Home Security Support Start

Privacy Policy

Last updated: February 10, 2026

This Privacy Notice for Riddle ("we," "us," or "our") describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have questions, please contact us at support@riddle.love.

🔐 End-to-End Encryption

Your journal content is protected by end-to-end encryption. This means we cannot read your entries—ever. Only you have the key. For full details on how this works, see Section 13 or visit our Security page.

Summary of Key Points

Table of Contents

  1. What Information Do We Collect?
  2. How Do We Process Your Information?
  3. What Legal Bases Do We Rely On?
  4. When and With Whom Do We Share Information?
  5. Do We Use Cookies and Tracking?
  6. Do We Offer AI-Based Products?
  7. How Long Do We Keep Your Information?
  8. How Do We Keep Your Information Safe?
  9. Do We Collect Information From Minors?
  10. What Are Your Privacy Rights?
  11. Controls for Do-Not-Track Features
  12. Do US Residents Have Specific Rights?
  13. End-to-End Encryption of User Data
  14. Do We Make Updates to This Notice?
  15. How Can You Contact Us?

1. What Information Do We Collect?

Personal Information You Provide

We collect personal information that you voluntarily provide when you register, express interest in our products, participate in activities, or contact us. This includes:

Sensitive Information

Your journal entries may contain sensitive information (health data, relationship details, personal reflections). However, this content is end-to-end encrypted—we cannot read, access, or process it. See Section 13 for details.

Payment Data

If you make purchases, payment data is handled by Lemon Squeezy and Apple. We do not store your payment card details.

Audio Recordings

If you use voice features, we may collect audio recordings you provide. These are processed to deliver the service and are subject to the same privacy protections.

Information Automatically Collected

When you visit or use our Services, we automatically collect certain information including:

This information helps us maintain security, improve our Services, and understand how people use Riddle.

2. How Do We Process Your Information?

We process your information to:

3. What Legal Bases Do We Rely On?

We process your information based on:

4. When and With Whom Do We Share Information?

We may share information in these situations:

We have not sold or shared personal information for business or commercial purposes in the past 12 months, and we will not do so in the future.

5. Do We Use Cookies and Tracking?

Yes. We use cookies and similar technologies to:

Google Analytics

We use Google Analytics to understand how visitors interact with our website. You can opt out at tools.google.com/dlpage/gaoptout. See Google's Privacy Policy for more information.

Advertising

We may use tracking technologies to measure advertising effectiveness and show relevant ads to people who have visited our site. This helps us reach people who might benefit from Riddle. You can opt out of targeted advertising through your browser or device settings.

Note: This tracking applies to our marketing website—your actual journal content remains end-to-end encrypted and completely private.

6. Do We Offer AI-Based Products?

Yes. Riddle uses artificial intelligence to provide personalized journaling responses. Our AI is powered by Google Cloud AI.

When you interact with AI features, your content is temporarily decrypted in a secure, isolated environment to generate a response, then immediately re-encrypted. We do not store or log decrypted content. The AI has no persistent memory of your unencrypted text after responding.

7. How Long Do We Keep Your Information?

We keep your personal information for as long as you have an account with us. When you delete your account, we delete your data from our active systems, though some information may remain in backups for a limited period.

Your encrypted journal content is deleted when you delete your account. Since we can't read it, we can't selectively retain it even if we wanted to.

8. How Do We Keep Your Information Safe?

We use multiple layers of protection:

No system is 100% secure. However, because your journal content is end-to-end encrypted, even if our servers were compromised, attackers would only find unreadable encrypted data.

9. Do We Collect Information From Minors?

We do not knowingly collect data from or market to children under 18. By using Riddle, you represent that you are at least 18 years old. If we learn we've collected information from someone under 18, we will delete it promptly. Contact us at support@riddle.love if you believe we have data from a minor.

10. What Are Your Privacy Rights?

Depending on where you live, you may have the right to:

To exercise these rights, email us at support@riddle.love or use the account settings in the app.

Withdrawing Consent

You can withdraw consent for data processing by contacting us. This won't affect processing that occurred before withdrawal.

Account Deletion

You can delete your account anytime through the app settings. This will remove your personal information and encrypted journal content from our systems.

11. Controls for Do-Not-Track Features

Most browsers offer a Do-Not-Track (DNT) setting. Currently, there's no universal standard for responding to DNT signals, so we do not currently respond to them. If a standard is adopted, we will update this policy.

12. Do US Residents Have Specific Rights?

If you're a resident of California, Colorado, Connecticut, Virginia, or other states with privacy laws, you have additional rights including:

California "Shine The Light" Law: California residents can request information about data shared with third parties for direct marketing. We don't share your data for third-party marketing.

13. End-to-End Encryption of User Data

Your journal entries, messages, and personal content are protected using end-to-end encryption. This means:

  1. Encrypted on your device — Your content is encrypted before being transmitted to our servers using a private encryption key that only you possess.
  2. We cannot read your data — We store your encrypted data but cannot decrypt, read, or access the contents. To us, your data appears as unreadable encrypted text.
  3. Your key, your control — Your encryption key is stored locally on your devices and is never transmitted to or stored on our servers in an unencrypted form.
  4. No recovery possible — If you lose access to your encryption key and all devices where it is stored, we cannot recover your data. This is a fundamental property of end-to-end encryption, not a limitation.
  5. What we can access — While your content is encrypted, we do collect and can access: your email address, account metadata, encrypted data storage timestamps, and basic usage information necessary to provide the Service.
  6. AI processing — When you interact with AI features, your content is temporarily decrypted in a secure environment to generate responses, then immediately re-encrypted. We do not store or log decrypted content.

For a detailed, non-technical explanation of how this works, visit our Security page.

14. Do We Make Updates to This Notice?

Yes, we may update this Privacy Notice as needed to stay compliant with laws or reflect changes to our practices. The "Last updated" date at the top will change when we make updates. We encourage you to review this page periodically.

15. How Can You Contact Us?

If you have questions or comments about this Privacy Notice, or want to exercise your privacy rights, please contact us:

Email: support@riddle.love