Daylight
Get started

Privacy Policy

Last updated: May 12, 2026

Introduction

Daylight is operated by Monument Labs, LLC ("Daylight," "we," "us"), a Virginia limited liability company. This policy explains what we collect when you use Daylight, how we use it, and the choices you have. We collect only what we need to run the service and we do not sell your personal information.

Information We Collect

We collect information that you provide directly to us, including:

  • Account information (name, email address, and password, or profile information from a sign-in provider)
  • Evidence and documentation you upload to the platform
  • Audio recordings and the transcripts generated from them
  • Timeline entries, journal entries, and notes
  • Billing information processed by our payment provider (we do not store full card numbers)
  • Basic usage and device information (such as pages visited and browser type) used to operate and improve the service

Sign in with Google

If you choose to sign in with Google, Google shares your name, email address, profile picture, and Google account ID with us so we can create and authenticate your Daylight account. We do not request access to your Gmail, Google Drive, Calendar, or any other Google service. We use this information solely to identify you within Daylight, and we do not sell it, share it with advertisers, or use it for any purpose other than running the service.

You can disconnect Google access at any time at myaccount.google.com/permissions .

Data Security

Your data is hosted on Supabase (PostgreSQL and S3-compatible object storage) and served through Vercel. All traffic to and from Daylight uses TLS, and data is encrypted at rest by our infrastructure providers. Access to production systems is limited to authorized personnel. No system is perfectly secure, but we take reasonable steps to protect your information against unauthorized access, alteration, or disclosure.

Data Retention and Deletion

We retain your information for as long as your account is active. You can request deletion of your account and associated data at any time by emailing hello@daylight.legal from the address on file. We will delete your data within 30 days of receiving a verified request, except where we are required to retain limited records for legal, tax, or fraud-prevention purposes.

Your Rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent for data processing

To exercise any of these rights, contact us at hello@daylight.legal.

Third-Party Services

We use a small set of trusted vendors to operate Daylight, including Supabase (database, storage, and authentication), Vercel (hosting), Stripe (payments), OpenAI and Anthropic (AI transcription and summarization), and Google (sign-in and analytics). These providers process data on our behalf under their own security and privacy commitments. We do not sell your personal information, and we do not share the contents of your evidence, transcripts, or journal entries with any third party except as required to operate the features you use.

Children's Privacy

Daylight is not intended for use by children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

Contact Us

If you have any questions about this privacy policy or our data practices, please contact us at hello@daylight.legal.