DiaryVault is a private memory vault. Echo, your AI companion, drafts your days in your own voice from your entries, captures, and photo context. You review every draft before anything saves. Over time, approved entries grow into Eras, an Identity Snapshot, and a Year Review.

How does the Echo Agent work?

Each evening at your preferred time, Echo prepares a draft of that day. It reads your DiaryVault entries from the day, your Captures, and the time and location metadata on your photos. The draft arrives in your inbox. You can edit it, approve it to save as a journal entry, or dismiss it. Nothing saves until you approve.

What does Echo read, and what does it not read?

Echo reads your DiaryVault entries, your Captures, and the time and location metadata on photos you import. Echo does not read your calendar, email, iMessage, Slack, location pings, or browsing history. The signal sources are limited and on-purpose.

Yes. Entries are encrypted. There is no social feed by default, no ads, ever. Your data is not used to train public AI models. You control what gets approved and what gets dismissed.

What is in the Free plan vs the Agent plan?

Free includes manual journaling, basic Echo chat, basic Eras, and basic Identity Snapshot. Agent ($14.99/month or $119.99/year) adds daily text drafts in your own writing voice, full Echo insights from your approved entries, full Eras with auto-clustering, Year Review, and priority Echo.

Will Echo journal for me without my approval?

No. Every draft is review-first. For the first 21 days you must approve every draft manually. After that, if you have a strong approval history with minimal edits, you can opt into auto-approve. Defaults stay on review-first.

What languages does DiaryVault support?

11 languages: English, Korean, Japanese, Chinese, Spanish, French, Portuguese, German, Thai, Vietnamese, and Italian. Echo speaks all of them.

DiaryVault: Your life, remembered.

✦

In short

The 30-second version of everything below.

Here's what matters most:

Your journal entries belong to you. We don't sell them, we don't train AI models that other users see, and we don't share them with anyone you didn't invite.
Some content is shared by design. Shared Vaults are spaces you create with specific people, and content you add is visible to them. We tell you when something is shared.
You can export your journal content and account data, delete your account, and revoke any optional permission at any time, from inside the app.
If you ever have a question, write to stephen@diaryvault.com and a real person will answer.

The promise. DiaryVault was built so people could keep journals without surveillance. We hold that line as a product principle, not a marketing line.

◯

What we collect

Account info, your journal content, and optional context like photo metadata, calendar events you choose to share, or task lists you submit.

We collect three categories of data: information you give us directly, information collected automatically when you use the service, and optional information you grant permission for.

Information you provide

Account information: email address, name, and authentication identifiers from Google, Apple, or Microsoft if you sign in through those.
Journal entries: text content, titles, moods, tags, and the AI generation context you provide (such as photo selections or task lists in Today Mode).
Photos: images you upload directly or import from your device photo library, plus their EXIF metadata (date, location, device) when present.
Videos: video files you attach to entries or shared moments. Server-side processing extracts a thumbnail frame for preview; the original video is stored on Amazon S3.
Today Mode tasks: the daily task lists you submit are stored and processed by AI to generate journal entries. Tasks are tied to your account and visible only to you.
Shared Vault content: vaults you create or join, perspectives you add to shared moments, and any photos or videos you attach to those perspectives. See the Group content section for how this is handled.
Reflections: the user reflections you write on entries, separate from AI-generated content.
Payment information: processed through Apple App Store, Google Play, or Stripe. We never store your credit card number. Payment processors handle that directly.
Coupon codes: codes you redeem and the resulting trial state on your account.

Automatically collected

Device type, operating system, and app version
Crash reports and error diagnostics
Aggregate usage analytics (which features are used, session duration, push notification open and tap rates by trigger type), tied to your account ID for product analytics purposes only, never tied to the content of your journal entries
IP address (for security, abuse prevention, and rate limiting)
Authentication tokens (stored in your device's secure storage)

Optional, with your permission

Photo library access for photo import and Echo Agent draft generation. Scanning happens on your device; only photos you choose to import reach our servers.
Calendar events to enrich the context of generated entries
Location data from photo metadata for geocoding and mapping
Weather data fetched based on photo locations and dates
Push notifications, including device push tokens
Microphone access for voice-to-journal features (audio is transcribed and the audio file is then discarded; only the transcript is stored)

Photo scanning is local. When you import photos, your photo library is read on your device. Only the photos you select are uploaded. Echo uses photo time and location metadata, not face recognition or content analysis.

⚙

How we use it

To generate AI journal entries, derive identity insights, sync across devices, and process subscriptions. Nothing else.

We use the data you provide and the data collected automatically only for the things below. Anything not on this list, we don't do.

