Dreimo

Legal

Privacy Policy

Last updated: June 29, 2026

This Privacy Policy explains how BRIGHT CODE HOLDINGS S.R.L. ("Dreimo", "we", "us", or "our") collects, uses, shares, and protects information when you use the Dreimo mobile application, the website at https://dreimo.app, APIs, account systems, and related services (collectively, the "Service").

Dreimo is a private dream journal for capturing dreams, recording audio, transcribing entries, and generating AI-powered interpretations and pattern insights. Because dreams and journal entries can be personal, this policy explains the categories of information we process, why we process them, and the choices available to you.

By using the Service, you acknowledge the practices described in this Privacy Policy. If you do not agree, do not use the Service.

1. Summary

1.1 We collect the information needed to operate Dreimo, including account information, dream journal content, audio recordings, transcriptions, AI-generated interpretations, subscription status, support messages, and security or diagnostic data.

1.2 Dream content is processed to provide journal access, transcription, interpretation, export, deletion, Premium access, and related support. We do not sell your dream content or personal information.

1.3 Audio and dream text may be processed by service providers that help us deliver transcription and AI interpretation features.

1.4 Purchases are handled by app stores and billing infrastructure providers. We receive purchase, subscription, and entitlement information needed to unlock Premium features, but we do not receive your full payment card details.

1.5 Dreimo includes controls to export your dream journal data and delete your account and journal data from active systems, subject to the retention limits described below.

1.6 Some privacy-related app features, such as app lock, passcode, biometrics, and morning reminder preferences, are stored or handled on your device or by your operating system.

2. Who we are

  • Controller for GDPR purposes: BRIGHT CODE HOLDINGS S.R.L.
  • Website: https://dreimo.app
  • Contact: support@dreimo.app

If you are in the EEA or UK, "controller" means the entity responsible for deciding how and why personal data is processed.

3. Information we collect

3.1 Account and identity information. We collect information used to create, authenticate, and manage your account, including email address, user ID, sign-in method, authentication tokens, Apple or Google sign-in identifiers where provided, and related account metadata.

3.2 Email verification information. If you sign in by email, we process your email address, one-time verification codes, code status, expiration data, and related rate-limiting information needed to send and verify login codes.

3.3 Dream journal information. We collect dream entries, dates, titles, notes, edited text, journal metadata, creation and update timestamps, interpretation status, and information needed to display, paginate, export, update, or delete your journal.

3.4 Audio recording information. If you record or upload dream audio, we collect the audio file, MIME type, file metadata, upload metadata, associated journal entry, transcription status, transcription provider, transcription model, transcription errors, transcription timestamps, transcription text, and any edited transcription text.

3.5 Generated content. We store dream interpretations and related generated output, such as summaries, themes, emotions, symbols, reflection prompts, suggested actions, pattern insights, unlock status, generation status, errors, and timestamps.

3.6 Subscription and purchase information. If you use Premium, we process subscription status, entitlement state, product IDs, store identifiers, expiration dates, RevenueCat app user IDs, sync source, webhook event IDs, purchase metadata, and related billing-provider payloads needed to validate and restore access.

3.7 Support and communications. If you contact us, we collect your message, email address, request details, platform information you choose to provide, and information needed to respond to and resolve the request.

3.8 Device-side app privacy settings. The App may store authentication tokens, sign-in method, app lock status, salted passcode hashes, passcode salts, reminder times, reminder notification identifiers, and similar preferences in device secure storage. Plaintext app-lock passcodes are not stored by Dreimo.

3.9 Device permissions and local notifications. If you enable microphone recording, notifications, biometrics, or local reminders, your device operating system processes permission status and related device-level information. Morning reminders are scheduled through the device notification system.

3.10 Technical, security, and diagnostic data. Our servers process request IDs, routes, URLs, request methods, timestamps, response status, duration, sanitized headers, sanitized request and response metadata, hashed IP addresses, user IDs where authenticated, error information, and related logs used to operate and secure the Service.

3.11 Rate-limiting and abuse-prevention data. We process hashed email or IP identifiers, request counts, retry timing, and related limiter data to prevent abuse, protect login flows, and secure the Service.

3.12 Website data. If you visit the website, hosting infrastructure may process standard web request information such as IP address, user agent, requested URL, referrer, timestamps, and similar technical data. The current landing site is primarily informational and does not require a website account.

