Privacy Policy
Last updated: July 9, 2026
Diald ("we", "us") is a focus and goal tracking app with social features. This policy describes what data we collect, how we use it, and the choices you have.
1. Information we collect
- Account information: your name, a unique handle, your email address, and an optional bio and avatar. If you sign in with Apple or Google, we receive your name and email from them.
- Content you create: goals, milestones, dial routines, focus sessions (including duration, focus/break breakdown, and any notes you write), optional proof photos, comments, likes, follows, blocks, and reports.
- Contacts (only if you use Find Friends): we compute one-way SHA-256 hashes of your contacts' phone numbers on your device and upload only those hashes to match against other members. Contact names and raw phone numbers never leave your phone. Hashes are stored with your account so matches can be found in both directions.
- We do not use analytics, advertising, or tracking SDKs, and we do not track you across other apps or websites.
2. How we use your information
- To operate the app: your feed, stats, streaks, personal records, and connections with people you choose to follow.
- To match contacts you've chosen to sync with other members.
- To generate milestone suggestions: when you use the suggestion feature, the goal text you enter is sent to OpenAI to generate suggestions. It is processed transiently and, per OpenAI's API policy, is not used to train their models.
- To keep the service safe: handling reports, blocks, and enforcing our Terms.
3. Visibility and sharing
- Your profile (name, handle, bio, avatar) is visible to other signed-in members, including in search and suggestions.
- Sessions you mark public are visible to your followers and in the feed. Private sessions are visible only to you.
- Proof photos are stored on our media CDN and are reachable by anyone with their direct link. Links are long and unguessable, and the app only surfaces them according to your session's visibility.
- We do not sell your personal data. We share it only with the service providers that run Diald: Supabase (database, authentication, and storage hosting), OpenAI (milestone suggestions), and Apple or Google if you sign in with them. We may disclose information if required by law.
4. Security
- Data is encrypted in transit (TLS). Your sign-in session is stored in your device's secure keychain.
- Contact matching uses one-way hashes; we never receive raw phone numbers.
5. Retention and deletion
- We keep your data while your account is active.
- You can permanently delete your account and all associated data — including goals, sessions, proof photos, comments, follows, and contact hashes — at any time from Settings → Delete account. Deletion is immediate and cannot be undone.
- You can also email us to exercise access, correction, or deletion rights.
6. Children
- Diald is not intended for children under 13, and you must be at least 13 to create an account.
7. Changes
- If we make material changes to this policy, we will update the date above and notify you in the app.
8. Contact