Privacy Policy — Just Checking In
Effective date: June 28, 2026 · Last updated: June 28, 2026
This Privacy Policy explains how Just Checking In (“Just Checking In,” the “App,” “we,” “us,” or “our”) collects, uses, shares, and protects your information when you use our mobile application and related services (together, the “Services”).
Just Checking In is operated by Heraclius, LLC, located in the State of Georgia, United States (“we” / the “Company”). For the purposes of EU/UK data protection law, the Company is the data controller of your personal information.
Just Checking In is a wellbeing and social connection app. It helps people check in on how they are doing, share that with people they trust, and stay connected with friends and loved ones. Because the App can involve information about your mood and wellbeing, we treat your information with extra care. Please read this policy closely.
A note in plain language. When you log a check-in, your mood and any note you write are personal. We do not sell this information, we do not use it for advertising, and we only share it with the people you choose. This policy spells out exactly what we collect and why.
1. Who this policy applies to and a note on age
You must be at least 13 years old to use Just Checking In. The Services are not directed to children under 13, and we do not knowingly collect personal information from anyone under 13. If you are between 13 and 18 (or the age of majority where you live), you may only use the App with the involvement and consent of a parent or legal guardian.
If you believe a child under 13 has provided us with personal information, please contact us at privacy@justcheckingin.co and we will delete it.
2. Information we collect
We collect information in three ways: information you give us, information created when you use the App, and information from your device.
2.1 Information you provide
- Account details. Your username, full name, and either an email address or a mobile phone number (used to create and secure your account). A password is optional; most accounts sign in with a one-time code instead.
- Date of birth. We ask for your date of birth at signup to confirm you meet our minimum age requirement (see Section 1). We store it to enforce that requirement and to know whether guardian involvement may be needed.
- Consent records. When you sign up, we record that you agreed to this Privacy Policy and our Terms (including which version you agreed to and when), so we can demonstrate your consent and re-confirm it if these terms materially change.
- Profile details. Your profile photo or avatar and your time zone.
- Check-ins and wellbeing data. The moods you select and any free-text note you add to a check-in. This is sensitive information about your wellbeing, and we handle it as a special category of data — see Section 9.
- Messages and reactions. The content of direct messages and group chats you send, including text, shared check-ins, and emoji reactions.
- Friends, connections, and plans. Friend requests and connections, scheduled check-in plans you set up with others, and “watch over” relationships you create or accept.
- Invitations. If you invite someone to the App, we process the phone number or email address you choose to invite, and the contact name as it appears on your device, so we can send and track that invitation.
- Emergency contacts. If you turn on emergency or missed-check-in alerts, the names, relationships, phone numbers, and email addresses of the contacts you add. You are responsible for confirming that the people you add are comfortable being listed.
- Notification preferences and settings. Your reminder schedules, notification choices (push, email, SMS), mute settings, and privacy settings such as hiding who has seen your check-ins.
- Support and feedback. Messages, bug reports, and feedback you send us, including anything you choose to include in them.
- Account deletion feedback. If you delete your account, any reason or feedback you optionally provide.
2.2 Information created when you use the Services
- Usage and activity data. Check-in history, streaks, who has viewed your check-ins, read and delivery status of messages, and similar activity needed to run the features you use.
- Subscription and purchase data. If you buy a premium subscription, your subscription status, plan, platform (Apple or Google), product identifiers, and the purchase or transaction tokens needed to validate and manage your subscription. We do not receive or store your full payment card details — those are handled by Apple or Google.
2.3 Information from your device
- Device and push data. A device identifier, device type (iOS, Android, or web), and a push notification token so we can deliver notifications. We also generate and store a per-install security value (a “device secret”) used to protect your account from unauthorized sign-in.
- Diagnostic and crash data. If the App crashes or hits an error, we collect technical diagnostic information to fix problems. We actively scrub personal fields (such as phone numbers, emails, one-time codes, passwords, and tokens) from these reports before they reach our diagnostics provider.