Generate AI journal entries from your photos, calendar events you choose to share, weather, and Today Mode task lists.
Provide Echo AI insights by analyzing patterns across your entries when you ask Echo a question.
Derive identity primitives (Identity Snapshot, Trajectory, Recurring Patterns, and Eras) from your entry history. These are computed from your data and stored on your account, visible only to you.
Translate journal entries between supported languages on demand.
Generate Year Review and Identity Snapshot share cards when you choose to export them. The image is generated client-side and shared only by you.
Sync your journal across devices via cloud storage so your data is available wherever you sign in.
Process subscription payments and coupon redemptions, including syncing subscription state across iOS, Android, and web.
Send push notifications if you opt in. These include daily prompts, On This Day memories, streak reminders, and notifications about activity in your Shared Vaults.
Detect new photos for background memory generation if you have premium and have enabled this feature.
Improve the product and AI quality using anonymized, aggregated usage data only. Never your journal content tied to your identity.
Prevent abuse through rate limiting, fraud detection, and security monitoring.

⚭

Group content

Shared Vaults are spaces you create with specific people. Content in a vault is visible to everyone in that vault, by design.

Most DiaryVault content is private to you. Shared Vaults are the exception, and they're shared by design. This section explains how that works so you can decide what to share and what to keep private.

Personal entries

Entries you create on the main timeline are visible only to you. AI processing of those entries (translation, identity derivation, Echo insights) is for your benefit and the output is stored on your account, not exposed to anyone else.

Shared Vaults

A Shared Vault is a private group space you create or are invited to. Other members of a vault can see:

The vault's name and cover photo
The list of vault members
Shared moments created in the vault and their associated metadata (title, prompt, date, location)
Perspectives that any member, including you, adds to a shared moment, including the text content, photos, and videos you attach
The username and avatar of the perspective's author

By adding a perspective to a shared moment, you are publishing that perspective to all current and future members of the vault for as long as the perspective exists.

Vault lifecycle

Leaving a vault: if you leave a vault, your perspectives that you previously added remain visible to other members. To remove your perspectives, edit them or delete them before leaving.
Vault deletion: only the original creator of a vault can delete it. When a vault is deleted, all shared moments and perspectives in that vault are removed, and other members lose access immediately.
Removing a member: only the vault creator has owner-level controls. If you are removed from a vault by the creator, you lose access to its content.

Invites

When you generate a vault invite code, anyone with that code can join the vault until you regenerate or revoke it. Codes expire after seven days. We don't reveal pending invite codes to non-owners.

We cannot control what other members do with content you share in a Shared Vault, including saving, copying, or sharing it outside the Service. Treat anything you contribute as potentially permanent and potentially redistributable.

Treat shared content as shared. Anything you add to a Shared Vault should be considered visible to everyone in that vault, now and in the future. If a memory is sensitive, write it as a personal entry instead.

⌘

Third parties

A handful of services help us host, generate AI, send notifications, and process payments. None of them sell your data.

A small number of services help us run DiaryVault. Each one receives only the data needed to perform its specific function. None of them sell your data.

Infrastructure

Amazon Web Services (AWS): hosting, databases, and S3 object storage for photos and videos. Data is stored in the United States.
Firebase Cloud Messaging (Google): push notification delivery. Receives device push tokens and the notification payload.

AI processing

When you use AI features (such as generating entries, using Echo, or translating content), relevant portions of your content, including text, images, and audio as applicable, are sent to the third-party AI providers below to generate a response.

Anthropic (Claude): AI generation for journal entries and Echo insights. We send only the minimum context needed for each request, under terms intended to restrict training on customer inputs and limit retention.
Google (Gemini): AI generation for journal entries, vision processing of photos, and translation. We send only the minimum context needed for each request, under terms intended to restrict training on customer inputs and limit retention.
Groq: low-latency AI inference for Echo and voice transcription. We send only the prompt or audio needed for each request, under terms intended to restrict training and limit retention.

Payments and subscriptions

Apple App Store and Google Play: handle subscription billing on iOS and Android. They receive payment information; we do not.
Stripe: handles web subscription billing. Stripe stores your payment method directly; we never see your card number.
RevenueCat: unifies subscription state across platforms so your premium access works on all your devices.

Authentication

Google, Apple, Microsoft: if you choose to sign in with one of these, the provider returns a verified email address and a unique identifier to us. We don't receive your password.

Compelled disclosure

We may share data with law enforcement if required by valid legal process. When permitted, we will notify the affected user.

⌬

Storage and security

Encrypted in transit, isolated per account, hosted on AWS in the United States.

