Wings — A Shared Journal for Couples
Last Updated: February 20, 2026 · Effective Date: February 20, 2026
Welcome to Wings ("the App," "we," "us," or "our"). Wings is a shared journal and mood tracker designed for couples. This Privacy Policy explains in detail what personal data we collect, why we collect it, how we use and protect it, who we share it with, and what rights you have regarding your data.
We are committed to protecting your privacy. We do not sell your personal data. We do not use your data for advertising or marketing purposes. We do not share your data with third parties for their own purposes. Your journal entries, mood data, and personal reflections are yours and your partner's alone.
This Privacy Policy complies with the General Data Protection Regulation (GDPR — EU Regulation 2016/679), the Swiss Federal Act on Data Protection (FADP/nDSG), the California Consumer Privacy Act (CCPA), Apple's App Store Guidelines, and other applicable data protection laws.
By using Wings, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this policy, please do not use the App.
The data controller responsible for your personal data is:
Wings
Operated by: Kol Deda
Address: Unterwilrain 32, 6014 Lucerne, Switzerland
Email: support@wings-app.com
If you have any questions about this Privacy Policy or your personal data, please contact us at the email address above.
We collect only the data necessary to provide the App's core functionality — enabling you and your partner to share journal entries, track moods, and stay connected. Below is an exhaustive list of all data we collect, organized by category.
| Data | Purpose | Source |
|---|---|---|
| Email address | Account creation, login, account recovery | Provided by you (email signup) or by Apple (Apple Sign In) |
| Full name | Display name visible to your partner | Provided by you during onboarding, or provided by Apple on first Apple Sign In |
| Password | Account authentication (email signup only) | Provided by you; stored as a cryptographic hash, never in plaintext |
| User ID (UUID) | Unique account identifier | Generated automatically by our authentication system |
| Authentication tokens | Maintaining your login session | Generated automatically; expire after a set period |
Apple Sign In: If you sign in with Apple, we receive your name and email address (or Apple's private relay email address if you choose to hide your email). Apple may share a private relay address (e.g., xyz@privaterelay.appleid.com) instead of your real email, which we fully support. We never receive your Apple ID password.
| Data | Purpose | Storage |
|---|---|---|
| Display name | Shown to your partner in the app | Cloud database |
| Profile photo | Shown to your partner in the app | Cloud storage (compressed JPEG) |
| Profile creation date | Account record-keeping | Cloud database |
| Data | Purpose | Storage |
|---|---|---|
| Entry text content | Your journal entries, shared with or private from your partner (max 10,000 characters) | Cloud database |
| Mood selection | Mood attached to an entry (e.g., happy, grateful, calm, anxious, sad) | Cloud database |
| Entry visibility | Whether the entry is "shared" (visible to partner) or "private" (visible only to you) | Cloud database |
| Attached photos | Images you attach to journal entries | Cloud storage |
| Writing prompt reference | If you wrote from a daily prompt, a reference to which prompt | Cloud database |
| Timestamps | When the entry was created and last modified | Cloud database |
| Data | Purpose | Storage |
|---|---|---|
| Daily mood | Your mood selection for the day, shared with your partner | Cloud database |
| Optional note | A short note accompanying your mood (max 500 characters) | Cloud database |
| Date | Which day the check-in is for (one check-in per user per day) | Cloud database |
| Data | Purpose | Storage |
|---|---|---|
| Couple ID | Links you and your partner's data together | Cloud database |
| Membership role | Whether you created the couple or joined via invite | Cloud database |
| Couple status | Active or archived | Cloud database |
| Join date | When you and your partner connected | Cloud database |
When you invite your partner, we generate a one-time invite code. The plaintext code is shown to you once and is never stored on our servers. We only store a SHA-256 cryptographic hash of the code, which cannot be reversed to reveal the original code. Invite codes expire after 48 hours and can only be used once.
