAA Notice

OffShift is not a HIPAA-covered application and is not designed for clinical use. Do not enter patient names, room numbers, diagnoses, or any identifiable patient information.

Not a Medical Service

OffShift is a personal mental wellness tool. It is not therapy, counseling, or a substitute for professional mental health support. AI-generated reflections are not medical advice.

Contact

Questions about this policy? Contact us at privacy@offshift.app