All My Parts← Home

Privacy Policy

How we handle your inner world.

— short answer: we don't sell it, we don't train on it.

Last updated: June 26, 2026

Who we are

All My Parts (“the app,” “we”) is an AI-assisted journaling product built around Internal Family Systems. The service is operated by Studio Maya Inc., an Ontario-based corporation. For privacy questions, contact help@allmyparts.me.

What we collect

  • Account info. Your email address and basic profile fields, via our authentication provider (Clerk). If you sign in with Google, we receive only your name, email, and profile picture — never your Google password.
  • Your journal content. Everything you write in the app: entries, conversations with the journaling AI, named parts, memories, voice recordings you record for transcription, and any images you upload.
  • Usage signals. Timestamps, which features you use, error reports, and basic device info. We do not run third-party analytics or advertising trackers.
  • Payment info. If you subscribe, payment details are handled by Stripe. We store only your Stripe customer ID and subscription status — never your card number.

How we use it

  • To operate the journaling features.
  • To send your entries to Anthropic (Claude) for in-session reflection and post-session analysis, and to OpenAI for generating embeddings used by the “Ask your parts” search. For post-session analysis and the “Ask” search, we redact known personal names from a per-user dictionary before sending. Live chat (the back-and-forth reflection during a session) is sent without redaction — the AI needs the names to respond naturally.
  • To generate weekly reports and recommendations.
  • To send transactional emails — account confirmations, billing receipts, security notices. We do not send marketing emails without explicit opt-in.

What we don't do

  • We do not sell your data. Ever, to anyone.
  • We do not use your journal content to train AI models — ours or anyone else's. Anthropic and OpenAI receive your content via their API surface, which is contractually excluded from training.
  • We do not show ads and do not work with ad-tech vendors or data brokers.

How we protect it

  • Encryption in transit. All traffic to and from the app uses TLS. The site is HSTS-preloaded where possible.
  • Encryption at rest. Sensitive content fields — message content, entry titles, entry analysis, weekly reports, memory descriptions and timing, parts (purpose, fears, beliefs, body location, formation, notes, etc.), self-profile, and trait observations — are encrypted at the application layer with AES-256-GCM before being stored, using a key managed separately from the database. Identifying names (people you mention, memory titles, part names) currently rely on the database's own at-rest encryption only; application-layer encryption for these specific fields is in progress.
  • PII redaction (analysis & search only). For post-session analysis and the “Ask your parts” search, we substitute known personal names with redaction tokens before sending to Anthropic or OpenAI, then restore them in the response shown to you. Live conversational chat is not redacted — the AI needs the names to reflect naturally. All content reaches Anthropic and OpenAI through their API, which is contractually excluded from model training.
  • Authenticated uploads. Image uploads are stored on Vercel Blob with private access and served only through an authenticated proxy — the raw URL is not enough to retrieve them.

Who we share with

We use the following service providers strictly to operate the app. Each one has signed a data processing agreement, is contractually limited to processing your data on our behalf, and is required to protect it to a standard equal to our own. The third-party AI providers below (Anthropic and OpenAI) receive your content only through their API, which is contractually excluded from model training, and process it solely to return your result.

  • Clerk — authentication and account management
  • Anthropic — Claude API for journaling and analysis
  • OpenAI — embeddings (vector representations) for search
  • Stripe — payments and subscription management
  • Neon — PostgreSQL database hosting (US)
  • Vercel — application hosting, edge network, and blob storage

Some of these providers are based in the United States. By using All My Parts you consent to your data being transferred to and processed in the United States, subject to contractual safeguards.

Your rights

Wherever you are, you can export everything we hold about you as a single Markdown file from Settings → Data. If you want your account and all associated content deleted, email help@allmyparts.me and we'll delete it within 30 days.

If you are in Canada, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws, including the right to access, correct, and request deletion of your data, and to file a complaint with the Office of the Privacy Commissioner of Canada.

If you are in the European Economic Area or United Kingdom, you have rights under the GDPR including access, rectification, erasure, restriction, portability, and objection.

If you are in California, you have rights under the CCPA/CPRA including access, deletion, and the right to opt out of any “sale” or “sharing” of personal information. We don't do either.

Crisis content

If your journal entries indicate an imminent risk of self-harm or harm to others, the in-app AI is instructed to direct you to crisis resources. We may also surface these resources without human review of your entries. We do not notify your emergency contacts or local emergency services without your explicit request.

Cookies

We use only cookies that are essential to the service — authentication and session cookies set by Clerk, and CSRF tokens. We do not use analytics, advertising, or social tracking cookies.

Children's privacy

All My Parts is not directed at children under 16. If you are under 16, please do not create an account. If we learn that we have collected information from a child under 16 without verifiable parental consent, we will delete it.

Changes to this policy

We'll update this page when we change anything material. If the change affects how we use your existing data, we'll email you before the change takes effect.

Contact

Email help@allmyparts.me for anything privacy-related — questions, requests, complaints. We'll respond within a week, usually sooner.