Life Log - Privacy Policy Supplement
Effective Date: June 28, 2026
Last Updated: June 28, 2026
This Privacy Policy Supplement is specific to Life Log and supplements WagDev LLC's general Privacy Policy and Data Security Standards.
1. Life Log Data Collection
1.1 Information You Provide
Basic Account Data:
- Email address (for authentication)
- Authentication method (email/password, Google Sign-In, or Apple Sign-In)
Life Log Entries (All Users):
- Entry dates, titles, and descriptions
- Selected categories
- Entry creation and modification timestamps
Premium User Data:
- Photos attached to entries
- Group log membership information
- Custom category names
1.2 Automatically Collected Data
App Analytics (via Firebase):
- App usage patterns (screens viewed, features used)
- Device information (type, OS version)
- Crash reports and performance data
- General location (country/region level only)
Premium Feature Usage:
- Storage usage metrics
- Group log activity levels
2. How Life Log Uses Your Data
2.1 Core Functionality
- Entry Storage: Your entries are stored in Firebase Firestore
- Photo Storage: Premium users' photos are stored in Firebase Storage
- Synchronization: Data syncs across your devices when logged in
- Group Logs: Shared entries are accessible to all group members
2.2 Service Improvement
- Anonymous analytics help us understand which features are popular
- Crash reports help us fix bugs and improve stability
- Usage patterns inform future feature development
3. Data Sharing Specifics
3.1 Group Log Sharing (Premium)
- When you join a group log, all members can see entries in that shared log
- Group members have full access to add, edit, or delete shared entries
- Your personal log remains private unless you explicitly share entries
- You control which entries go in shared vs. personal logs
3.2 Third-Party Services
Firebase (Google):
- Stores all your entries and photos
- Provides authentication services
- Processes analytics data
- Subject to Google's privacy policy
Apple (Sign in with Apple):
- Processes Apple Sign-In authentication
- May return a private relay email in place of your real address
- Subject to Apple's privacy policy
RevenueCat (Subscription Management):
- Manages subscription billing and receipt validation on our behalf
- Receives anonymized purchase data from Apple and Google
- Does not have access to your entry content or personal data
- Subject to RevenueCat's privacy policy
Apple App Store and Google Play (Payments):
- On iOS, purchases are processed by Apple via the App Store
- On Android, purchases are processed by Google via the Google Play Store
- We only receive confirmation of successful payments
- We never see your credit card information
3.3 What We Don't Share
- We don't sell your personal data
- We don't share your entries with advertisers
- We don't use your content for marketing
- We don't share personal logs with other users
4. Your Privacy Controls
4.1 In-App Controls
- Export Data: Download all your entries and photos (premium)
- Delete Account: Permanently remove all your data
- Leave Group Logs: Remove yourself from shared logs
- Manage Categories: Control your organizational system
4.2 Data Portability
- CSV export includes all text data
- Premium users can export photos with their entries
- Exports are generated on-demand for data freshness
4.3 Deletion Rights
- Delete individual entries anytime
- Delete your entire account through settings
- Request deletion assistance at privacy@wag.dev
- Note: Shared group log entries remain for other members
5. Data Retention
5.1 Active Accounts
- Your entries are retained as long as your account is active
- Photos are retained while you have an active premium subscription
- Analytics data is anonymized after 14 months
5.2 After Account Deletion
- Personal entries are deleted immediately
- Your contributions to group logs remain for other members
- Anonymized analytics may be retained for service improvement
- Payment records retained as required by law
5.3 Subscription Changes
- Downgrading from premium retains your photos for 30 days
- After 30 days, photos may be deleted if storage limits are exceeded
- Text entries are always retained regardless of subscription status
6. Children's Privacy
Life Log is not intended for children under 13. If we learn a child under 13 has created an account:
- We will delete the account immediately
- We will remove all associated data
- Parents may contact privacy@wag.dev to ensure deletion
7. Security Measures
Life Log implements security through:
- Firebase's enterprise-grade infrastructure
- Encryption in transit and at rest
- Firebase Security Rules preventing unauthorized access
- Regular security updates and monitoring
See our Data Security Standards for complete details.