4. Sensitive information

4.1 Dreimo is not intended to collect medical, mental health, biometric identity, government ID, financial account, or other special category information as a required part of the Service.

4.2 Because dream entries, audio recordings, transcriptions, and support messages are free-form, you may choose to include sensitive information. If you do, we process it as needed to provide the Service you requested and as described in this Privacy Policy.

4.3 We encourage you not to include highly sensitive information unless it is necessary for your own journaling. Dreimo is for reflection, not medical care, therapy, diagnosis, crisis support, legal advice, or financial advice.

4.4 Biometric unlock, where available, is handled by the device operating system. Dreimo does not receive or store your face, fingerprint, or biometric template.

5. How we use information

5.1 Provide and operate the Service. We use information to create and authenticate accounts, save and display journal entries, store audio recordings, provide transcription, generate interpretations, show insights, sync account state, and deliver core app functionality.

5.2 Process audio and AI features. We use dream text, audio recordings, transcription text, edited transcription text, and related context to transcribe recordings, generate dream interpretations, provide reflection prompts, and produce pattern insights.

5.3 Manage Premium access. We use purchase and subscription information to validate entitlements, unlock Premium features, restore purchases, backfill missing interpretations where available, prevent fraud, and troubleshoot billing issues.

5.4 Provide exports and deletion. We use journal, interpretation, audio metadata, and account information to provide data exports and account deletion controls.

5.5 Support and communication. We use your contact information and request details to respond to support, privacy, billing, export, deletion, and product feedback requests.

5.6 Security and abuse prevention. We use technical, diagnostic, rate-limiting, and logging information to secure accounts, detect unauthorized access, prevent spam and abuse, investigate service issues, and enforce our Terms.

5.7 Service maintenance and improvement. We use operational information to debug issues, monitor reliability, improve app flows, evaluate feature behavior, and maintain system performance.

5.8 Legal and compliance. We use information to comply with law, respond to lawful requests, protect rights and safety, resolve disputes, and maintain records required for accounting, tax, security, or legal obligations.

6. Legal bases for processing

6.1 Contract. Where GDPR or UK GDPR applies, we process information when necessary to provide the Service you request, including account access, journal storage, transcription, interpretations, exports, deletion, Premium access, and support.

6.2 Legitimate interests. We process information for legitimate interests such as securing the Service, preventing abuse, debugging issues, maintaining reliability, improving the product, enforcing Terms, and protecting users, where those interests are not overridden by your rights.

6.3 Consent. We rely on consent where required, including for optional device permissions such as microphone access, notifications, and biometrics, and for cookies or similar technologies where applicable.

6.4 Legal obligation. We process information where necessary to comply with legal obligations, tax or accounting requirements, lawful requests, dispute handling, and consumer protection obligations.

6.5 Vital interests and public interest. In limited situations, we may process or disclose information where necessary to protect vital interests, safety, or comply with public-interest legal requirements.

7. How we share information

7.1 We do not sell your personal information or dream content.

7.2 Service providers. We may share information with vendors that help us operate Dreimo, including cloud hosting, database, file storage, email delivery, transcription, AI model, billing infrastructure, app distribution, notification, logging, security, and support providers.

7.3 AI and transcription providers. Dream text, audio recordings, transcription text, edited transcription text, and related context may be sent to service providers that help provide transcription and interpretation features. These providers process the information to deliver the requested functionality.

7.4 App stores and billing providers. Apple, Google, RevenueCat, and similar Platforms may process purchase and subscription information and provide us with entitlement, product, store, and subscription status information. We do not receive your full payment card number from app stores.

7.5 Sign-in providers. If you use Apple or Google sign-in, those providers process your authentication request and may provide us with identifiers, email verification status, and email address where available.

7.6 Legal, safety, and compliance. We may disclose information if we believe it is reasonably necessary to comply with law, legal process, or governmental request; enforce our Terms; investigate fraud or abuse; protect the Service; or protect the rights, property, or safety of users, Dreimo, or others.

7.7 Business transfers. If we are involved in a merger, acquisition, financing, reorganization, sale of assets, or transfer of the Service, information may be transferred as part of that transaction, subject to appropriate safeguards.

7.8 With your direction. We may share information when you direct us to do so, such as when you export your data, use the system share flow, contact support, or otherwise choose to provide information outside Dreimo.

8. International transfers

8.1 We may process and store information in countries other than where you live, including outside the EEA, UK, or Switzerland.

