Privacy Policy

SoulPen is operated by Valunik, based in Gothenburg, Sweden. Payments and invoices are handled by Paddle.com as the Merchant of Record. SoulPen is an AI-powered handwritten wellness journaling app that reads both what you write and how you write it — analysing content and handwriting stroke characteristics together to generate personalised emotional insights and gentle wellness nudges. SoulPen acts as the data controller for all personal data processed through soulpen.app. Contact us at contact@soulpen.app.

2.1 What SoulPen Collects: Account data (name and email), journal images (uploaded temporarily for AI analysis, encrypted EU storage, deleted after processing), derived insights (emotional tone, theme tags, wellness scores, handwriting stroke signals, semantic embedding vector — not raw text or images), subscription data (plan tier via Paddle), usage data (basic interaction logs).

2.2 What SoulPen Does Not Collect: SoulPen is built on a privacy-by-architecture principle. We do not store your raw journal text or original handwritten images after analysis is complete. Your words stay yours — SoulPen retains only the emotional and wellness signals derived from them.

To generate SoulPen insight cards, wellness nudges, and weekly letters. To build your SoulPen memory — recognising patterns such as recurring themes. To calculate your 7-day wellness trajectory and streak. To manage your SoulPen subscription via Paddle. To send transactional emails.

SoulPen does not use your journal data for advertising, does not sell your data to third parties, and does not use your data to train AI models beyond your own SoulPen experience.

Contract performance, legitimate interests (security, fraud prevention, product improvement), and consent where explicitly given.

All user data stored on Supabase EU infrastructure. Encrypted at rest and in transit. Row Level Security policies ensure only you can access your SoulPen data. Subscription tier can only be changed by SoulPen's payment webhook using verified Paddle transaction data.

Account data and derived insights retained while your account is active. Journal images deleted after analysis. Account deletion results in permanent deletion of all data within 30 days.

• Supabase (EU region) — database, auth, encrypted storage.
• Google Cloud Vision API — OCR for handwritten entries.
• Anthropic Claude API — AI language analysis for insights.
• Paddle — subscription payment processing and billing as Merchant of Record.

Right of access, rectification, erasure, data portability, right to object, right to restrict processing. Contact contact@soulpen.app to exercise any right. Response within 30 days.

SoulPen is not intended for children under 16. Contact contact@soulpen.app to report any such data.

Material changes notified via email. Continued use constitutes acceptance.

SoulPen — Valunik, Gothenburg, Sweden. contact@soulpen.app. soulpen.app.