Privacy Policy — DiaryDoot

This Privacy Policy explains what information DiaryDoot ("we", "our") collects when you use our mobile app and website, how we use it, and the choices you have. If anything here isn't clear, email us at support@diarydoot.com — we'll get back to you within 24 hours.

1. What we collect

We only collect what's needed to make the app work for you:

Account info: your email address, sign-in identifier (Apple / Google), and display name.
Your diary content: the contacts you add, interaction logs (calls, WhatsApp, visits, meetings, notes), voice recordings you create, and any tags or reminders you set. This content stays linked to your account.
Subscription info: if you go Pro, Apple shares a transaction identifier with us so we can unlock Pro features. We never see your card details.
Device & usage data: app version, OS version, device model, crash reports, and anonymous usage events (e.g., "entry created") so we can fix bugs and improve the app.
Support messages: when you email us, we keep the conversation so we can help.

We do not collect your phone's contact list unless you explicitly import a contact. We do not read your messages or access your call log without permission.

2. How we use it

Sync your diary across your devices and keep it backed up.
Generate summaries and suggestions through Sarthi, our AI helper.
Unlock Pro features when you subscribe, and handle renewals via Apple.
Diagnose crashes, fix bugs, and understand which features people use.
Respond to your support requests.
Send essential service emails (e.g., receipts, security notices). We don't send marketing emails unless you opt in.

We never sell your personal information, and we never use your diary content to train AI models.

3. How Sarthi (AI) handles your data

When you ask Sarthi to summarize an interaction or suggest a next step, the relevant entries are sent to our AI provider to generate a response. This happens only when you invoke an AI feature — not in the background.

Our AI provider processes the request on our behalf under a data-processing agreement. They do not retain your content beyond what's required to serve the request, and they do not use it to train their models.

4. Who we share with

We share data only with service providers who help us run the app, and only with what they need:

Cloud hosting & database — to store your account and diary content.
AI provider — to generate Sarthi summaries when you request them.
Apple — for sign-in and subscription processing.
Crash & analytics tooling — to diagnose issues and measure usage.
Email provider — to send transactional emails.

We don't sell or rent your data. We don't share it with advertisers. If we're ever legally required to disclose information (e.g., a valid court order), we'll narrow the scope as much as the law allows.

5. Where your data lives

Your data is stored on managed cloud infrastructure in secure data centers. In transit, it's protected by TLS; at rest, it's encrypted on disk. Access to production systems is restricted to the people who need it to operate the service.

6. How long we keep it

We keep your diary content for as long as your account is active. There are two ways to leave:

Deactivate your account (Settings → Account → Deactivate): your data is preserved. Signing in again restores everything. No data is deleted.

Permanently delete your account (Settings → Account → Delete Account → Permanent): your diary content (contacts, notes, entries, transactions, voice recordings, photos, AI chat history, AI briefs) is removed from our active systems immediately. We retain a minimal record (your email and sign-in identifier) flagged as deleted, so that if you sign in again you are recognized as a new account and to prevent abuse. Subscription records are retained for Apple billing compliance.

Backups containing your data roll off on their normal retention schedule (up to 90 days).

Anonymous crash and usage logs that can't be tied back to you may be kept longer for analytics.

7. Your rights and choices

Access & export: email us and we'll send you a copy of your data.
Correction: edit any entry, contact, or profile field directly in the app.
Deactivation: open the app → Settings → Account → Deactivate. Pauses your account; signing in again restores it.
Permanent deletion: open the app → Settings → Account → Delete Account → Permanent. Removes your diary content from our active systems immediately. You can also email us and we'll do it for you.
Cancel Pro: iOS Settings → Apple ID → Subscriptions → DiaryDoot. Pro access continues until the end of the current billing period.
Microphone / notifications: you can revoke these permissions from iOS Settings at any time.

Depending on where you live, you may have additional rights (e.g., GDPR, India's DPDP Act, CCPA) to object, restrict, or port your data. Email us and we'll honor them.

8. Children

DiaryDoot is not directed to children under 13, and we don't knowingly collect data from them. If you believe a child has created an account, email us and we'll delete it.

9. Changes to this policy

If we make meaningful changes, we'll update the "Last updated" date at the top and, when the change is material, notify you in the app or by email. Continuing to use DiaryDoot after an update means you accept the revised policy.

10. Contact us

Questions, requests, or concerns? Email support@diarydoot.com. We read every message and respond within 24 hours.

DiaryDoot · Built with care in India.

Your data, your rules