8.2 When required, we rely on appropriate safeguards such as Standard Contractual Clauses, adequacy decisions, provider data-processing terms, or other lawful transfer mechanisms recognized by relevant authorities.

9. Data retention

9.1 We keep personal data only as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

9.2 Account data. Account information is generally retained while your account is active and deleted or anonymized after account deletion, subject to legal, security, backup, and operational retention.

9.3 Journal and audio data. Dream entries, audio recording records, transcriptions, interpretations, and insights are generally retained until you delete individual content where available or delete your account, subject to backups and legal retention.

9.4 Audio files. Audio files are retained as needed to provide recording, playback, transcription, and journal features and may be deleted with associated entries or account deletion, subject to storage system behavior and backups.

9.5 Subscription records. Subscription and entitlement records may be retained as needed for access control, accounting, tax, fraud prevention, platform reconciliation, dispute handling, and compliance.

9.6 Logs and diagnostics. Server logs, security logs, rate-limit records, and diagnostic data are retained for limited periods appropriate to security, troubleshooting, abuse prevention, and legal needs.

9.7 Backups. Backups may persist for a limited period after deletion before they are overwritten or deleted according to backup cycles.

10. Your choices and controls

10.1 Access and update. You can view account information and journal content in the App where available.

10.2 Export. Dreimo includes controls to export your dream journal data, currently as a JSON export. Exported files are your responsibility after they leave Dreimo.

10.3 Delete account. Dreimo includes controls to delete your account and journal data from active systems. You may also contact us from the email address connected to your account for help.

10.4 Subscriptions. You must manage and cancel app-store subscriptions through the Platform where you purchased them. Deleting your account or the App does not automatically cancel a subscription.

10.5 Device permissions. You can enable or disable microphone, notification, biometric, and similar permissions through your device settings.

10.6 Local reminders and app lock. You can enable, disable, or change app lock and morning reminder settings in the App where available. These settings are stored on your device and may also be affected by your operating-system settings.

10.7 Support and privacy requests. You can contact us at support@dreimo.app for privacy questions, access requests, correction requests, deletion help, portability questions, or account support.

11. Your privacy rights

11.1 Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, receive a portable copy of, or withdraw consent for your personal data.

11.2 To exercise rights, contact us at support@dreimo.app. We may need to verify your identity before fulfilling a request.

11.3 You may also have the right to lodge a complaint with your local data protection authority.

11.4 We will not discriminate against you for exercising privacy rights where prohibited by law.

12. California and similar U.S. privacy rights

12.1 If you are a California resident or live in a jurisdiction with similar privacy laws, you may have rights to know what personal information we collect, use, disclose, and share; to request deletion; to correct inaccurate information; and to opt out of certain sale or sharing practices.

12.2 We do not sell personal information or dream content. We also do not knowingly sell or share personal information of children under 16.

12.3 To submit a request, contact us at support@dreimo.app.

13. Children

13.1 Dreimo is not intended for children under 13.

13.2 If you believe a child under 13 has provided personal information to Dreimo, contact us so we can review and delete it where appropriate.

13.3 If a user is under the age of legal majority, use of the Service should occur only with consent from a parent or guardian, as described in our Terms.

14. Security

14.1 We use reasonable technical and organizational safeguards designed to protect personal data, including account authentication, access controls, secure device storage for local tokens and settings, private storage options for audio files, and logging controls that redact or hash sensitive values where feasible.

14.2 No online service can guarantee absolute security. You should protect your email account, app-store account, device passcode, and device operating system.

14.3 If you suspect unauthorized access to your account or device, contact us promptly and take steps to secure your email account and device.

15. Third-party links and services

15.1 The Service may link to or integrate with third-party services, including app stores, Apple, Google, RevenueCat, cloud providers, email providers, transcription providers, AI model providers, operating-system services, and support tools.

15.2 We are not responsible for third-party privacy practices. Review third-party terms and privacy policies before using those services.

16. Changes to this Privacy Policy

16.1 We may update this Privacy Policy from time to time as Dreimo changes or as legal, security, or operational needs evolve.

16.2 We will update the "Last updated" date when we post changes.

16.3 If changes are material, we may provide additional notice where required by law, such as in-app notice, website notice, email, or a consent flow.

17. Contact us

Questions, requests, or complaints about this Privacy Policy can be sent to support@dreimo.app.

BRIGHT CODE HOLDINGS S.R.L.