Privacy Policy

Last updated: 2026-01-20

Who we are

“Capsule” (also “we”, “us”, “our”) provides a cross-platform journaling experience designed for sharing weekly updates with a small circle of friends.

If you have questions about this policy or your privacy rights, contact us at contact@cogniment.com.

What this policy covers

This policy describes how we collect, use, and share information when you:

• use the Capsule app (iOS, Android, and web app experience where available), and/or
• visit our marketing site, including blog and studio pages (the “Site”).

This policy does not cover third-party websites or services you may access through links in Capsule. Those services have their own privacy policies.

Information we collect

We collect information in three ways: (1) you provide it, (2) we collect it automatically, and (3) we receive it from service providers that help us run Capsule.

Information you provide

• Account and profile information. Such as your email address, your name (optional), and profile picture (optional).
• Friend and invitation information. Such as friend connections, friend requests, and invitation emails you enter to invite others.
• Content you create. Your weekly Capsules (e.g., text and images), responses, and photos you attach.
• Support communications. Information you share when you contact us for support.

Information we collect automatically

• Device and app information. Such as device type, operating system, app version, and similar technical identifiers.
• Log and security information. Such as IP address and timestamps when you access our services, which help us secure accounts and prevent abuse.
• Theme preference on the Site. The marketing site stores your light/dark mode preference using browser storage (localStorage).

End-to-end encryption and what it means

Capsule is designed so that your Capsule content is encrypted before it is stored on our servers. In practice, that means:

• Encrypted content. Text fields in Capsules and responses are encrypted on-device, and encrypted photos are stored as encrypted files.
• Keys. Your private encryption key is stored locally on your device (for example, using platform secure storage). We store your public key so your friends can share encrypted content with you.
• Encrypted sharing. When you share a Capsule with a friend, the Capsule’s symmetric key is encrypted for each recipient using their public key (so only recipients can decrypt).
• Some data may not be encrypted. For example, account identifiers, friend relationships, timestamps, and reactions may be stored unencrypted.

Note: No security system is perfect. End-to-end encryption protects the confidentiality of encrypted content, but it does not eliminate all privacy risks (for example, metadata, device compromise, or content you choose to share outside Capsule).

Push notifications

If you enable push notifications on iOS/Android, we collect and store a push token associated with your account and device so we can deliver notifications (for example, friend requests or Capsules received). You can disable notifications in your device settings at any time.

Blog and content management (Site)

Our Site may include a blog and a content editor (studio). These features may be powered by a content management provider. When you view blog pages, that provider and/or our hosting provider may process basic request information (like IP address and user agent) to deliver the page and assets.

How we use information

We use information for purposes such as:

• Provide the service. Create accounts, deliver content, show your friend circle, and sync your data across sessions/devices where available.
• Security and abuse prevention. Detect suspicious activity, protect accounts, and prevent spam/invitations abuse.
• Notifications. Send push notifications and service messages you request or enable.
• Support. Respond to questions and troubleshoot issues.
• Improve Capsule. Debug, measure performance, and improve reliability (for example, via aggregated operational metrics).
• Legal compliance. Comply with lawful requests and applicable legal obligations.

Legal bases (GDPR/UK GDPR)

If you are in the EEA, UK, or Switzerland, we process personal data under one or more of the following legal bases:

• Contract. To provide the service you request (for example, creating an account and syncing your Capsules).
• Consent. For optional features like push notifications where you can withdraw consent by changing device settings.
• Legitimate interests. To secure our services, prevent abuse, and improve reliability (balanced against your rights).
• Legal obligation. Where we must comply with applicable law.

How we share information

We share information only in limited circumstances, such as:

• Service providers (“processors”). We use vendors to host and operate Capsule (for example, database/auth/storage providers, hosting providers, and notification delivery providers). They process information on our instructions and subject to appropriate safeguards.
• With your friends (your direction). When you share a Capsule, your friends can see the content you share with them. Encrypted content is intended to be readable only by intended recipients.
• Legal and safety. We may disclose information if we believe it’s reasonably necessary to comply with law, protect rights and safety, or prevent fraud/abuse.
• Business transfers. If we’re involved in a merger, acquisition, or asset sale, user information may be transferred as part of that transaction (subject to this policy unless you’re notified otherwise).

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.

International transfers

Capsule may be operated from, and our service providers may process information in, countries other than where you live. Where required, we rely on appropriate transfer mechanisms (such as Standard Contractual Clauses) to protect personal data.

Data retention

We retain personal data for as long as needed to provide the service, comply with legal obligations, resolve disputes, and enforce agreements. In general:

• We keep account information while your account is active.
• We keep your Capsules and related content until you delete them or close your account (subject to limited backup retention).
• We retain logs and security records for a limited period appropriate for security and troubleshooting.
• Push tokens are retained until you disable notifications or we detect they’re no longer valid.

Security

We use reasonable administrative, technical, and organizational measures designed to protect information. This includes encryption for Capsule content and access controls around our infrastructure. However, no method of transmission or storage is 100% secure.

Your rights

Depending on where you live, you may have rights regarding your personal data. These may include the right to access, correct, delete, or export your data, and to object to or restrict certain processing.

You can delete your account and all associated data at any time from within the Capsule app: open Settings → Account → Delete account.

EEA/UK/Swiss users (GDPR/UK GDPR)

• Right of access
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object
• Right to withdraw consent (where processing is based on consent)
• Right to lodge a complaint with a supervisory authority

US state privacy laws (e.g., California)

Depending on your state, you may have the right to know what personal information we collect and disclose, to request deletion, to request correction, and to opt out of certain data sharing. Capsule does not sell personal information.

To exercise your rights, email contact@cogniment.com. We may need to verify your identity before completing certain requests.

Children

Capsule is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us so we can take appropriate steps.

Changes

We may update this policy from time to time. We will post the updated version on this page and update the “Last updated” date.

Contact

For privacy questions or requests, contact contact@cogniment.com.