| Data | Purpose | Storage |
|---|---|---|
| Love notes | Short messages you send to your partner | Cloud database |
| Countdowns | Event dates and names you create (e.g., anniversaries, trips) | Cloud database |
| Data | Purpose | Storage |
|---|---|---|
| Dark mode preference | Your display preference | On-device only (UserDefaults) |
| Biometric unlock preference | Whether you enabled Face ID / Touch ID lock | On-device only (UserDefaults) |
| Notification preferences | Whether daily reminders and countdown alerts are enabled | On-device only (UserDefaults) |
| Onboarding completion status | Whether you've finished the setup flow | On-device only (UserDefaults) |
| Cached couple ID | Enables faster app launch | On-device only (UserDefaults); cleared on sign-out |
Biometric data (Face ID / Touch ID): We never collect, store, or transmit your biometric data. Biometric authentication is handled entirely by Apple's operating system on your device. We only store your preference for whether biometric unlock is enabled (a simple on/off setting).
| Data | Purpose | Storage |
|---|---|---|
| Device push token | Delivering push notifications to your device | Cloud database |
| Platform identifier | "iOS" — identifies your device platform | Cloud database |
The device push token is an anonymous identifier assigned by Apple's Push Notification Service (APNs). It is not linked to your device's hardware identity and changes periodically.
| Data | Purpose | Storage |
|---|---|---|
| Anonymous user identifier | Distinguish unique users for usage statistics | PostHog (third-party analytics) |
| Screen views | Understand which screens are visited | PostHog |
| Feature events | Understand which features are used (e.g., "entry created," "love note sent") — no content is included | PostHog |
| App lifecycle events | App opened, backgrounded | PostHog |
| Device type & OS version | Understand what devices our users are on | PostHog |
Important: Analytics events contain only action names and basic properties (e.g., word count, plan type). We never send your journal entry text, mood details, love note content, partner names, or any personal content to our analytics provider.
| Data | Purpose | Storage |
|---|---|---|
| Subscription status | Whether your couple has an active premium subscription | Cloud database |
| Subscription ID | Reference to your subscription for management purposes | Cloud database |
| Expiration date | When your premium access expires | Cloud database |
Subscription purchases are processed by Apple through the App Store. We use RevenueCat as a subscription management service. We do not have access to your payment card details, bank account information, or Apple ID password. Apple and RevenueCat handle all payment processing.
We want to be explicit about what we do not collect:
We process your personal data for the following purposes and legal bases:
Legal basis: Performance of a contract (GDPR Art. 6(1)(b))
Legal basis: Consent (GDPR Art. 6(1)(a))
You can withdraw consent for notifications at any time through your device's Settings app or within Wings' settings.
Legal basis: Performance of a contract (GDPR Art. 6(1)(b))
Legal basis: Legitimate interest (GDPR Art. 6(1)(f))
Our legitimate interest is maintaining and improving a functional app. Analytics data is aggregated and does not include any personal content (journal text, moods, love notes, or names).
Legal basis: Legitimate interest (GDPR Art. 6(1)(f))
We take the security of your personal data seriously and implement the following measures:
All data transmitted between the App and our servers is encrypted using HTTPS/TLS (Transport Layer Security). This means your journal entries, moods, photos, and all other data are encrypted while traveling over the internet.
Our infrastructure provider (Supabase) encrypts data at rest in accordance with industry standards, including AES-256 encryption provided by AWS-managed storage services.
If you enable biometric unlock (Face ID or Touch ID), the App uses Apple's LocalAuthentication framework. Your biometric data never leaves your device and is never transmitted to our servers. Apple's Secure Enclave handles all biometric verification.
Photos are stored in isolated storage buckets organized by couple ID and user ID. File paths are sanitized to prevent path traversal attacks.
We use a limited number of third-party services to operate Wings. We do not share your data with third parties for advertising, marketing, or any purpose unrelated to providing the App.
Purpose: Database hosting, user authentication, file storage, serverless functions
Data processed: All data described in Section 3
Location: AWS data centers (Region: United Kingdom)
Privacy Policy: supabase.com/privacy
Supabase acts as a data processor on our behalf.
Purpose: Apple Sign In authentication, App Store subscription payments
Data processed: Apple ID credentials (handled entirely by Apple), payment information (handled entirely by Apple)
Privacy Policy: apple.com/legal/privacy
When you use Apple Sign In, authentication is handled directly by Apple. We receive only an identity token, your name (first sign-in only), and your email (or Apple's private relay email). We never receive your Apple ID password.
Purpose: Managing premium subscription status and entitlements
Data processed: Anonymous user ID, transaction ID, purchase dates, subscription status
Privacy Policy: revenuecat.com/privacy
RevenueCat does not receive your name, email, journal entries, or any personal content. They only process subscription-related transaction data.
