Privacy Policy – Outward

Last Updated: December 30, 2025

Effective Date: December 30, 2025

1. INTRODUCTION AND OVERVIEW

This Privacy Policy describes how Jolix Digital Labs LLC ("we," "us," or "our") collects, uses, stores, and shares your information when you use our mobile application Outward (the "App") and our related websites and services (collectively, the "Services").

By using the Services, you acknowledge that you have read, understood this Privacy Policy and you agree to the collection and use of information in accordance with this Privacy Policy.

2. WHAT INFORMATION DO WE COLLECT?

2.1 Information You Voluntarily Provide

When you use the App, we collect information that you voluntarily enter:

• Account Registration: Email address, password, and name (or Apple ID credentials if using "Sign in with Apple").

• Wellness Profile: Data provided during onboarding, such as your activity level, stress levels, wellness goals, and preferred walking environments.

• Journaling and Reflection:

  • Mood Data: Emotional states recorded before and after walks.

  • Journal Entries: Free-text entries where you record your thoughts and reflections.

• Content Interactions:

  • Ratings: Star ratings or reviews you provide for audio sessions.

  • Photo Library (Write Access): If you choose to save a "Walk Summary" image to your device, we may request permission to add images to your Photo Library. We do not read or access your existing photos.

• Support Communications: Information contained in emails, messages or support tickets you send to us.

2.2 Information We Collect Automatically

When you use the App, we automatically collect certain technical data:

• Walking & Activity Data:

  • Location Data: We may collect precise GPS location data to display your position on the map and record your walking routes. This tracking may occur while you use the App and may continue in the background during active walking sessions to ensure accurate distance measurement.

    • Permission: You can control this via your iOS Settings > Outward > Location.

• Motion Data: Step count, distance, pace, and duration derived from your device sensors.

• Timestamps: Start and end times of your sessions.

• Device & Usage Information:

  • Device Identifiers: IP address, device model, iOS version, app version, and system configuration information.

  • Usage Analytics: Which audio content you listen to, how often you use the App, and crash reports.

• Subscription Status: Receipt validation data from Apple/RevenueCat to confirm your subscription tier (we do not receive your credit card details).

2.3 Information from Apple HealthKit (Read-Only)

With your explicit system-level permission, the App may access step count data from Apple HealthKit.

• Limited Use: We use this strictly to display your daily steps within the App interface.

• No Cloud Storage: HealthKit data is processed on your device. We do not upload your HealthKit history to our cloud servers for long-term storage or analysis.

• No Third-Party Sharing: We do not share, sell, or disclose HealthKit data to third parties for advertising or marketing.

2.4 Push Notifications

We may request permission to send you push notifications regarding your account, walking reminders, new content releases, and app updates.

• Control: You can opt-out of these notifications at any time by turning them off in your device's settings (Settings > Notifications > Outward).

• Data Use: We may use and collect a unique device token to deliver these messages.

2.5 Cookies and Tracking Technologies

The Website may use cookies, tags, and similar technologies for analytics, functionality, and security. The Application may use mobile identifiers for analytics.

3. HOW DO WE USE YOUR INFORMATION?

We use the collected information for the following specific purposes:

• Service Delivery: To provide audio content, track your walks, and display your history.

• Personalization: To recommend audio content based on your past activity, content interaction, and stated mood.

• App Improvement and User Research: To analyze usage trends and contact you directly to request feedback, conduct user interviews, or ask about your experience to help us build a better product.

• Operational Communication: To send you technical notices, updates, and security alerts.

• Legal Compliance: To comply with applicable laws and enforce our Terms of Service.

• Support: To respond to your inquiries and solve any potential issues you might have.

• Marketing & Newsletters: To send you newsletters, special offers, and promotional content regarding Outward. You may unsubscribe from these marketing communications at any time via the "Unsubscribe" link in the email.

• Account Management: To maintain your account, verify your identity, process sign-ins, and handle account deletion requests.

4. HOW WE PROCESS SENSITIVE DATA & ENCRYPTION

4.1 Explicit Consent for Special Category Data

Certain data you provide—specifically your Mood Logs and Journal Entries—may reveal information about your mental health or emotional state. Under the GDPR and other privacy laws, this may be "Special Category Data."

By voluntarily using these features, you grant us Explicit Consent to process this data for the sole purpose of providing you with your personal wellness history and App functionality. You may withdraw this consent at any time by deleting your account or the specific data entries.

4.2 Important Security Notice: Encryption vs. Access

We believe in radical transparency regarding the security of your private thoughts.

• Encryption: Your journal entries and mood data are encrypted in transit (while moving from your phone to our servers) and at rest (while stored on our Google Firebase servers).

• The "Glass Vault" (Not End-to-End Encrypted): Please be aware that this data is NOT End-to-End Encrypted (E2EE). This means that authorized administrators of Jolix Digital Labs LLC (technical staff) possess the administrative keys to decrypt and view this data if strictly required for:

  • Critical technical support (e.g., recovering a corrupted account).

  • Compliance with valid legal subpoenas or court orders.

  • Database maintenance and security auditing.

Your Responsibility: Because we cannot guarantee that this data is inaccessible to valid legal process, you should not store highly sensitive information—such as financial passwords, or social security numbers—within your App journal entries.

Important Clarification About Health Data: Outward is not a medical device or healthcare service. We are not a covered entity under HIPAA. The health-related information we collect should not be used for medical diagnosis, treatment decisions, or as a substitute for professional medical advice. Walking metrics are estimates based on device sensors and GPS data, and should not be relied upon for precise health tracking or medical purposes.

5. SHARING OF INFORMATION

We do not sell your personal data. We only share information in the specific circumstances listed below:

5.1 Service Providers (Data Processors)

We utilize trusted third-party vendors to help run the App, such as:

• Google Firebase (USA): For cloud database storage, authentication, push notifications, and analytics.

• RevenueCat (USA): For managing subscription status and receipt validation.

• Apple (USA): For processing payments (we do not see your financial info) and distribution.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to:

• Comply with a legal obligation (e.g., a court order or subpoena).

• Protect and defend the rights or property of Jolix Digital Labs LLC.

• Prevent or investigate possible wrongdoing in connection with the Services.

• Protect the personal safety of users of the Services or the public.

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Service of any change in ownership or uses of your personal information.

5.4 With Your Consent

Where You direct Us to share information.

6. DATA RETENTION AND DELETION

• Retention: We retain your personal information only for as long as your account is active or as needed to provide you Services.

• Deletion: You may request the deletion of your account and all associated data at any time directly within the App settings ("Delete Account").

• Post-Deletion: Upon account deletion, your personal identifiers and journal data are removed from our active databases. Some data may persist in encrypted backup archives for a limited period (typically up to 90 days) as part of our disaster recovery protocols. We may retain a limited legal audit record for compliance and legal defense purposes.

7. INTERNATIONAL DATA TRANSFERS

Outward is operated from the United States. If you are located in the European Economic Area (EEA), United Kingdom, or other regions with laws governing data collection and use that may differ from U.S. law, please note that your information will be transferred to and processed in the United States.

For EEA/UK Users: We rely on the European Commission's Standard Contractual Clauses (SCCs) established by our service providers as part of their data processing terms.

8. LEGAL BASES FOR PROCESSING (FOR GDPR-COVERED USERS)

Where applicable, We rely on:

• Consent

• Contract performance

• Legitimate interests (e.g., service improvement, security)

• Legal obligations

9. CHILDREN'S PRIVACY

The Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18 without parental consent, we will take steps to delete that information. If you become aware that a child has provided us with personal information, please contact us at support@outward-app.com.

10. YOUR RIGHTS

Depending on your location, you may have the following rights:

• Access: The right to request copies of your personal data.

• Rectification: The right to request that we correct any information you believe is inaccurate.

• Erasure: The right to request that we erase your personal data.

• Restriction: The right to request that we restrict the processing of your personal data.

• Portability: The right to request that we transfer the data that we have collected to another organization, or directly to you.

To exercise these rights, please contact us at support@outward-app.com.

11. CHANGES TO THIS PRIVACY POLICY

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date or by email. You are advised to review this Privacy Policy periodically for any changes. Updates become effective when posted.

12. CONTACT US

If you have any questions about this Privacy Policy, please contact us:

Jolix Digital Labs LLC

30 N Gould St #51122

Sheridan, WY 82801

United States

Email: support@outward-app.com

Website: outward-app.com