Effective Date: 16 March 2026
Examrocket Limited Co. ("Company," "we," "us," or "our") operates the BAMI mobile application and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Service.
We are committed to a privacy-first approach. We collect only the data necessary to provide and improve the Service, we do not sell personal data, and users maintain control over their information.
By accessing or using BAMI, you agree to this Privacy Policy. If you do not agree, please do not use the Service.
In short: Your journal stays private. We do not sell your data. You control your information.
1. Company Information
• Legal Name: Examrocket Limited Co.
• Entity Type: Limited Liability Company (LLC)
• Registered Jurisdiction: Georgia, United States
• Business Address: 425 Riverbend Parkway, Athens, GA, USA
• Privacy Contact Email: support@rocketstudios.dev
For all privacy-related inquiries, contact us at the email above.
2. Eligibility and Age Requirements
BAMI is intended for users aged 16 years and older.
Minors under the age of majority in their jurisdiction may only use the Service with verifiable parental or legal guardian consent.
We do not knowingly permit children below applicable minimum age thresholds to create accounts.
3. Information We Collect
We collect information you provide directly, information collected automatically, and information received from platform and service providers.
3.1 Account Information
When you create an account, we may collect:
• Email address
• Authentication credentials and verification codes
• Sign-in data via third-party providers (for example, Sign in with Apple and Google Sign-In)
We do not collect:
• Phone numbers
• Profile photos
3.2 Journal and User Content
As part of the core journaling experience, we collect:
• Text journal entries
• Voice inputs used for speech-to-text journaling, including transcribed text
• Mood ratings and emotional check-ins
• AI conversation history
3.3 Device and Technical Information
We automatically collect limited technical data, including:
• Device type
• Operating system version
• Application version
• Device identifiers and app-specific identifiers necessary to operate the service, such as a stable device ID and push notification token
• Session logs
3.4 Usage and Analytics Data
We collect usage information to improve product performance and user experience:
• Screens viewed
• Time spent in the app
• Feature usage
• Clickstream data
• Funnel and conversion tracking
We currently use third-party analytics tools such as Mixpanel to help us measure engagement and product performance.
3.5 Payment and Subscription Information
Payments and subscriptions are processed entirely by Apple.
We do not collect or store payment card or billing information. We receive only transactional data necessary to:
• Confirm subscription status and entitlement
• Determine service eligibility, subscription plan, and trial status
• Manage entitlements resulting from Apple’s payment processing
We may also receive product identifiers, transaction identifiers, purchase dates, expiration dates, and related subscription status information from Apple.
4. Sensitive Personal Data
Because journaling may involve personal reflections, emotional experiences, or mental wellness content, user-generated content may constitute Sensitive Personal Data.
We apply enhanced safeguards to sensitive data, including strong encryption, strict internal access limitations, role-based access controls, and monitoring of all access to personal information.
5. How We Use Information
We use collected information for legitimate business purposes, including:
• Account creation and management
• Providing core app functionality
• AI-driven personalization
• Product improvement and internal analytics
• Analytics and performance optimization
• Customer support and troubleshooting
• Sending reminders and service notifications by email or push notification
• Safety, abuse prevention, and platform integrity
• Legal and regulatory compliance
We do not send promotional marketing emails.
We may send essential service communications necessary to operate your account and deliver the Service, including product updates, feature announcements, security notices, policy updates, subscription notices, and other account-related messages. These communications are not promotional in nature.
6. Artificial Intelligence and Model Processing
To power AI features within BAMI:
• Certain user content may be transmitted to qualified third-party artificial intelligence and large language model (LLM) service providers for processing. These providers act as service providers or data processors and may process information only under our instructions and contractual safeguards.
• Data is used solely for inference and service functionality
• Data is anonymized where feasible
• Human reviewers may access limited content:
o If content is flagged for safety or policy reasons
o For quality assurance and product improvement
We do not use user content to independently train proprietary AI models.
We may engage, replace, or work with multiple qualified third-party AI and large language model (LLM) service providers over time to support and improve the Service. Such changes in providers will not materially alter how your data is handled as described in this Privacy Policy.
7. Data Storage and Security
We implement administrative, technical, and organizational safeguards to protect information.
• Data is stored on secure MongoDB Atlas infrastructure
• Encryption in transit (TLS/HTTPS)
• Encryption at rest
• Strict access controls
• Logged and monitored access to personal data
No method of transmission or storage is completely secure, but we apply commercially reasonable safeguards.
8. Data Retention
We retain information only as long as necessary:
• Account and user data retained until account deletion
• Soft-deleted data permanently erased after 90 days
• Inactive accounts deleted after 12 months of inactivity
Retention may be extended where required for legal or security purposes.
9. Data Sharing and Disclosure
We do not sell personal data.
We do not share personal data with third parties for advertising purposes.
We do not use third-party advertising networks.
We may disclose information only:
• To service providers necessary to operate the platform, such as hosting providers, analytics providers, push notification providers, authentication providers, and AI processing providers
• To comply with legal obligations
• To enforce rights and prevent misuse
• To protect users and platform integrity
10. User Rights and Controls
Users may exercise certain controls directly within the app, including:
• Requesting deletion of their account
• Managing reminder preferences
• Managing passcode and biometric preferences
Requests to access, correct, or export personal data may be submitted by contacting us at the privacy contact email.
Verified deletion requests are completed within 30 days.
11. Geographic Scope
BAMI is offered to users globally, subject to applicable laws and local regulatory requirements.
We are committed to complying with data protection, privacy, and consumer protection laws in the jurisdictions where our users reside. Where local laws impose additional requirements, we will implement appropriate measures to meet those obligations.
12. Tracking Technologies
We may use analytics and measurement technologies, including:
• Analytics SDKs
These tools help us understand usage patterns and improve performance.
We do not use the IDFA to track users across third-party apps or websites for advertising purposes, and we do not use third-party advertising SDKs in the mobile app.
13. Children’s Privacy
BAMI is not intended for children below permitted age thresholds. We do not knowingly collect personal data from children.
If we learn that a child has provided personal data without authorization, we will delete it.
14. Research Use
We do not use personal data for academic or commercial research purposes.
15. Policy Updates
We may update this Privacy Policy periodically.
Users will be notified of material changes via in-app notice.
Continued use after updates constitutes acceptance.
16. Legal Bases for Processing (GDPR Notice)
If BAMI becomes available in the European Economic Area (EEA), we process personal data under lawful bases including:
• User consent
• Performance of a contract
• Legitimate business interests
• Legal obligations
Users may have additional rights under GDPR, including data portability and objection to processing.
17. International Data Transfers (GDPR Notice)
If data is transferred outside the EEA, we will implement appropriate safeguards such as:
• Standard Contractual Clauses
• Approved transfer mechanisms
18. Contact and Complaints
For privacy inquiries, data requests, or complaints:
Email: support@rocketstudios.dev
Users in certain jurisdictions may have the right to lodge complaints with their local data protection authority.