1. Who we are
Health Journal is a personal health record and journalling platform operated by I Own My Health Ltd, a company registered in England and Wales (Company Number 17313073). When this policy refers to “Health Journal”, “we”, “us”, or “our”, it means I Own My Health Ltd acting as the data controller for your personal data.
Contact us: support@healthjournal.app
2. What this policy covers
This policy explains what personal data we collect when you use Health Journal, why we collect it, how we use it, and the rights you have over it. It covers:
- The Health Journal application (web and mobile)
- Your account and subscription
- The Community Insights feature — aggregated statistics and analysis derived from data entered by the Health Journal member community, with no personal identifiers ever shared or surfaced
- Our website at healthjournal.app
This policy does not cover third-party websites or services that you may link to from within the app.
3. Legal framework
We process your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Your health data constitutes Special Category data under Article 9 UK GDPR and is afforded the highest level of legal protection.
Where we rely on your consent as a legal basis, you have the right to withdraw it at any time without affecting the lawfulness of processing before withdrawal.
4. Data we collect and why
4.1 Account data
When you create an account we collect your email address, authentication credentials, and subscription information. This is necessary to provide the service (Article 6(1)(b) UK GDPR — performance of a contract).
4.2 Health journal data
Health Journal is designed for you to record your own health information. This is entirely self-reported and may include:
- Conditions and diagnoses
- Medications, supplements, and complementary or alternative medicine (CAM) treatments
- Symptoms, notes, and journal entries
- Treatment ratings (effectiveness and tolerability, scored 1–10)
- Files and documents you choose to upload
This data is processed on the basis of your explicit consent (Article 9(2)(a) UK GDPR). You control what you record. You may delete any entry at any time.
4.3 Treatment ratings
When you rate a treatment, you provide a numeric score (1–10) for effectiveness and tolerability in the context of a specific condition. Ratings are:
- Linked to your account for your own record-keeping
- Contributed anonymously to the Community Insights pool alongside your other health data (see Section 5)
- Available to update at any time
- Prompted when you stop a treatment, to capture your end-of-treatment experience
4.4 Technical and usage data
We automatically collect limited technical data to operate and secure the platform, including IP address, device type, browser type, session timestamps, and error logs. This is processed on the basis of our legitimate interests in maintaining a secure and reliable service (Article 6(1)(f) UK GDPR).
4.5 Communications
If you contact us for support or send us feedback, we retain that correspondence to resolve your query and improve the service. This is processed on the basis of our legitimate interests (Article 6(1)(f) UK GDPR).
5. Community Insights — how your data contributes to the community
5.1 What data is used
Community Insights draws on the health data that members enter into Health Journal — including conditions, treatments, treatment ratings, and related health records. This data is aggregated before any insight is derived or displayed. We ensure that no personal identifiers — no name, no account identifier, no precise demographic detail, no location — are ever associated with or derivable from any community figure or analysis.
Examples of the data types that may contribute to Community Insights include:
- Conditions and diagnoses recorded by members
- Treatments and medications logged (conventional and CAM)
- Treatment ratings — effectiveness and tolerability scores (1–10)
- Treatment duration and usage patterns
- Co-occurring conditions and treatment combinations
We apply strict controls before any insight is generated. Raw individual records are never exposed. Where a dataset is too small to prevent any risk of identification, no insight is surfaced.
5.2 How it is displayed
Community Insights surfaces population-level statistics and analysis only. Examples include:
- Aggregate effectiveness and tolerability scores per treatment-condition pairing
- Top-rated treatments for a given condition across the member community
- Prevalence patterns — how commonly conditions or treatments appear together
- Statistical trends derived from member-entered health data
Where Community Insights includes any demographic dimension — such as age or other member characteristics — we use banded, aggregated measures only. For example, age is expressed as a range (such as 30–40) rather than a precise figure, ensuring no individual can be identified from what is shown.
Sample sizes are always displayed alongside aggregate figures. No data is surfaced for any pairing or analysis below a minimum member threshold, both as a privacy control and to ensure statistical reliability. No individual record, entry, or rating is ever surfaced.
5.3 Legal basis
Community Insights processing is based on our legitimate interest in providing a genuinely useful health record platform (Article 6(1)(f) UK GDPR). For health data specifically, which constitutes Special Category data, we rely on explicit consent (Article 9(2)(a) UK GDPR) provided when you create your account and record health information.
We take all reasonable steps to ensure that data contributing to Community Insights cannot be linked back to any individual. Aggregated Community Insights data — stripped of all personal identifiers — is retained indefinitely and is not deleted when you close your account.
5.4 What we will never do with Community Insights data
- Identify or re-identify any individual from community data
- Overlay demographic, locational, or personal profile data on community figures
- Share community data with third parties for commercial or research purposes
- Use community data to make automated decisions about you individually
6. How we share your data
We do not sell, rent, or share your personal health data with third parties for commercial purposes. We share data only where strictly necessary:
6.1 Infrastructure and hosting
Your data is hosted on Tier 1 enterprise-class cloud infrastructure, operated by a data processor under a Data Processing Agreement. Our hosting infrastructure is located within the UK, and your health data does not leave the UK/EEA as part of standard operations.