2.4 What we do not collect
- We do not track you across other apps or websites, and the App does not include advertising or third-party analytics/ad tracking SDKs. We do not use Apple's Identifier for Advertising (IDFA) and our iOS privacy manifest declares no tracking.
- We do not collect your precise location.
- We removed our former third-party attribution/analytics integration (AppsFlyer) in June 2026 and do not use it.
3. How we use your information
We use your information to:
- Create, secure, and operate your account and the Services;
- Deliver core features — check-ins, mood sharing, messaging, friends, scheduled check-ins, “watch over,” reminders, and notifications;
- Send transactional communications such as one-time sign-in codes, reminders, missed-check-in alerts, and important account or service notices, through push, email, or SMS according to your settings;
- Process and validate subscriptions and purchases;
- Protect the Services, prevent fraud and abuse, enforce our Terms, and keep accounts secure;
- Provide customer support and respond to your requests;
- Diagnose problems, monitor reliability, and improve the App; and
- Comply with legal obligations.
We do not use your check-ins, mood data, or message content to train advertising profiles, and we do not sell this information.
4. Legal bases for processing (EU/UK users)
If you are in the European Economic Area or the United Kingdom, we rely on the following legal bases under the GDPR / UK GDPR:
- Performance of a contract — to provide the Services you sign up for.
- Consent — for sensitive wellbeing (health) data you choose to log and share, for SMS/email notifications where required, and for inviting contacts. You can withdraw consent at any time (see Section 11).
- Legitimate interests — to secure the Services, prevent abuse, and improve reliability, balanced against your rights.
- Legal obligation — where we must process information to comply with the law.
5. How we share information
We share information only as described here. We do not sell your personal information, and we do not share it for cross-context behavioral advertising.
5.1 With people you choose
Check-ins, messages, reactions, and shared activity are visible to the friends, groups, or connections you choose to share them with, according to each item's visibility setting.
5.2 With service providers (sub-processors)
We use trusted vendors to run the Services. They may process personal information only on our instructions and only to provide their service to us:
| Provider | Purpose | Data involved |
|---|---|---|
| Google Firebase Cloud Messaging + Apple Push Notification service | Deliver push notifications | Device push tokens, notification content |
| Twilio | Send SMS messages | Phone numbers, message content (e.g. one-time codes, alerts) |
| SendGrid (Twilio) | Send transactional and account emails | Email addresses, message content (e.g. one-time codes) |
| Apple App Store / Google Play | Process and validate subscriptions | Purchase tokens, transaction and product identifiers |
| DigitalOcean (hosting and Spaces storage) | Host our servers and store uploaded media | All account and app data; uploaded images/files |
| MongoDB Atlas | Database hosting | All stored account and app data |
| Sentry | Crash and error diagnostics | Technical diagnostics with personal fields scrubbed |
This list may change as our providers evolve; we will keep it current here.
5.3 For legal and safety reasons
We may disclose information if required by law, subpoena, or legal process, or where we believe in good faith it is necessary to protect the safety, rights, or property of any person, including in connection with a wellbeing or safety concern raised through the App.
5.4 Business transfers
If we are involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or control of your personal information.
6. International data transfers
We are based in the United States, and our service providers may process information in the United States and other countries. If you use the Services from outside the United States, your information will be transferred to and processed in the U.S. Where required, we rely on appropriate safeguards (such as the European Commission's Standard Contractual Clauses) for transfers of EU/UK personal data.
7. How long we keep your information
We keep your information for as long as your account is active or as needed to provide the Services. When you delete your account (Section 8), we permanently delete your personal data as described there. We may retain limited information where necessary to comply with legal obligations, resolve disputes, prevent abuse, or enforce our agreements — and certain security audit logs are retained for integrity and fraud-prevention purposes.
8. Your account, choices, and deletion
- Access and update. You can view and update your profile, settings, reminders, and notification preferences in the App.
- Notification controls. You can turn push, email, and SMS notifications on or off, and mute specific conversations, in your settings.