Where your data lives and how we protect it.

Where it's stored

Journal entries, account data, vault content, and metadata are stored in our database on Amazon Web Services. Photos and videos are stored in S3. All of it is hosted in the United States. Each user's data is isolated at the storage layer. Your account is logically separated from every other user's account. Where required for users in the EEA, UK, or other jurisdictions, we rely on Standard Contractual Clauses or similar safeguards for international data transfers.

How it's protected

All data transmitted between your device and our servers is encrypted with HTTPS/TLS
Authentication tokens are stored in iOS Keychain or Android Keystore on your device
Per-user data isolation enforced at the database query level
Server access restricted to authorized personnel and audited
Rate limiting and abuse detection on sensitive endpoints (auth, vault joins)
Regular security review of dependencies and infrastructure
If we become aware of a personal data breach affecting your information, we will notify you where required by applicable law

Local device storage

For offline access and performance, your recent entries are cached on your device. This cache is isolated per user account and cleared when you sign out or switch accounts. Sensitive identifiers, like your photo import history, are also stored locally per account.

Retention

We keep your data as long as your account is active. When you delete your account, we delete your active data (entries, photos, videos, vault memberships, and derived identity data) within 30 days. Backup copies may persist for a limited period before being automatically removed. Aggregated, anonymized usage analytics that cannot be tied back to you may be retained.

◯

What we never do

A short list of things you don't need to wonder about.

The list of things we don't do, in plain language.

We don't sell your personal data to anyone.
We don't share your journal entries with advertisers.
We don't display advertisements in any DiaryVault product.
We don't use your entries to train AI models that other users will benefit from. Your data informs your experience only.
We don't share your data with data brokers, audience networks, or third-party trackers.
We do not access your journal entries except when necessary to operate, secure, or support the Service, or when you request a feature that requires processing your content (such as generating a translation).
We don't enable third-party analytics SDKs that profile users across other apps.

One bright line. If we ever change any of the items above, we will tell you directly through the app and by email before the change takes effect, and the policy will reflect the change with a clear date.

⌂

Your rights

Access, export, delete. From inside the app or by emailing us.

You have control over your data. Here's what you can do and how to do it.

Access: see all data we store about you. Available in the app under Settings → Account.
Export: download your full journal as JSON or text. Available in the app under Settings → Export.
Delete: permanently delete your account and all associated data. Available in the app under Settings → Delete Account, or by emailing stephen@diaryvault.com.
Opt out of optional collection: revoke calendar, location, photo library, or microphone permissions at any time through your device settings. Existing data already collected with permission is retained until you delete your account.
Withdraw from a Shared Vault: leave any vault you are a member of. Note that perspectives you previously contributed remain visible to other members unless you delete them before leaving.
Object to a specific use: if you have concerns about how your data is being used for a specific feature, contact us and we'll review your situation individually.

If you are located in the European Economic Area, the United Kingdom, or similar jurisdictions, you have the right under GDPR or equivalent law to access, correct, delete, or export your personal data, and to object to or restrict certain processing. We process your personal data based on contractual necessity (to provide the Service you signed up for), legitimate interests (to improve and secure the Service), and consent for optional categories such as calendar access, photo access, or location.

If you are a California resident, you have the right under the California Consumer Privacy Act to request access to and deletion of your personal information. We do not sell or share your personal information as defined under the CCPA.

To exercise any right under these laws, or to file a complaint with us before contacting a supervisory authority, write to stephen@diaryvault.com.

⊘

Children

DiaryVault is not for users under 13.

DiaryVault is not directed at children under 13 years of age, and we do not knowingly collect personal information from children under 13.

If we become aware that we have collected data from a child under 13, we will take steps to delete that information promptly. If you believe a child has provided us with personal information without parental consent, please contact us at stephen@diaryvault.com.

Parents in jurisdictions with stricter age requirements (such as the GDPR's default of 16, or specific country variants) should review whether DiaryVault is appropriate for their child before allowing them to create an account.

↻

Changes to this policy

We notify you of meaningful changes through the app or by email.

This policy will evolve as DiaryVault evolves. When it does, here's how you'll know.

Material changes, meaning changes that affect what we collect, how we use it, or who we share it with, will be communicated through the app and by email at least 14 days before they take effect.
Minor changes, such as clarifications, contact info updates, and formatting fixes, will be reflected in the document with an updated "Last updated" date.
The current version is always available at diaryvault.com/privacy.
Your continued use of DiaryVault after a material change takes effect indicates acceptance of the updated policy. If you do not accept a change, you may delete your account before the effective date.

DiaryVault

Privacy Policy