Skip to content
LogDate
Get LogDate
Last updated: April 19, 2026

Privacy Policy

LogDate is a journal. The contents of your journal belong to you. This policy explains what we collect, why we collect it, and the choices you have.

1. Cloud is optional

You can use LogDate without creating an account. When cloud sync is off, every entry, photo, video, voice note, and settings preference stays on your device. LogDate does not upload anything to our servers in that mode, and there is nothing on our side to hand over in response to a lawful request.

If you choose to create an account, you can turn cloud sync back off at any time. Your existing data remains accessible on each device that already has it.

2. What we collect when you sign in

When you create a LogDate account and enable cloud sync we store, on servers we operate:

  • Your encrypted journal entries, journal organization, and associated media blobs.
  • The public portion of any passkey you register, so you can sign in again from another device.
  • A verified email address, if you choose to add one for account recovery.
  • Device identifiers used to deduplicate sync activity and surface signed-in devices to you.
  • Basic service telemetry (request timing, error rates) used to diagnose outages. This does not include the contents of your entries.

Media uploaded to the cloud is encrypted on your device before it leaves. Our storage retains the ciphertext and the minimum metadata needed to serve it back to you.

3. Third-party services

LogDate integrates with a small set of providers only where the provider is required to deliver a feature you asked for:

  • Stripe and Google Play Billing process subscription payments and send webhook events back to LogDate so we can unlock paid features on your account. We never receive your card number.
  • Google Identity (Sign in with Google) issues the ID token we verify when you sign in with a Google account. We do not request or store access tokens to your Google data.
  • Google Cloud Platform hosts the LogDate-operated infrastructure (Cloud Run, Cloud Storage, Secret Manager). Data residency is US (us-central1) by default.

If you self-host LogDate, none of these integrations apply unless you enable them on your instance.

4. Your rights and choices

You can, at any time:

  • Export your journal to a portable archive from the app.
  • Delete your account. Requesting deletion permanently removes your account row and, with it, all entries, journals, media, backups, and passkey records tied to it. Deletion cascades across our database and object storage. We do not hold tombstones of deleted content.
  • Revoke a device. Signing out a specific device invalidates its session and any passkeys bound to it; the remaining devices are unaffected.
  • Disable cloud sync. Subsequent entries remain on the device they were created on.

Residents of jurisdictions that grant additional rights (GDPR, CCPA, etc.) may exercise them by contacting us at the address below.

5. Retention

Account data is retained for as long as your account is active. If you delete your account, the record is removed on the next database transaction and associated blobs are scheduled for deletion within 24 hours. We retain anonymized, aggregated service telemetry for up to 90 days for capacity planning.

6. Security

Transit is encrypted with TLS. Journal media is encrypted client-side before upload. Passkey challenges use strict WebAuthn verification and are bound to the logdate.app relying party. JWT signing secrets, database credentials, and third-party webhook secrets live in Google Secret Manager and are scoped to the Cloud Run runtime service account.

No system is impregnable. If we ever learn of a material security incident affecting LogDate accounts, we will notify affected users and describe the impact and our response.

7. Children

LogDate is not directed to children under the age of 13 (or the minimum age of digital consent in your jurisdiction). If you believe a child has created an account, contact us so we can remove the account and the associated data.

8. Changes to this policy

When this policy changes materially, we will update the “Last updated” date above and, where we can, notify signed-in users in the app. Using LogDate after a change constitutes your acceptance of the revised policy.