Limit the Use of My Sensitive Personal Information

← Back to Home

Under the California Privacy Rights Act (CPRA, §1798.121), California residents have the right to direct a business that collects sensitive personal information ("SPI") to limit its use and disclosure to purposes necessary to provide the service.

Sensitive personal information we collect

The CPRA categories of SPI we may collect:

  • Account credentials — your email address, password (handled by Firebase Authentication, which stores passwords as one-way scrypt-based hashes; we never store or transmit the plaintext password), and any 2FA secrets.
  • Precise geolocation — only if you grant the operating-system permission. We use it for opt-in features that require location and for fraud detection on payment events. We do not use precise geolocation for advertising.
  • Contents of your communications. Direct messages and circle (group chat) messages are end-to-end encrypted on your device — the server stores ciphertext only, and we do not have the keys to read them. Journal entries are encrypted at rest on our servers using AES-256-GCM with a server-managed key (this is server-side encryption, not E2E — Donny Wonny operators with access to the encryption key technically can decrypt them; we restrict that access internally). Voice journal recordings (when you choose to record one) are uploaded over TLS for transcription and stored alongside their journal entry; you can delete them at any time from the journal screen.

How we use this SPI

By default, we use your SPI only for the purposes that are strictly necessary to provide the Donny Wonny service: authentication, the opt-in features that depend on your location, delivering your messages, storing and encrypting your journals, and the safety-critical crisis classifier described in our Privacy Policy §5.5.1. We do not use SPI to infer characteristics for cross-context behavioral advertising.

How to limit the use of your SPI

You have three ways to exercise this right:

  • In the mobile app— open Settings → Privacy and (a) enable the “Do Not Sell My Information” toggle, and (b) tap “Submit Consumer Request” to record an SPI-limit request on your account. Together these tell us to use your sensitive personal information only for purposes strictly necessary to provide the service. (A standalone “Limit SPI” toggle is on the roadmap and will replace the two-step flow when it ships; until then, this is the path the app supports.)
  • Email us at privacy@donnywonny.com. Include the email tied to your Donny Wonny account so we can verify your identity.
  • Submit a verifiable request through our Contact form.

What changes when you exercise this right

  • We will not use your precise geolocation for any feature other than fraud detection on payment events (which is strictly necessary to protect both you and us).
  • We will not use your communication metadata for personalized recommendations.
  • We will not share your SPI with third parties beyond the service providers strictly necessary to operate the service (e.g. our authentication provider, our cloud hosting provider).
  • Optional features that genuinely require SPI may become unavailable while the limit is in effect. We will tell you which features are affected when you toggle this on.

Authorized agents and verification

You may designate an authorized agent to submit this request on your behalf. Written proof of the agent's authority is required, and we will verify your identity directly before fulfilling the request, as permitted under CPRA §1798.135(a)(4).

Children's SPI

For users under 13, COPPA already restricts our SPI handling to a higher standard than CPRA. See Section 6 of our Privacy Policy.

Questions? Email privacy@donnywonny.com. See also Do Not Sell or Share My Personal Information and our complete Privacy Policy.

Last updated: May 2026.

We use cookies

We use cookies to enhance your experience, analyze site traffic, and personalize content. You can customize your preferences or accept all cookies.