8. Location Information
- Life Log does not access precise GPS location
- Firebase Analytics may collect general location (country/region)
- Location data is used only for anonymous analytics
- We cannot track your specific location
9. Photos and Media (Premium)
9.1 Photo Processing
- Photos are uploaded directly to Firebase Storage
- We don't analyze or scan photo content
- Photos are encrypted in storage
- Only you (and group members for shared logs) can access your photos
9.2 Storage Considerations
- Photos count against storage limits (limits may be implemented)
- We may compress large photos to optimize storage
- Original photos are preserved when possible
10. Marketing and Communications
10.1 What We Send
- Essential service updates (security, major changes)
- Subscription-related notifications
- Response to support requests
10.2 What We Don't Send
- Marketing emails (unless you explicitly opt-in)
- Promotional messages about other apps
- Third-party advertisements
11. Encryption & Data Security
This section explains, in plain language, how Life Log encrypts your content and — just as importantly — what our encryption does not do.
11.1 How Your Entries Are Encrypted
Life Log encrypts the content of your entries (such as entry text and descriptions) so that the underlying database does not store them in a readable form.
- Encryption at rest (AES-256-GCM): Entry content is encrypted before it is written to storage using AES-256-GCM, a strong, industry-standard encryption method.
- Envelope encryption with a managed key: We use "envelope encryption." Your content is encrypted with a Data Encryption Key (DEK), and that DEK is itself protected ("wrapped") by a key managed in Google Cloud's Key Management Service (KMS). This is a managed-key model — the keys are held and managed on our infrastructure, not stored on your device or held only by you.
- What this protects against: Because content is encrypted at rest, someone who obtained only a copy of the raw database — without the corresponding key-management access — would not be able to read your entry content.
11.2 What This Is, and What It Is Not
We want to be clear and not overstate our protections.
- This is not end-to-end encryption, and it is not "zero-knowledge." Because the encryption key is managed on our infrastructure (KMS-wrapped) rather than held only by you, we — as the service operator, using our Google Cloud and key-management access — can decrypt your entry content.
- Why we use a managed-key model: This design lets us provide seamless account recovery and synchronization across your devices without requiring you to manage, remember, or risk losing an encryption key. If we used end-to-end encryption with keys only you held, losing that key would mean permanently losing access to your entries.
- Practical meaning: Your content is protected from a database-only breach and from unauthorized access, but it is not technically hidden from us. We do not claim that we are technically unable to access it.
- How we limit access: Decryption of your content is performed by our backend service under restricted, role-based access to the key-management system. Our personnel do not have standing access to your decrypted content; obtaining such access requires a deliberate, privileged action that is restricted to authorized individuals and logged. See our Data Security Standards for more on these controls.
11.3 What Is Not Encrypted (Metadata)
Encryption applies to the content of your entries. Certain metadata is stored in plaintext (unencrypted) so the app can function, including:
- Timestamps (such as when an entry was created or modified)
- The date an entry is about
- The category an entry is filed under
- Document and record identifiers
- Workspace and group log membership information (who belongs to which shared log)
- Similar structural and organizational metadata
This means that, even though your entry content is encrypted at rest, information about the existence, timing, dates, categorization, and grouping of your entries is stored in readable form.
11.4 Summary of What We Can and Cannot See
- We can, by design, decrypt your entry content using our managed key-management access — though we restrict and log such access as described above.
- We can see metadata such as timestamps, entry dates, categories, identifiers, and group log membership, which are stored unencrypted.
- We cannot see your authentication passwords (managed by Firebase Authentication) or your payment card details (handled by the app stores and RevenueCat).
For more on our overall security practices and operator access controls, see our Data Security Standards.
12. Privacy Contact
For Life Log privacy questions:
- Email: privacy@wag.dev
- Response time: Within 3 business days
For urgent privacy concerns:
- Email: support@wag.dev
- Mark subject as "Urgent Privacy Issue"
This Privacy Policy Supplement should be read together with WagDev LLC's general Privacy Policy and Data Security Standards for a complete understanding of our privacy practices.