Miktam
Privacy Policy
Last updated: July 11, 2026
Miktam is a private Christian journaling and reflection app designed to help you write honestly, reflect through Scripture, and recognize meaningful themes in your life.
This Privacy Policy explains what information Miktam collects, how it is used, when it may be processed by service providers, and the choices available to you.
Important privacy summary
Your saved journal entries and reflections are encrypted before being stored in the cloud. However, when you intentionally request an automated reflection or scanned-text cleanup, the text needed to perform that request must temporarily be decrypted and sent to the services that generate the result.
Information You Provide
Depending on the features you use, you may provide:
- Your email address and account credentials.
- Journal entries, prayers, moods, feelings, titles, and saved reflections.
- Text extracted from scanned handwritten journal pages.
- Your preferred reflection tone and Bible familiarity setting.
- Support-request information, including your email address, subject, category, and message.
Journal entries may contain sensitive personal, spiritual, emotional, health-related, financial, relationship, or other information that you choose to write. Miktam does not require you to include any particular type of personal information in your journal.
Journal Encryption
Miktam encrypts supported journal entries and saved reflections on your device before they are stored in Firebase. The cloud-stored version is intended to be unreadable without the encryption information held by your device or unlocked using your recovery password.
Miktam does not store your recovery password as readable text. Your recovery password is used to unlock the encryption information needed to access your journal on a new or restored device.
If you lose your recovery password and no trusted device still has access to your journal encryption key, your older encrypted journal entries and reflections may be permanently unrecoverable. Resetting your normal account password does not unlock encrypted journal content.
Automated Reflections and Scanned-Text Cleanup
Miktam only sends journal or scanned text for automated processing when you intentionally request a reflection or scanned-text cleanup.
To complete that request, the necessary text is decrypted on your device and transmitted through Miktam's secured cloud function to OpenAI. OpenAI processes the text and returns the generated reflection or cleaned text.
While the request is being processed, that text is not protected by your journal's end-to-end encryption because the processing service must be able to read it to generate a response.
OpenAI states that information submitted through its API is not used to train its models by default unless the API customer affirmatively opts in. OpenAI may retain prompts, responses, and related information under its API application-state, safety, and abuse-monitoring policies. Under standard API settings, this may include retention for approximately 30 days or longer when legally required or necessary to protect the service or others.
Miktam does not intentionally include your email address or recovery password in the automated-reflection prompt. However, information you personally write inside a journal entry may be included in the text submitted for processing.
Support Requests
When you contact Miktam Support from inside the app, Miktam stores information needed to review and respond to your request. This may include:
- Your account email address.
- The subject, category, and message you submit.
- The status and date of the support request.
- Your Miktam version, build number, iOS version, and general device model.
Support requests are not protected by your journal encryption. They are readable by the Miktam administrator so the request can be reviewed and answered.
Do not include your recovery password, encryption key, full journal entries, payment-card information, or other highly sensitive information in a support request.
Account Information
Miktam uses Firebase Authentication to manage account registration, sign-in, password recovery, and account identity. Account information may include your email address, Firebase user identifier, account creation date, and authentication-related information.
Miktam does not receive or store your Apple Account password.
Subscriptions and Purchases
Miktam Plus purchases are processed through Apple's App Store and StoreKit. Apple processes your payment information.
Miktam may receive and store limited subscription information needed to provide paid features, such as the product identifier, subscription status, entitlement status, and expiration information. Miktam does not receive your complete payment-card number from Apple.
App Usage and Technical Information
Miktam may collect limited usage and technical information needed to operate, secure, understand, and improve the app. This may include:
- App launches and interactions with certain app features.
- App version, build number, operating-system version, and general device information.
- Crash reports, error messages, performance information, and diagnostic data.
- Notification tokens used to deliver notifications you enable.
- A temporary online-presence record indicating whether a signed-in app session is connected and when that connection last changed.
- Technical metadata that service providers may process, such as IP address, application identifiers, timestamps, and request information.
Miktam uses Firebase services such as Authentication, Cloud Firestore, Realtime Database, Cloud Functions, Cloud Messaging, Analytics, and Crashlytics to provide these functions.
How Miktam Uses Information
Miktam may use information to:
- Create, secure, and maintain your account.
- Save and synchronize encrypted journal content across supported devices.
- Generate reflections and clean scanned journal text when requested.
- Provide subscription features and enforce usage limits.
- Deliver reminders and other notifications you enable.
- Respond to support requests.
- Detect errors, prevent misuse, secure the service, and improve app reliability.
- Comply with applicable legal obligations.
Data Sharing
Miktam does not sell your journal entries, reflections, support requests, or personal information.
Information may be processed by service providers only as needed to operate Miktam. These providers may include:
- Google Firebase for authentication, database storage, cloud functions, notifications, analytics, and crash reporting.
- OpenAI for automated reflections and scanned-text cleanup that you request.
- Apple for App Store distribution, subscription purchases, payment processing, and StoreKit services.
Information may also be disclosed when reasonably necessary to comply with law, enforce applicable agreements, investigate fraud or misuse, protect users, or protect the rights and security of Miktam and others.
Data Security
Miktam uses safeguards intended to protect information, including journal encryption, authenticated access, database security rules, secured cloud functions, and encrypted network connections.
No application, storage provider, encryption method, or internet transmission can be guaranteed to be completely secure. You are responsible for protecting your account password, recovery password, device passcode, and access to your devices.
Data Retention
Account and encrypted journal information may be retained while your account remains active and as needed to provide Miktam.
Support correspondence, security records, diagnostic information, provider logs, and backup copies may be retained for a reasonable period when needed to provide support, prevent misuse, comply with legal obligations, resolve disputes, or maintain system integrity.
Third-party providers may retain information according to their own terms, policies, and the settings configured for Miktam's accounts with those providers.
Deleting Your Account
You may request account deletion from inside Miktam. Account deletion is intended to remove your Firebase Authentication account, primary user record, encrypted journal entries, saved reflections, notification tokens, and journal-encryption metadata.
Deletion may not immediately remove information from provider logs, security records, backups, or systems where temporary retention is required for legal, fraud-prevention, safety, support, or technical reasons.
Support requests may be retained after account deletion when reasonably necessary to complete or document the support request. You may contact Miktam Support to request deletion of support correspondence associated with your email address.
Account deletion cannot restore journal content that became inaccessible because the recovery password or encryption key was lost.
Your Choices
You may choose whether to write journal entries, request automated reflections, scan journal pages, submit support requests, or enable notifications.
You may update certain account and reflection preferences inside the app. You may also delete individual journal entries or request deletion of your account.
Children's Privacy
Miktam is not directed to children under 13, and Miktam does not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal information through Miktam, please contact us so the information can be reviewed and removed when appropriate.
International Processing
Miktam and its service providers may process information in the United States and other locations where their systems, employees, or service providers operate. Privacy protections may differ between jurisdictions.
Changes to This Policy
This Privacy Policy may be updated as Miktam's features, service providers, or legal obligations change. The updated version will be posted on this page with a revised "Last updated" date.
Contact
For privacy questions, account-deletion questions, or requests concerning your information, contact: