Your words, sealed.
A recovery journal only works if you can be completely honest in it — and you can only be honest in a place you trust. Here is exactly how Recovery Journal protects what you write, in plain English.
What our servers store:
encrypted_content: "iVqJ9rT0xY2pLmW8cQ4nE7…"
What you see:
"Grateful for my sponsor's call today."
How it works
Encrypted in your browser, before anything is saved
When you save an entry, your browser encrypts it first — using AES-GCM through the Web Crypto API, the encryption standard built into every modern browser. Only then is it sent to be stored. Nothing readable ever travels.
You hold the key
Your encryption key is derived from a passphrase only you know, strengthened with PBKDF2 at 600,000 iterations. We never store it in plaintext. Honest trade-off: if you lose your passphrase, we cannot recover your entries — that's the price of us not being able to read them.
Step Four has its own lock
Your Step Four inventory — often the most sensitive thing you'll ever write — can use a separate encryption key. Keep it, or destroy that work on its own without losing the rest of your journal.
No analytics on your recovery
We don't track what you write, which tools you use, when you struggle, or how often you open the app. No advertising, no data sales, no third-party trackers — this page didn't even load a third-party font.
Delete everything, any time
A single action in your privacy settings permanently removes every record you've made — reflections, gratitude, step work, all of it.
Your account, only your data
Every table in the database enforces row-level security: your account can only ever read rows that belong to it. That rule lives in the database itself, not just the app.