Jot

Privacy Policy

Last updated: March 20, 2026

At Digital Trend AS, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use Jot (“the Service”).

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

About Digital Trend AS and Jot

Digital Trend AS is a Norwegian technology company located at Havnevegen 3, 5918 Frekhaug, Norway. Jot is our AI-powered health journaling application.

Information We Collect

We collect the following types of information:

  • Account information: Email address, password (hashed), and profile data you provide.
  • Health journal entries: Text, voice transcriptions, and photos you submit as journal entries.
  • Lab results: Laboratory test results you upload via PDF, photo, or manual entry.
  • Apple Health data: Health metrics you explicitly choose to sync (requires your confirmation).
  • Supplement and symptom logs: Health data extracted by AI from your journal entries.
  • Usage data: App interactions, crash reports, and performance metrics.
  • Payment data: Processed by Stripe. We do not store credit card numbers.

How We Use Your Information

  • To provide and improve the Service, including AI-powered health insights.
  • To process your journal entries using artificial intelligence (Claude by Anthropic, OpenAI, Groq).
  • To extract structured health facts (supplements, lab results, symptoms) from your entries.
  • To generate embeddings for semantic search across your health history.
  • To process payments and manage subscriptions.
  • To send service-related communications.

AI Processing

Your journal entries are processed by AI services (Anthropic Claude, OpenAI, Groq) to extract health facts and generate insights. These AI providers process your data under their data processing agreements and do not use your data to train their models.

Data Storage and Security

  • All data is stored on servers located in the European Union (Hetzner, Germany; AWS eu-west-1, Ireland).
  • Health data is encrypted at rest and in transit.
  • Authentication tokens are stored securely in your device's Keychain.
  • We never store API keys or secrets on the client side.

Third-Party Services

We use the following third-party services:

  • Stripe: Payment processing.
  • RevenueCat: Subscription management for mobile apps.
  • Sentry: Error tracking and crash reporting.
  • Mixpanel: Usage analytics (anonymized).
  • Anthropic, OpenAI, Groq: AI processing of journal entries.
  • AWS S3: Secure file storage (EU region only).

Your Rights (GDPR)

As a user, you have the right to:

  • Access: Request a copy of all your data.
  • Export: One-tap export of all your health data.
  • Deletion: One-tap deletion of your entire account and all associated data.
  • Rectification: Correct any inaccurate personal data.
  • Portability: Receive your data in a machine-readable format.
  • Object: Object to the processing of your personal data.

Data Retention

We retain your data for as long as your account is active. When you delete your account, all personal data and health entries are permanently deleted within 30 days.

Data Sharing

We never sell your health data. We never train AI models on your data without explicit consent. Your data is only shared with the third-party services listed above, solely for the purpose of providing the Service.

Children's Privacy

Jot is intended for users aged 17 and older. We do not knowingly collect data from children under 17.

Account Deletion

You can delete your account at any time from the app settings or by visiting joinjot.app/account/delete. This permanently removes all your data.

Contact Us

For questions about this Privacy Policy, contact us at [email protected].

Digital Trend AS
Havnevegen 3, 5918 Frekhaug, Norway