- Delete your account. You can delete your account from within the App. When you confirm deletion, we permanently and immediately delete your account and associated personal data — including your profile, check-ins and mood notes, mood streaks, friendships and connections, watch-over and scheduled check-in relationships, invitations you created, reminders, notifications, direct and group messages you sent, support entries, subscription records, and uploaded media. This action cannot be undone. After deletion, scheduled reminders and notifications stop, and we no longer send you reminder messages.
Note: because messages and shared check-ins may have been delivered to other people before deletion, copies that others received or saved may remain with them.
9. Sensitive (health/wellbeing) information
Your moods, check-in notes, and related wellbeing information are sensitive. We treat this as special-category data under the GDPR and as sensitive personal information under U.S. state privacy laws.
- We collect this information because you choose to log it, and we process it to provide the check-in and sharing features you ask for.
- We share it only with the people and groups you choose.
- We do not use it for advertising or sell it, and we do not use it to make automated decisions that produce legal or similarly significant effects about you.
Important: Just Checking In is not a medical or mental-health service and does not provide medical advice, diagnosis, treatment, or emergency services. If you are in crisis or think you may have a medical emergency, contact your local emergency number or a crisis line immediately.
10. How we protect your information
- In transit: all communication between the App and our servers is encrypted using HTTPS/TLS.
- On your device: persistent app data, including the device security secret, is stored in an encrypted local store protected by a key held in your device's secure keychain.
- Authentication: sign-in uses one-time codes and short-lived access tokens, with a per-device possession secret to help block unauthorized sign-in, plus rate limiting. Passwords, when set, are stored only as salted bcrypt hashes.
- On our servers: access to production data is restricted, and administrative actions are logged in a tamper-evident audit trail.
Please note: messages and check-ins are encrypted in transit and stored securely, but they are not end-to-end encrypted. This means we are technically able to access stored content to operate, secure, and support the Services. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
11. Your privacy rights
Depending on where you live, you may have some or all of the following rights. To exercise them, contact us at privacy@justcheckingin.co. We will verify your request, typically by confirming control of the email or phone number on your account, and we will not discriminate against you for exercising your rights.
11.1 Everyone
You can access and update key information in the App and delete your account at any time.
11.2 California residents (CCPA/CPRA)
You have the right to:
- Know / access the categories and specific pieces of personal information we have collected;
- Delete your personal information;
- Correct inaccurate personal information;
- Limit the use of sensitive personal information (we already limit our use of your wellbeing data to providing the Services); and
- Opt out of sale or sharing — note that we do not sell or share your personal information as those terms are defined under California law.
You may use an authorized agent to submit requests. We do not knowingly sell or share the personal information of minors.
11.3 EEA / UK residents (GDPR / UK GDPR)
You have the right to access, rectify, erase, restrict, or object to processing of your personal information, the right to data portability, and the right to withdraw consent at any time (without affecting prior processing). You also have the right to lodge a complaint with your local data protection authority.
11.4 Other U.S. states
If you live in a U.S. state with a comprehensive privacy law (such as Virginia, Colorado, Connecticut, Utah, Texas, and others), you have similar rights to access, correct, delete, and obtain a copy of your personal information, and to opt out of sale or targeted advertising — which we do not engage in.
12. Third-party links and contacts
The App may let you invite or connect with other people and may contain links to third-party services (such as the App Store or Google Play). This policy does not cover those third parties; please review their privacy policies. When you add another person's information (for example, an emergency contact or an invitation), you confirm you have the right to share it with us for that purpose.
13. Changes to this policy
We may update this Privacy Policy from time to time. If we make material changes, we will update the “Last updated” date above and, where appropriate, notify you in the App or by email. Your continued use of the Services after an update means you accept the revised policy.
14. Contact us
If you have questions, requests, or concerns about this policy or your information, contact us at:
Just Checking In — Privacy
Heraclius, LLC
State of Georgia, United States
Email: privacy@justcheckingin.co
Support: support@justcheckingin.co
For EU/UK users, the data controller is the Company identified above. (If an EU/UK representative is appointed under Article 27 GDPR, list their name and contact here.)