LIFLOG Privacy Policy

LIFLOG (hereinafter referred to as "the App") values the protection of user privacy and processes personal information safely in accordance with applicable laws.

1. Personal Information Collected

(1) Automatically Collected Information

The following information is automatically collected to improve app quality and maintain service stability:

• Device Information: Device model, operating system version
• App Usage Statistics: Feature usage frequency, screen transitions, error occurrences
• App Performance Data: Crash logs (Firebase Crashlytics)

(2) User Input Information (Stored Locally, Not Transmitted to Server)

The following information is stored only on the user's device and is not transmitted to the server:

• Record text
• Tags
• Location information (when user opts in)
• Notes

(3) Paid Subscribers (When Using Cloud Features)

• Account registration: Minimum information required for login such as email address and password
• Items stored on server:
  • Content Body: User-created diaries, images, etc. are stored encrypted using E2EE, and this service does not retain the decryption key.
  • Metadata: Record time, tags, type, usage frequency, etc. may be collected and analyzed in de-identified form.

2. Purpose of Collecting and Using Personal Information

• Providing cloud synchronization features
• Responding to customer inquiries and technical support
• Error analysis and app quality improvement
• Statistical analysis and personalization features (e.g., recording habit analysis, activity feedback, etc.)

3. Legal Basis for Processing Personal Information

We process personal information based on the following legal grounds:

(1) Contract Performance (GDPR Article 6(1)(b))

• Providing core services such as record storage, backup/restore

(2) Legitimate Interests (GDPR Article 6(1)(f))

• App usage statistics analysis (for feature improvement purposes)
• Error tracking and app stability maintenance (Firebase Crashlytics)
• Service quality monitoring (Firebase Performance)

4. Disclosure of Personal Information to Third Parties

This service does not provide personal information to external parties without user consent, except when required by law.

Third-Party Service Providers

These services process data according to their respective privacy policies, and all data is provided in anonymized form.

5. Regional Privacy Policies

(1) GDPR Applicable Regions (EU/EEA/UK)

For users in regions where GDPR (General Data Protection Regulation) applies:

• Firebase Analytics/Crashlytics: Collected based on legitimate interests (right to object guaranteed)
• Transparency: Clear disclosure of data types and purposes collected

(2) Other Regions

The same privacy protection standards apply to users in regions where GDPR does not apply.

6. Retention and Deletion

(1) Free Users

• All data created in the app is stored only on the user's device, and this service does not access or store such data on the server.
• When the app is deleted, data on the device is also deleted, and no separate data deletion request is required.

(2) Paid Subscribers (When Using Cloud Features)

• Data stored on the server is completely deleted upon account deletion request, and recovery is not possible afterwards.
• Deleting the app alone does not delete server data, and a separate withdrawal request is required.
• For accounts with ended subscriptions, this service retains data stored on cloud servers for up to 30 days, and if the subscription is not resumed within that period, the data is automatically deleted.

(3) App Analytics Data

Firebase Analytics/Crashlytics (Google LLC)

• Automatically deleted after up to 14 months according to Google policy

7. Data Collection and User Control

Basic technical information and error analysis data for service provision are collected based on legitimate interests:

• App crash reports and performance data (Firebase Crashlytics)
• Basic usage statistics (Firebase Analytics - in anonymized form)

8. Data Not Collected

The following information is not transmitted to the server or collected for analysis purposes:

• Record text content
• Tag content (only tag count is collected for statistical purposes)
• GPS coordinates (only whether location is set is collected as a boolean value)
• Note content written by users

9. Privacy Protection Measures

• User content is stored encrypted using E2EE, and the decryption key is kept only on the user's device.
• Communication with the server uses secure encryption protocols such as HTTPS.
• Information stored on the server is minimized, and access control and internal permission management are applied.
• All data collected through third-party analytics tools is anonymized.
• Google data sharing settings are minimized in the Firebase Console.

10. User Rights

You may exercise the following rights:

• Right of Access: You may request access to collected personal information.
• Right to Rectification: You may request correction of inaccurate personal information.
• Right to Erasure (Right to be Forgotten): You may request deletion of personal information.
• Right to Restriction of Processing: You may request restriction of personal information processing under certain conditions.
• Right to Object: You may object to processing based on legitimate interests.
• Right to Data Portability: Users may export their data in standard format through in-app features at any time.

Contact for exercising rights: support@liflog.io

11. Privacy Inquiries

Data Protection Officer: Junghoon Lee
Email: support@liflog.io

If you have any questions about privacy processing, please contact us at the above contact information.

12. Notice of Changes

If the privacy policy is changed, the changes will be notified in advance through in-app notices or updates.