Legal

Privacy policy

Last updated: July 2026

PrivaLog is a private encrypted diary. This policy explains what data is processed when you use the web app or the native iOS/macOS apps.

What we process

We process your email address and account identifier for authentication. On the server we store encrypted diary entries (ciphertext), entry dates, and technical metadata such as creation and update timestamps. We do not receive readable titles, body text, mood, tags, or favorites.

Encryption

Diary content is encrypted on your device before it is sent to our database. Only you can decrypt it with your diary passphrase. PrivaLog staff cannot read your entries or reset your diary passphrase.

Data on your device

The apps may store your sign-in session, an optional device unlock secret in the system keychain, and encrypted offline copies of your entries to support offline writing and sync. Downloaded backup files remain on your device until you delete them.

Sharing and tracking

We do not sell your data. We do not use third-party advertising or analytics trackers in PrivaLog. Infrastructure is provided by Supabase for authentication and encrypted storage.

Your choices

You can export your data from the app, lock the diary on your device, sign out, or permanently delete your account from Settings. Account deletion removes your account, crypto configuration, and encrypted entries from our servers.

Contact

Questions about privacy can be sent to the PrivaLog support contact listed in App Store Connect for your region.

Back to sign in