DreamCompass
DreamCompassBack to Home

Privacy Policy

Effective Date: December 2025

Data Controller: Connectech Ventures Corp. | Jurisdiction: Ontario, Canada; Canada (PIPEDA)

Offline-First

Data stored locally, not in cloud

Minimal Collection

Only essential data collected

No Tracking

No analytics or ad networks

No Resale

We never sell your data

Table of Contents

1. Core Privacy Principles2. Information We Collect3. How We Use Information4. Local Processing and On-Device Models5. Third-Party Service Providers6. Cookies and Website Analytics7. International Transfers8. Data Retention9. Your Rights and Choices10. Security11. Children's Privacy12. Changes to This Policy13. Contact Information

1. Core Privacy Principles

DreamCompass is designed with privacy first in mind:

  • Offline-First: Your dream entries and personal content are stored locally on your device, not in centralized cloud servers.
  • Minimal Collection: We collect only the minimum personal information necessary to provide authentication, licensing, and legal compliance.
  • Your Control: You remain in full control of your data; you can export or delete it at any time.
  • No Tracking: We do not use analytics SDKs, advertising networks, or behavioral tracking tools.
  • No Resale: We do not sell your data to third parties or brokers.

This Privacy Policy explains what limited personal information we do collect, why, and how we protect it.

2. Information We Collect

2.1 Dream Content and User Entries

Content you create within DreamCompass:

  • Dream text, reflections, tags, and metadata
  • Images, videos, or audio you add to dream entries
  • Any notes or personal information you input

Storage: Stored locally on your device in a private database. Not transmitted to our servers. Remains under your control.

2.2 Account and Licensing Information

When you sign up or activate a license:

  • Email address (for authentication and account recovery)
  • License status and trial status
  • Activation and renewal dates
  • Basic account metadata

Processor: Supabase (authentication and licensing backend)
Purpose: To verify your account, confirm license eligibility, and manage access to features.

2.3 Device and Technical Information

Limited technical information processed when you use the Service:

  • Device type and model
  • Operating system and version
  • App version
  • Mobile push notification token (generated by Apple or Google)
  • Approximate device language and timezone

2.4 Support Communications

If you contact us via email or support form:

  • Email address
  • Name (if provided)
  • Content of your message
  • Date and time of communication

2.5 Information We Do NOT Collect

We explicitly do not collect:

  • Detailed geolocation or GPS data
  • Analytics or tracking data via third-party SDKs
  • Behavioral profiling or advertising identifiers
  • Payment card information (handled by app stores)
  • Biometric data (face scanning, fingerprints)
  • Browsing history or cross-app tracking
  • Social media profile data

3. How We Use Information

We use the information described above for these purposes only:

3.1 Service Provision

  • Creating and maintaining your account
  • Verifying your license and trial status
  • Granting access to app features
  • Storing and protecting your User Content
  • Delivering in-app functionality

3.2 Support and Communication

  • Responding to your support requests
  • Troubleshooting technical issues
  • Communicating important changes to the Service

3.3 Legal Compliance

  • Complying with applicable laws (PIPEDA, privacy acts)
  • Responding to legal requests from authorities
  • Protecting user safety and preventing illegal activity
  • Establishing or defending legal claims

3.4 Service Improvement

  • Analyzing app usage patterns in aggregated form (no personal data)
  • Identifying and fixing bugs
  • Improving feature performance
  • Developing new features

We explicitly do NOT use your data for:

  • Marketing or advertising to you
  • Profiling or behavioral analysis
  • Cross-app tracking
  • Selling or sharing with data brokers
  • Training commercial machine learning models on your personal data
Your private dream journal

4. Local Processing and On-Device Models

4.1 On-Device Models

DreamCompass uses on-device language models and algorithms to process your dream entries locally on your device:

  • Dream analysis and pattern detection
  • Tag and theme suggestions
  • Narrative summaries or emotional tone analysis
  • Other model-powered insights

4.2 No Cloud LLM Calls

Importantly:

  • Your dream content is never sent to a remote large-language-model service
  • All processing happens on your device
  • Your dreams are never processed by cloud-based systems
  • We do not have copies of your dream content to train models with

4.3 Model Updates

Occasionally, we may push improved model files to your device. These files:

  • Do not contain personal data
  • Do not transmit your User Content
  • Simply add or improve on-device model capabilities

5. Third-Party Service Providers

We work with limited third-party service providers ("processors") who handle specific functions on our behalf. These providers are bound by contracts to protect your data and use it only as instructed.

