Privacy Policy

SpeakDiary (“we”, “us”, or “our”) is a private journaling app that helps you capture thoughts through text and voice, and optionally generate AI-powered prompts and insights.

Local-first by default: Your journal lives on your device unless you choose to enable cloud sync.

This Privacy Policy explains what information we collect, how we use it, how we share it, and the choices you have. By using SpeakDiary, you agree to this policy.

App Store & Google Play transparency: We aim for this policy to match what we disclose in App Store “App Privacy Details” and Google Play “Data safety” disclosures.

We collect the minimum data needed to provide the app. Depending on your use, this may include:

Account data - If you create an account, we collect your email address and basic account identifiers. If we support password-based login, passwords are stored using industry-standard hashing (we do not store plain-text passwords).

Journal content (sensitive by nature) - Text entries, voice recordings, transcriptions, and any media you upload.

Local-first: By default, entries are stored locally on your device. If you enable sync, encrypted copies of your entries are stored in the cloud to keep your devices in sync.

Usage & diagnostics - App interactions (e.g., which screens you use), approximate session activity, and crash/diagnostic data to improve reliability and performance.

Device & security signals - Device type, operating system version, language/region settings, IP address (typically short-lived), and security-related logs to protect accounts, prevent abuse, and maintain service integrity.

Payment data - If you subscribe, payments are processed by the Apple App Store / Google Play (or another provider if offered outside the stores). We do not store full card numbers or sensitive payment credentials.

SpeakDiary may request device permissions only when needed for a feature:

• Microphone - to record voice entries (optional).
• Photos / Media / Files - to attach media to entries (optional).
• Notifications - to send reminders or important service messages (optional; you can disable anytime in device settings).

You can use many features without enabling optional permissions, and you can revoke permissions at any time from your device settings.

End-to-End Encryption (E2EE): Your journal entries are encrypted on your device before they are saved. This applies to both local storage and cloud sync. When sync is enabled, encrypted entries are uploaded and stored in encrypted form.

Important: “End-to-end encryption” means encryption happens on your device before upload. If you reset the app or lose access to your device/account credentials, you may not be able to recover encrypted content without your recovery method (if available).

Additional Pro security: Pro plans may include extra security features (for example, enhanced access controls, advanced protection settings, and other security options surfaced in-app). The exact features available may vary by platform and plan tier.

We also use reasonable administrative, technical, and physical safeguards designed to protect your information from unauthorized access, alteration, disclosure, or destruction (for example: encryption in transit, access controls, and secure storage practices).

No system can be guaranteed 100% secure. You are responsible for maintaining the confidentiality of your login credentials and protecting access to your device.

We use your data to operate and improve SpeakDiary, including to:

• Create and maintain your account
• Store entries locally and sync them if you enable cloud sync
• Provide voice transcription and journaling tools you request
• Generate AI-powered prompts and insights (only when you use AI features)
• Send service-related messages (e.g., security notices, billing status, critical updates)
• Monitor, prevent, and investigate fraud, abuse, or security incidents
• Improve app reliability (e.g., crash fixes and performance improvements)

No selling of personal data: We do not sell your personal data.

No third-party advertising tracking: SpeakDiary does not use your journal content to serve third-party ads, and we do not share journal content with advertisers.

If you choose to use AI features (e.g., prompts, summaries, insights), we may process the text you provide (and/or a transcription of your voice entry) to generate outputs.

What we send: Only the minimum input needed to generate the requested result (for example, an entry you ask to summarize).

What we don’t do: We do not allow third-party AI providers to use your submitted content to advertise to you.

Note: AI outputs may be inaccurate or incomplete and are provided for journaling support, not medical, legal, or professional advice.

We share data only in limited situations:

• Service providers (processors) - vendors that help us run the app (e.g., authentication, cloud sync infrastructure, analytics, payments, AI processing). They may process data on our behalf under contractual obligations.
• Legal and safety - if required by law, or to protect users, prevent fraud/abuse, or respond to lawful requests.
• Business changes - if we are involved in a merger, acquisition, or sale, we may transfer information as part of that transaction (we will provide notice where required).

We do not share your journal content with third parties for their own marketing purposes.

SpeakDiary may use third-party services such as:

• OpenAI - AI features (only when you use AI tools).
• Firebase / Google - authentication, cloud sync storage, and/or diagnostics depending on your app configuration and whether you enable sync.
• Apple / Google (stores) - subscription billing and receipts when you subscribe through an app store.

Each provider operates under their own privacy policy. We select vendors carefully and limit what we send to what’s needed.

Local entries remain on your device until you delete them. If you enable sync, encrypted synced data is retained in the cloud until you delete it in the app and/or delete your account, subject to limited backup retention.

If you delete your account, we will delete or de-identify your personal data within a reasonable period (generally within 30 days), except where retention is required by law or necessary for security, fraud prevention, or backup integrity.

Backups may persist for a limited time before being overwritten as part of routine operations.

• Local-first - You can use SpeakDiary without enabling cloud sync.
• Sync control - You can enable or disable cloud sync in settings (where available).
• Export - You may request an export of your journal in a commonly used format (where available).
• Delete - You may delete entries anytime. You may also request account deletion via in-app controls (if available) or by contacting us.
• Notifications - You can disable notifications in device settings.
• AI features - You can choose not to use AI tools; journaling features remain available without AI.

Depending on where you live, you may have rights to access, correct, delete, object to processing, restrict processing, and request portability of your personal data, as well as lodge a complaint with a supervisory authority.

To exercise your rights, contact us at privacy@speakdiary.com.

If you enable cloud sync or use features that rely on third-party services, your information may be processed and stored in countries other than your own. Where required, we use appropriate safeguards for international transfers (for example, contractual protections).

SpeakDiary is not directed to children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided personal data, contact us and we will take appropriate steps to delete it.

We may update this Privacy Policy from time to time. If changes are significant, we will provide notice through the app and/or by email. The “Last updated” date reflects the latest revision.

If you have questions about privacy, data use, or deletion requests, contact us at privacy@speakdiary.com.