Privacy Policy

Effective Date: 2025-01-01

At eDiary, we are deeply committed to safeguarding your privacy and the confidentiality of your personal information. Our mission is to provide you with a secure and trustworthy digital journaling experience. This Privacy Policy elucidates how we handle your data, both locally on your device and, for our members, in the cloud. By utilizing eDiary, you consent to the practices delineated in this Privacy Policy.

1. Information Collection and Usage

To provide a high-quality journaling and synchronization service, we collect certain information as defined below:

  • Personal Information: We collect your email address when you register an account to manage your eDiary Premium subscription and facilitate data synchronization.
  • User-Generated Content: When you use our Cloud Sync service, your diary entries, notes, and attachments are transmitted to our servers. Under privacy regulations, this is considered "collected data." However, this data is fully encrypted.
  • Subscription Data: We process information related to your subscription status. Payment processing is handled by third-party services (e.g., Google Play Billing, Apple In-App Purchase); we do not store your credit card or financial details.

2. Data Storage and Encryption

a. Local Storage:
All data generated within eDiary is encrypted locally on your device before storage. This ensures that your diary entries, notes, and other sensitive information remain confidential and inaccessible to unauthorized parties, even if they have access to your hardware.

b. Cloud Synchronization:
For users who opt for Cloud Sync, we offer a secure solution to keep your diary entries synchronized across multiple devices. Data synchronized to our cloud servers is encrypted, utilizing your unique cloud service password as the encryption key. This ensures that only you can access and decrypt your data, and we, as the service provider, do not have the capability to view or utilize your personal information.

c. Optional WebDAV Sync:
If you choose to use WebDAV for synchronization, your data is transferred directly to your own third-party storage provider. eDiary does not host or collect data synchronized via WebDAV.

3. AI Writing Assistant

eDiary offers an AI Writing Assistant to augment your writing experience. This feature utilizes advanced Large Language Models (LLMs) provided by third-party AI service providers (such as OpenAI, Anthropic, Google, or other industry-leading AI developers). When you engage with the AI Writing Assistant, your interactions are facilitated through a secure connection to these service providers. It is important to note that while your data is transmitted securely, it is processed by the respective third-party provider during the interaction to generate the requested response.

Privacy Considerations for AI Services:

  • Data Processing by Third Parties: As the interaction occurs through third-party APIs, your inputs and any associated context provided to the assistant may be processed by these service providers in accordance with their own privacy policies and terms of service. eDiary does not have access to, nor control over, the internal data handling and retention practices of these third-party AI providers.
  • eDiary's Role as Intermediary: eDiary serves solely as a secure intermediary, facilitating the technical connection between your device and the AI service provider. We do not permanently store, retain, or utilize any text or data related to your interactions with the AI Writing Assistant for our own secondary purposes or for model training.
  • Encryption in Transit: We ensure that all data sent to AI service providers is protected using industry-standard encryption (HTTPS/TLS) during transmission to prevent unauthorized interception.
  • Platform Availability Note: Please note that the AI Writing Assistant is currently available on the desktop (Windows, macOS) of eDiary. This feature is not currently included in the Android and iOS application.

4. Data Retention and Account Deletion

We retain your encrypted data and account information only for as long as your account is active or as needed to provide you with services. Once your account is no longer required, we provide transparent and accessible methods for you to request the permanent removal of your data.

Right to Deletion: In compliance with global privacy standards and mobile app store policies, you have the right to delete your account and all associated data at any time. eDiary provides several convenient ways to exercise this right:

  • In-App Self-Service (Desktop): For Windows and macOS users, you can permanently delete your account directly through the "Account Information" panel within the application.
  • In-App Self-Service (Mobile): For Android and iOS users, the account deletion option is readily available within the "Settings".
  • Online Request: You may also submit a formal account deletion request through our dedicated web portal at: https://ediary.io/delete-account.php.

Processing and Impact: Requests submitted through our online portal will be processed by our team within 3 business days. When you perform a self-service deletion within the app, the process is initiated immediately.

Once an account is deleted, your account profile, subscription records, and all encrypted journal data stored on our servers will be immediately and permanently removed. Please be aware that this action is irreversible, and due to our zero-knowledge encryption, we cannot recover any data once it has been purged from our systems.

5. Encrypted Data Storage and Server Role

In providing data synchronization services, eDiary's servers do store your data, but crucially, this data is encrypted. Your diary entries, notes, and other personal information are encrypted using your cloud service password as the encryption key before being uploaded to the server. This ensures that only you, with the corresponding decryption key (your cloud service password), can access and decrypt your data.

It's important to note that our servers act solely as intermediaries for data storage and transmission. They do not have the capability to decrypt or access your personal data. Our system design prioritizes the security of your data both in transit and at rest, safeguarding against unauthorized access or breaches.

By adopting this encrypted storage mechanism, we uphold your data privacy and security while delivering a seamless data synchronization service that allows you to access and manage your diary content across multiple devices effortlessly.

6. Privacy and Data Protection Commitments

We are steadfast in maintaining the highest standards of privacy and data protection. We regularly review and enhance our security measures to safeguard against unauthorized access, use, alteration, or destruction of your personal information.

7. Children's Privacy

eDiary is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children. If we become aware that a child under 13 has provided us with personal data, we will take immediate steps to delete such information and terminate the account.

8. User Responsibilities

It is your responsibility to keep your device and cloud service password secure. Sharing your password with others or failing to protect it could compromise the security of your data.

9. Changes to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, technologies, or legal requirements. Any significant changes will be communicated to our users through the app or via email. By continuing to use eDiary after such changes are made, you agree to be bound by the revised Privacy Policy.

10. Contact Us

If you have any questions, concerns, or wish to report a privacy-related issue, please contact us at support@ediary.io. We are dedicated to addressing your concerns and ensuring that your privacy is protected.

11. Additional Information

Please note that while we take every measure to protect your privacy, no system can be 100% secure. By using eDiary, you understand and accept that there are inherent risks associated with digital storage and transmission of personal information.

Thank you for choosing eDiary. We are committed to providing you with a secure, private, and enjoyable journaling experience.