Privacy Policy

Introduction

DiaryVault ("we", "our", "us") is a private journaling platform operated by Crene, Inc. This Privacy Policy explains how we collect, use, and protect your personal information when you use our mobile app and website at diaryvault.com.

Information We Collect

Data You Provide

• Account information (email address, name) when you sign up
• Journal entries, including text content, titles, moods, and tags
• Photos you upload or import from your device photo library
• Payment information processed through Apple App Store, Google Play, or Stripe (we do not store credit card numbers)
• Coupon codes you redeem for premium access

Automatically Collected Data

• Device type and operating system version
• App version and crash reports
• Anonymous usage analytics (features used, session duration)
• IP address (for security and abuse prevention)

Optional Data (with your permission)

• Photo library access for Import Memories and Write My Day features
• Calendar events to enrich journal entries
• Health data (steps, sleep, workouts) from Apple Health or Google Fit
• Location data from photo metadata for geocoding
• Weather data fetched based on photo locations

How We Use Your Data

• Generate AI journal entries from your photos, calendar, health, and weather data
• Provide Echo AI insights by analyzing patterns across your entries
• Translate journal entries between 11 supported languages
• Generate shareable story cards from your entries
• Sync your journal across devices via cloud storage
• Process subscription payments and coupon redemptions
• Detect new photos for background memory generation (premium feature)
• Improve our AI models and service quality (using anonymized, aggregated data only)

Data Storage & Security

Where Your Data is Stored

Your data is stored on Amazon Web Services (AWS) servers. Journal entries are stored in our database with user isolation, meaning each account's data is completely separated from other users.

How We Protect Your Data

• All data transmitted over HTTPS/TLS encryption
• Authentication tokens stored in device secure storage (iOS Keychain / Android Keystore)
• Per-user data isolation at the storage layer
• Server access restricted to authorized personnel only
• Regular security reviews and updates

Local Device Storage

Journal entries are cached locally on your device for offline access. This cache is isolated per user account and cleared on logout or account switch. Import state (processed photo IDs) is also stored locally per user.

Data Sharing

We Never:

• Sell your personal data to third parties
• Share your journal entries with advertisers
• Display advertisements in our products
• Use your entries to train AI models shared with others
• Share your data with data brokers

We May Share Data With:

• AI service providers (Anthropic Claude, Google Gemini) to generate journal entries. Only the minimum data needed is sent, and these providers do not retain your data.
• Payment processors (Apple, Google, Stripe) to handle subscriptions
• RevenueCat for subscription management
• AWS for cloud hosting and storage
• Law enforcement if required by valid legal process

Your Privacy Rights

You have the right to:

• Access all data we store about you
• Export your journal entries
• Delete your account and all associated data
• Opt out of optional data collection (calendar, health, location)
• Revoke photo library access at any time through your device settings

To exercise any of these rights, contact us at support@diaryvault.com or use the account deletion feature in the app settings.

Children's Privacy

DiaryVault is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete that information promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or by email. Your continued use of DiaryVault after changes constitutes acceptance of the updated policy.