6.2 Payment processing
Subscription payments are processed by a PCI-DSS compliant payment provider. We do not store your full card details. The payment provider receives only what is necessary to process your subscription.
6.3 Legal obligations
We may disclose personal data if required to do so by law, regulation, or a binding order of a competent authority. We will notify you where legally permitted to do so.
6.4 Business transfers
In the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction. We will notify affected users and ensure that any successor entity is bound by equivalent data protection obligations.
7. International data transfers
Our primary infrastructure is hosted within the UK. Where any ancillary service providers are located outside the UK or EEA, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO), or adequacy decisions.
8. Your rights under UK GDPR
You have the following rights over your personal data. You may exercise any of these rights by contacting us at support@healthjournal.app. We will respond within one calendar month.
| Article | Right | What this means for you |
|---|---|---|
| Art. 15 | Right of Access | Request a copy of all personal data we hold about you. |
| Art. 16 | Right to Rectification | Correct inaccurate or incomplete personal data. |
| Art. 17 | Right to Erasure | Delete your account and personal data (subject to legal retention obligations — see §9). |
| Art. 18 | Right to Restriction | Restrict processing while a dispute is resolved. |
| Art. 20 | Right to Portability | Export your health record in a structured, machine-readable format. |
| Art. 21 | Right to Object | Object to processing based on legitimate interests. |
| Art. 22 | Automated Decisions | Not subject to solely automated decisions with significant legal effect. |
You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk if you believe we have not handled your data lawfully.
9. Data retention
We retain your personal data only for as long as is necessary for the purposes described in this policy, and in accordance with our legal obligations. The table below summarises our retention schedule by data category.
| Data category | Retention period |
|---|---|
| Health journal entries, medications, conditions, treatments | Duration of account + up to 30 days after deletion |
| Account credentials and authentication records | Duration of account + up to 30 days after deletion |
| Subscription and billing records | 7 years (UK financial record-keeping obligation) |
| Pseudonymised security audit logs | Up to 12 months post account deletion (Article 17(3) — legitimate interest: security and fraud prevention) |
| Aggregated community insight contributions | Retained indefinitely as aggregated data with no personal identifiers — not linked to your account after deletion |
| Support communications | 3 years from last contact |
10. Security
We take the security of your health data seriously. Our measures include:
- Encryption in transit (TLS 1.2+) and at rest (AES-256)
- Magic link authentication
- Access controls and least-privilege architecture
- Detailed access logging — all access to personal data is recorded and auditable
- Regular security reviews led by a dedicated security lead
No method of transmission or storage is completely secure. If we become aware of a breach affecting your personal data, we will notify you and the ICO as required by law.
11. Cookies and tracking
We use a minimal set of cookies strictly necessary to operate the service, including authentication session management and security. We do not use advertising cookies, third-party tracking cookies, preference cookies, or any analytics that identify you individually.
Full details of the cookies we use are set out in our separate Cookie Policy, available at healthjournal.app/cookie-policy.
12. Children, young people, and family-managed records
Health Journal is open to users of all ages. While we expect most of our members to be adults, we recognise that children and young people living with chronic health conditions may find particular value in maintaining a detailed, lifelong health record — and we welcome them as members in their own right.
Parents and family members may also create and manage health journal records on behalf of a child. Where they do so, the account holder takes responsibility for the accuracy and appropriateness of the data entered.
We are committed to handling the data of children and young people responsibly and in their best interests. In line with the UK Information Commissioner's Age Appropriate Design Code (Children's Code), we apply the following principles to all users, and in particular to those who may be under 18:
- Privacy settings are applied at their most protective level by default
- We do not profile users for commercial purposes
- We do not use children's data in ways that are detrimental to their wellbeing
- No data is ever sold or shared for advertising purposes
These commitments are consistent with our subscription-only, zero data monetisation model, which applies equally to all users regardless of age.
13. Changes to this policy
We may update this policy from time to time. Where changes are material, we will notify you by email at least 14 days before they take effect. The version number and effective date at the top of this document will always reflect the current version. Continued use of Health Journal after changes take effect constitutes acceptance of the updated policy.
14. Contact and complaints
For any questions about this policy or your personal data:
- Email: support@healthjournal.app
- Website: healthjournal.app
- I Own My Health Ltd, registered in England and Wales, Company Number 17313073
If you wish to make a complaint to the supervisory authority:
- Information Commissioner's Office (ICO)
- ico.org.uk · 0303 123 1113
Health Journal is operated by I Own My Health Ltd. Registered in England and Wales, Company Number 17313073. UK GDPR data controller. Privacy Policy v2.0 — July 2026.