ThroughlineJournal

Privacy.

Throughline · Journal is a small product I built. This page describes what data the app handles, what I do with it, and what I will not do with it. It is intended to be honest about the tradeoffs that come with offering AI analysis of personal journaling.

Can I (the operator) read your entries?

Honest answer: in principle, yes. Entries are stored as plain text in the database so the AI features (Readings, Throughlines, book recommendations) can read them and generate analyses. That means I, as the operator, have technical access. This is true of nearly every cloud journaling product that is not end-to-end encrypted.

In practice, my policy is:

  • I do not read your entries casually or out of curiosity. I only look if you have specifically asked me to — for example, to help debug a problem you have reported.
  • I never use your entries to train AI models, or for analytics, product research, or marketing.
  • I never share, sell, or give them to any third party that is not already named in the “Third parties” section below.

If having any operator-level access to your entries is not acceptable for your use case, journaling tools with true end-to-end encryption may be a better fit. The honest tradeoff is that those tools generally cannot offer AI analysis, because the analysis needs to read the text to work.

Sharing

I do not sell, rent, or share your data. There is no advertising, no third-party analytics, and no data brokers. The only entities that receive any of your data are the infrastructure providers listed in the next section, and each only receives what they need to make the product work for you.

What I collect

  • Your email address, used to send sign-in links and to identify your account.
  • The text of journal entries you write, with timestamps and word counts.
  • Generated Readings and Throughlines — the AI analyses produced from your entries are saved so you can revisit them.

No analytics, no tracking pixels, no advertising identifiers, no cookies beyond the session cookie that keeps you signed in.

How I use it

Your data is used only to operate the product as you experience it: to authenticate you, to display your entries, and to generate the AI analyses you ask for. It is not used for marketing, profile-building, advertising, or any purpose outside the app.

Third parties

Throughline relies on a small set of infrastructure providers. Each receives only what it needs to perform its function:

  • Anthropic. When you generate a Reading or Throughline, the relevant entries are sent to Anthropic’s API to produce the analysis. The processing is subject to Anthropic’s data handling policy at the time of generation. You can review their policy at anthropic.com/legal/privacy.
  • Neon. The Postgres database (US region) where your entries, analyses, and account live. Data is encrypted in transit and at rest.
  • Resend. The email service used to deliver sign-in links. Receives your email address and the link content.
  • Open Library. The public book catalog used to verify book recommendations. Receives only a proposed book title and author. No personal data is sent.

AI and training

Your entries are not used to train any AI model. They are sent to Anthropic only at the moment you generate a Reading or Throughline, processed under Anthropic’s standard API data handling, and the result is saved to your account.

Security

All connections (your browser to the app, the app to the database, the app to Anthropic, the app to Resend) use TLS. The database encrypts data at rest. Authentication is by magic link — no passwords are stored. The app does not handle credit card data; payments to infrastructure providers are made by me from my own accounts.

Data retention

Your data is kept for as long as your account exists. You can delete individual entries from the History tab, delete past Readings from inside an open reading, and regenerate the Throughline at any time (which replaces the previous one).

To delete your entire account and all associated data, go to Settings and use the “Delete account” section at the bottom. The deletion is immediate and irreversible. If you’d rather have me do it for you, email hello@karenye.net and I’ll remove it within 7 days. Note that the database provider may retain encrypted backups for a short period after deletion before they age out.

Your rights

You have the right to:

  • Access the data the app holds about you. Email hello@karenye.net to request a copy.
  • Export your data. A Markdown export of your entries and generated analyses is available from the History tab in the app.
  • Delete individual entries, past Readings, or your full account at any time.
  • Ask questions about how your data is handled. Same email.

A few practical things

This is a personal project, not a company, and I want to be honest about what that means.

  • I’ll do my best to keep it running, but I can’t promise uptime. If your journal matters to you, export your entries from History every now and then.
  • What you write here is your responsibility. Please use the product in good faith.
  • If a court or law enforcement asks for data with valid paperwork, I have to comply with what the law actually requires. I’ll let you know if I’m allowed to.

Changes to this policy

If this policy changes in any material way, I will update this page and email signed-in users at the address on file before the change takes effect.

Contact

Throughline · Journal is a personal project by Karen Ye. For privacy questions, data requests, deletion, or anything else, reach me at hello@karenye.net.