Privacy Policy

The data controller (or "business" under California law) responsible for your personal data is Motimi (operated by Bizvouch LLC, 1450 Justin Road, Lewisville, TX 75077, USA). You can contact us at any time about this policy at hello@getmotimi.com.

If you are in the EU/EEA or UK and we are required to appoint an Article 27 representative, that information will be added here once designated.

We collect only what we need to run the Service:

• Account information — email address, password hash, optional display name and birthdate.
• Authentication data — if you sign in with Google, the basic profile info Google shares (name, email, profile picture).
• Your growth content — journal entries, gratitude notes, daily intentions, goals, growth proofs, reflections, and any other content you create inside Motimi.
• Preferences — notification times, timezone, growth goals, and onboarding answers.
• Subscription & billing data — handled by Stripe. We receive a customer ID, subscription status, plan, trial dates, and the last 4 digits / brand of your card. Full card numbers never touch our servers.
• Device & technical data — IP address, browser type, operating system, language, and approximate location derived from IP, captured in standard server logs.
• Communications — emails you send us and our replies.

We do not knowingly collect special categories of data (health, biometric, religious belief, etc.) and we ask that you do not put such data into your journal entries unless you understand the risks. Anything you choose to write is stored as account content under section 2 above.

• To provide the Service (saving your entries, syncing across devices, generating your timeline) — legal basis: performance of a contract with you.
• To process subscriptions, trials, and payments via Stripe — legal basis: performance of a contract.
• To send transactional and reminder emails you opted into — legal basis: consent for marketing-style nudges, contract for receipts and account notices.
• To keep the Service secure, prevent abuse, and debug issues — legal basis: legitimate interests in operating a safe product.
• To improve the product using aggregate, non-identifying signals — legal basis: legitimate interests.
• To comply with legal obligations (tax, accounting, lawful requests) — legal basis: legal obligation.

You can withdraw any consent at any time without affecting the lawfulness of prior processing.

We use a small number of trusted vendors to run Motimi. They act as our processors under written agreements:

• Supabase — database, authentication, file storage. Hosted in the EU/US depending on project region.
• Stripe — subscription billing and payment processing.
• Resend — delivery of transactional and reminder emails.
• Google — only if you choose Google sign-in.
• Cloudflare / hosting provider — content delivery and DDoS protection.

We share personal data with these vendors only as needed to run the Service. We never sell or rent personal data, and we do not share it with advertisers or data brokers. We may disclose data if required by law, to enforce our Terms, or to protect the rights and safety of users.

Some of our processors are located in the United States. Where we transfer personal data outside the EEA or UK, we rely on the European Commission's Standard Contractual Clauses (and the UK Addendum where applicable) and apply additional safeguards as needed.

• Account & journal content — for as long as your account is active. Deleted within 30 days after account deletion (backups purge within 90 days).
• Billing records — retained for up to 7 years to meet tax and accounting laws, even after account deletion.
• Server logs — typically 30–90 days, then deleted or anonymized.
• Marketing email opt-ins — until you unsubscribe.

If you are in the EU/EEA or UK you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Erase your data ("right to be forgotten").
• Restrict or object to certain processing.
• Data portability — get your data in a machine-readable format.
• Withdraw consent at any time.
• Lodge a complaint with your local data protection authority.

To exercise any right, email hello@getmotimi.com. We respond within 30 days. You can also delete your account directly from the Me page in the app.

If you are a California resident, you have the right to:

• Know what personal information we collect, use, and disclose.
• Request a copy of personal information we have collected about you.
• Request deletion of personal information.
• Correct inaccurate personal information.
• Limit the use of sensitive personal information.
• Opt out of the "sale" or "sharing" of personal information for cross-context behavioral advertising.
• Be free from discrimination for exercising your rights.

We do not sell or share personal information as those terms are defined under the CCPA/CPRA. To exercise rights, email hello@getmotimi.com. We may need to verify your identity before responding. You may use an authorized agent.

Categories collected in the past 12 months: identifiers (email, IP), customer records (name, billing info), commercial information (subscription history), internet activity (logs), geolocation (approximate, from IP), and user-generated content (journal entries).

We use HTTPS in transit, encryption at rest via our database provider, role-based access controls, row-level security, and limited employee access. No system is 100% secure; if we discover a personal data breach affecting you, we will notify you and the relevant authority as required by law (within 72 hours under GDPR where applicable).

We use only essential cookies needed for sign-in and security. We do not use third-party advertising cookies or cross-site tracking. See our Cookie Policy for details.

Motimi is not directed to children. You must be at least 16 years old to create an account. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with data, contact us and we will delete it.

Motimi does not make legal or similarly significant decisions about you using automated processing. We do not use your journal content to train third-party AI models.

We may update this policy as the product and laws evolve. For material changes we will notify you inside the app or by email at least 14 days before the change takes effect.

Privacy questions or requests: hello@getmotimi.com · General contact: hello@getmotimi.com.