Privacy Notice

Last updated May 31, 2026

1. Who we are

Daily Affirmations is operated by Chris Sheridan ("we", "us", "our"). Chris Sheridan acts as the data controller responsible for the personal data described in this notice. If you have any questions about your privacy, you can reach us through the contact options on our website.

2. Personal data we collect

We collect the following categories of personal data:

  • Account data — your name and email address when you create an optional account or sign in.
  • Message data — the affirmation message, recipient name, and recipient email address when you send an affirmation to a friend.
  • Community content — affirmations you choose to publish to the Community Wall.
  • Usage and technical data — device identifiers, IP address, browser type, and basic analytics about how you use the site.
  • Support communications — any messages you send us.

3. How and why we use your data

  • To create and manage your optional account (performance of a contract).
  • To deliver affirmations you send and display content you publish (performance of a contract).
  • To process payments through our payment provider (performance of a contract).
  • To keep the service secure and prevent fraud or abuse (legitimate interests).
  • To improve and maintain the service (legitimate interests).
  • To provide customer support (legitimate interests).
  • To send service or marketing communications where you have consented or where permitted by law (consent / legitimate interests).

4. How we share your data

We share personal data only with the following categories of recipients:

  • Paddle.com Market Ltd ("Paddle") — our Merchant of Record and payment processor. Paddle handles checkout, billing, tax compliance, invoicing, and refunds. Paddle processes your payment information in accordance with its own privacy policy.
  • Service providers and subprocessors — hosting, database, email delivery, and analytics providers that help us run the service.
  • Professional advisers — such as legal and accounting advisers, where necessary.
  • Authorities — where we are required to share data by law.

5. Data retention

We keep personal data only for as long as necessary to provide the service and to meet our legal, accounting, and reporting obligations. When data is no longer needed, we delete or anonymise it.

6. Your rights

Depending on where you live, you may have the right to access, correct, delete, or restrict the use of your personal data; to object to processing; to data portability; and to withdraw consent at any time. You also have the right to lodge a complaint with your local data protection authority. To exercise any of these rights, contact us and we will respond within the timeframe required by applicable law.

7. International transfers

Your data may be processed in countries outside your own. Where this happens, we rely on appropriate safeguards such as standard contractual clauses or adequacy decisions to protect your data.

8. Security

We use appropriate technical and organisational measures — including encryption in transit and access controls — to protect your personal data against unauthorised access, loss, or misuse.

9. Cookies

We use essential cookies needed to run the site and may use analytics cookies to understand usage. You can manage non-essential cookies through your browser settings.

10. Changes to this notice

We may update this notice from time to time. We will post the updated version on this page and revise the "last updated" date above.