5.1 Authentication and Licensing

Service: Supabase
Data Processed: Email address, hashed credentials, license status, basic device information
Purpose: Verify your identity, manage license access, confirm trial eligibility

5.2 Mobile App Stores

Services: Apple App Store, Google Play Store
Data Processed: Purchase information, transaction IDs, device identifiers, app version
Purpose: Process in-app purchases, manage subscriptions, distribute the app

5.3 Push Notifications

Services: Apple Push Notification Service (APNs), Google Cloud Messaging
Data Processed: Push notification tokens, notification preferences
Your Control: You can disable notifications at any time via device settings or app settings.

5.4 On-Device Language Models

Service: llama.rn (local inference runtime)
Data Processed: Your dream content (processed entirely on-device)
Your Data: Never leaves your device or is sent to remote servers.

6. Cookies and Website Analytics

6.1 Website Cookies

The DreamCompass website may use basic technical cookies for:

  • Session management
  • Security and fraud prevention
  • Basic website functionality

6.2 No Behavioral Tracking

We do not use:

  • Third-party analytics tools (Google Analytics, Mixpanel, etc.)
  • Advertising networks or tracking pixels
  • Cross-site tracking cookies
  • Behavioral profiling cookies

6.3 Mobile App

The DreamCompass app does not include:

  • Firebase or similar analytics SDKs
  • Advertising SDKs or ad networks
  • Behavioral tracking libraries
  • Cross-app tracking identifiers

7. International Transfers

7.1 Where Your Data Is Processed

Our third-party service providers may process your data in multiple countries:

  • Canada (primary)
  • United States
  • European Union (for some Supabase instances)
  • Other jurisdictions where service providers operate

7.2 Data Protection in Transfers

When we transfer data outside Canada, we use:

  • Standard Contractual Clauses (SCCs) - legal agreements ensuring your data receives appropriate protection
  • Privacy Agreements - contractual obligations binding service providers to protect your privacy
  • Compliance with PIPEDA - Canadian federal privacy law requirements

7.3 Your Rights Across Borders

Even if your data is processed outside Canada, you retain all privacy rights under this Policy and applicable Canadian privacy law. You can request a copy of our data transfer agreements by contacting us.

Navigate your dreams

8. Data Retention

8.1 User Content (Dreams and Entries)

  • Duration: Until you delete it, uninstall the app, or reset your device
  • Your Control: You can delete entries anytime through the app or export your data
  • After Account Closure: Deleted from your device; may be retained locally if you have backups

8.2 Account and Licensing Data

  • Duration: As long as your account is active, plus:
  • 3 months after voluntary account deletion (to investigate fraud or unauthorized access)
  • 1 year if your account is terminated by us (to prevent future abuse)

8.3 Support Communications

Duration: 2 years (to respond to follow-up inquiries and maintain support history)

8.4 Device and Technical Data

Duration: Typically 1 year or until log files are automatically purged

8.5 Legal Compliance

  • Transaction records: 7 years (tax and financial compliance)
  • Legal holds: Indefinitely (if subject to legal action or investigation)

8.6 Anonymized Data

We may retain and use anonymized or de-identified data indefinitely to improve the Service, train on-device models, and conduct research. This data cannot identify you individually.

9. Your Rights and Choices

Depending on your location, you may have the following privacy rights. Canadian residents have rights under PIPEDA (Personal Information Protection and Electronic Documents Act).