Purpose: Product analytics — understanding feature usage, onboarding completion, and subscription conversion
Data processed: Anonymous user ID, screen views, feature usage events (action names only, no personal content), device type, OS version
Location: EU
Privacy Policy: posthog.com/privacy
PostHog does not receive your journal entries, mood data, love notes, partner names, email, or any personal content. It only receives action names (e.g., "entry created") and basic metadata (e.g., word count, subscription plan selected).
Purpose: Delivering push notifications to your device
Data processed: Device push token (anonymous, rotating identifier)
Privacy Policy: apple.com/legal/privacy
We do not sell your personal data. We never have and never will.
Your data is shared only in the following limited circumstances:
Our infrastructure provider (Supabase) hosts data in the region selected for our project (currently the United Kingdom). Where personal data is transferred outside the European Economic Area (EEA) or Switzerland, such transfers are governed by Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms provided in our infrastructure providers' Data Processing Agreements.
We retain your personal data only for as long as necessary to provide the App's services or as required by law.
| Data | Retention Period |
|---|---|
| Account data | Until you delete your account |
| Journal entries | Until you delete them or delete your account |
| Profile data | Until you delete your account |
| Photos | Until you delete them or delete your account |
| Love notes | Until you delete them or delete your account |
| Invite codes (hashed) | 48 hours after creation (auto-expire), or until used |
| Device push tokens | Until you sign out or revoke notification permissions |
| Local settings | Until you uninstall the App |
When you delete your account, we delete all your personal data from our servers, including your profile, journal entries, check-ins, photos, love notes, and all associated couple data. This deletion is permanent from our active systems. Backup copies may remain for a limited period in encrypted backups and are automatically deleted in accordance with our infrastructure provider's retention policies.
Wings is not intended for use by anyone under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children under 13. We do not verify age in our app-internal sign up process.
If you are a parent or guardian and believe your child has provided us with personal data, please contact us at the email address in Section 2.
Depending on your jurisdiction, you have the following rights regarding your personal data:
You have the right to request a copy of all personal data we hold about you. We will provide this in a structured, commonly used, machine-readable format.
You have the right to correct any inaccurate personal data we hold about you. You can update your name and profile photo directly in the App's settings.
You have the right to request deletion of your personal data. We delete your personal data from our active systems. Backup copies may remain for a limited period in secure encrypted backups and are automatically deleted in accordance with our infrastructure provider's retention policies.
You have the right to request that we restrict processing of your personal data in certain circumstances, such as when you contest the accuracy of your data.
You have the right to receive your personal data in a structured, machine-readable format and to transmit that data to another controller. The App also includes an export feature in Settings that allows you to export your journal entries.
You have the right to object to processing of your personal data based on legitimate interests. This includes the right to opt out of push notifications at any time.
Where we process your data based on consent (e.g., push notifications), you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
You have the right to lodge a complaint with a supervisory authority. If you are in the EU, you can find your local authority at edpb.europa.eu. If you are in Switzerland, you may contact the Federal Data Protection and Information Commissioner (FDPIC).
To exercise any of these rights, please contact us at the email address in Section 2. We may ask you to verify your identity before processing your request.
We do not use any automated decision-making or profiling systems. No algorithms make decisions about you based on your personal data. The features in the Insights tab are simple statistical calculations (entry counts, mood matching) performed for your benefit and do not constitute profiling under GDPR Art. 22.
Wings is a native iOS application. We do not use cookies, web beacons, tracking pixels, or any browser-based tracking technologies.
We use PostHog for product analytics (see Section 7.4). This is first-party analytics to improve the App — we do not share analytics data with advertisers, data brokers, or any third parties. We do not request App Tracking Transparency (ATT) permission because we do not track you across other apps or websites.
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the App's features. When we make material changes:
We encourage you to review this Privacy Policy periodically. Your continued use of the App after changes are posted constitutes your acknowledgment of the updated policy.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
If you are located in Switzerland, your personal data is also protected under the Swiss Federal Act on Data Protection (FADP/nDSG). You have equivalent rights to those described in Section 12, and you may contact the Federal Data Protection and Information Commissioner (FDPIC) at edoeb.admin.ch to lodge a complaint.
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
Email: support@wings-app.com
We aim to respond to all inquiries within 30 days.