9.1 Right to Access

You can access your personal data by:

  • Logging into your account and viewing your profile
  • Requesting a full copy of your data by contacting us

9.2 Right to Correction

You can correct inaccurate information by:

  • Updating your profile directly in the app
  • Contacting us to request correction of other data

9.3 Right to Deletion

You can delete data by:

  • Deleting individual dream entries in the app
  • Exporting and deleting your User Content
  • Closing your account entirely (which removes your profile)
  • Contacting us to request deletion of specific data

Note: Some data may be retained for legal compliance or fraud prevention (see Section 8).

9.4 Right to Data Portability

You can export your User Content in a portable format through the app's export feature, allowing you to transfer your dreams to another service.

9.5 Right to Withdraw Consent

You can withdraw consent for optional features:

  • Disable push notifications (device settings or app settings)
  • Remove permissions for camera or microphone
  • Opt out of non-essential features

9.6 Right to Lodge a Complaint

If you believe we have mishandled your personal data, you can:

  • Contact us first to attempt resolution
  • File a complaint with the Office of the Privacy Commissioner of Canada (OPC)

Office of the Privacy Commissioner of Canada:
Website: priv.gc.ca | Phone: 1-800-282-1376 | Email: info@priv.gc.ca

9.7 How to Submit Requests

To exercise any of your rights:

Email: privacy@dreamcompass.app

Mail: Connectech Ventures Corp., Attn: Data Privacy Officer
55 Stewart Street, Unit 123, Toronto, ON, Canada, M5V 2V1

Include in Your Request: Your full name, email address on your account, a clear description of what you're requesting, and any relevant account information.

Response Timeline: We will respond to valid requests within 30 days, or as required by law.

10. Security

10.1 Security Measures

We use reasonable physical, technical, and administrative safeguards to protect your personal data:

  • Encryption of data in transit and at rest
  • Secure authentication (email OTP via Supabase)
  • Regular security audits and vulnerability testing
  • Limited employee access to personal data
  • Contracts with service providers requiring security commitments

10.2 On-Device Security

Because DreamCompass stores most data locally on your device, your data's security depends on:

  • Your device's operating system security
  • Your device's screen lock (PIN, password, biometric)
  • Your device's encryption (typically enabled by default on iOS and Android)

10.3 Limitations

No security system is perfect. We cannot guarantee:

  • Absolute immunity from hacking or unauthorized access
  • Protection against determined attackers
  • Freedom from all security vulnerabilities

You are responsible for:

  • Protecting your device with a strong lock code
  • Keeping your operating system updated
  • Regularly backing up important data
  • Using device security features

10.4 Breach Notification

If we discover a data breach affecting your personal data, we will:

  • Notify you promptly via email or in-app notification
  • Provide information about the breach and steps to protect yourself
  • Comply with mandatory breach notification laws
  • Cooperate with authorities as required

11. Children's Privacy

11.1 Age Restriction

DreamCompass is not intended for children under 13 years old. We do not knowingly collect personal information from children under 13 without appropriate parental consent.

11.2 Parental Controls

If you are a parent or guardian concerned about your child's use of the app:

  • Use device-level parental controls to restrict access
  • Monitor your child's online activities
  • Educate your child about online safety
  • Speak with a mental health professional if you have concerns

11.3 Reporting Violations

If you believe a child under 13 has provided personal information without parental consent, please contact us immediately at privacy@dreamcompass.app.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements.

12.1 Notification

  • The "Effective Date" at the top will indicate when the policy was last updated
  • For material changes, we will provide additional notice via email, in-app notification, or website banner
  • Your continued use of the Service after updates means you accept the new policy

12.2 Significant Changes

If we make material changes to how we collect, use, or protect your data, we may require your affirmative consent before the changes take effect.

13. Contact Information

Questions or Concerns About This Privacy Policy?

Connectech Ventures Corp.

Data Privacy Officer

55 Stewart Street, Unit 123

Toronto, ON, Canada, M5V 2V1

Email: privacy@dreamcompass.app

Support: support@dreamcompass.app

Office of the Privacy Commissioner of Canada:

Website: priv.gc.ca
Phone: 1-800-282-1376
Email: info@priv.gc.ca

END OF DREAMCOMPASS PRIVACY POLICY