lock
TL;DR
Your diary is private. We don't collect, read, or share your personal diary entries. Everything stays on your device unless you choose to use cloud backup.
Introduction
Welcome to NoteItUP. This Privacy Policy explains how we handle your information when you use our personal diary application ("App"). We are committed to protecting your privacy and ensuring you have a secure experience.
Information We Collect
1. Data You Create
- Diary Entries: Text content, titles, dates, and mood indicators you create
- Photos: Images you attach to diary entries
- Location Data: GPS coordinates and addresses (only if you enable location tagging)
- Tags and Folders: Organizational data you create
- App Settings: Your preferences for themes, colors, and app behavior
Important: All this data is stored locally on your device. We do NOT have access to it.
2. Technical Information
- Crash Reports: Anonymous crash logs via Firebase Crashlytics to help us fix bugs
- Analytics: Anonymous usage statistics via Firebase Analytics (e.g., which features are used, not what you write)
What we DON'T collect
- We do NOT read your diary entries
- We do NOT collect personal identification information
- We do NOT track your activity across other apps or websites
- We do NOT sell or rent any data
- We do NOT use advertising networks
How We Use Your Information
Local Data Storage
- Your diary entries are stored in a local database on your device
- Photos are stored in your app's private storage folder
- Only you can access this data through the app
Optional Cloud Sync
If you choose to enable Dropbox cloud sync:
- Data is encrypted and synced to YOUR personal Dropbox account
- We do NOT have access to your Dropbox account or files
- You control the sync settings and can disable it anytime
- Data transfer uses secure HTTPS encryption
Analytics and Crash Reporting
We use Firebase (Google) to collect:
- Anonymous crash reports: To identify and fix bugs
- Anonymous usage statistics: To understand which features are used and improve the app
- No personal diary content: We never collect or see what you write
These services help us make NoteItUP better without compromising your privacy.
Data Sharing and Third Parties
We Do NOT Share Your Data
Your diary entries and personal content are NEVER shared with:
- Third-party companies
- Advertisers
- Data brokers
- Other users
- Anyone else
Third-Party Services We Use
-
Dropbox (Optional — only if you enable cloud sync)
- Purpose: Store encrypted backups in YOUR Dropbox account
- Privacy Policy: dropbox.com/privacy
- You control: Enable/disable sync, delete backups anytime
-
Firebase (Google)
- Purpose: Anonymous crash reporting and analytics
- Privacy Policy: firebase.google.com/support/privacy
- Data collected: Anonymous crash logs, feature usage statistics
- No personal diary content is ever sent
Data Security
We take security seriously:
Local Security
- Optional PIN Lock: Protect your app with a 4-digit PIN
- Biometric Lock: Use fingerprint or face recognition
- Local Encryption: Diary data stored securely on your device
Cloud Security
- HTTPS Encryption: All data transfers use secure encryption
- Encrypted Backups: Cloud backups are encrypted before upload
- OAuth 2.0: Secure authentication with Dropbox (we never see your password)
Our Commitment
- We follow industry best practices for data security
- We regularly update the app to fix security vulnerabilities
- We never build backdoors or ways to access your diary
App Permissions Explained
NoteItUP requests the following permissions to provide its features. All permissions are optional except storage (required for core functionality):
Storage / Files
- Permission: Read External Storage (Android 12 and below only)
- Why we need it: To read photos you select from the gallery on older Android versions (12 and below)
- When used: Only when you select photos to attach to diary entries
- Optional: Yes (you can still use the app without attaching photos)
- Can be revoked: Yes (photo attachment will not work on Android 12 and below)
- Privacy note: On Android 13+, we use the privacy-friendly Photo Picker which doesn't require any storage permission. Selected photos are immediately copied to the app's private storage.
Camera
- Permission: CAMERA
- Why we need it: To capture photos directly from the app to attach to diary entries
- When used: Only when you tap the camera button to take a photo
- Optional: Yes (you can still attach photos from gallery)
- Can be revoked: Yes (you can disable in system settings)
Location
- Permission: ACCESS_FINE_LOCATION, ACCESS_COARSE_LOCATION
- Why we need it: To add GPS coordinates and location names to diary entries
- When used: Only when you enable location tagging for an entry
- Optional: Yes (location tagging is completely optional)
- Can be revoked: Yes (location features will be disabled)
- Privacy note: Location data stays on your device unless you sync to cloud
Internet
- Permission: INTERNET, ACCESS_NETWORK_STATE
- Why we need it: For optional cloud backup to Dropbox and anonymous crash reporting
- When used: Only when syncing to cloud or when app crashes
- Optional: Yes (app works fully offline)
- Can be revoked: Cannot be disabled (system permission)
- Privacy note: We never send your diary content over internet without encryption
Notifications
- Permission: POST_NOTIFICATIONS (Android 13+)
- Why we need it: To send you daily writing reminders (if you enable them)
- When used: Only if you enable daily reminders in Settings
- Optional: Yes (reminders are opt-in)
- Can be revoked: Yes (disable in system settings or app settings)
Biometric / Fingerprint
- Permission: USE_BIOMETRIC, USE_FINGERPRINT
- Why we need it: To unlock the app with fingerprint or face recognition
- When used: Only if you enable biometric lock in Security settings
- Optional: Yes (you can use PIN or no lock)
- Can be revoked: Yes (biometric lock will be disabled)
- Privacy note: We don't store biometric data; we only ask the system to verify
No Account Required
NoteItUP does not require any account, email, phone number, or personal information to use. All permissions are for local device features only.
Your Rights and Control
You have complete control over your data:
Access Your Data
- View all your entries anytime in the app
- Export all data to JSON format
- No restrictions or fees
Delete Your Data
- Delete individual entries within the app
- Delete all data by uninstalling the app
- Delete cloud backups from your Dropbox account
- No data remains on our servers (we don't have servers for diary content)
Data Portability
- Export all entries to JSON format
- Take your data anywhere
- No lock-in
Opt-Out Options
- Disable cloud sync anytime
- Disable location tagging
- Disable camera access
- Disable notifications
- Cannot opt-out of crash reporting (necessary for app stability)
Children's Privacy
NoteItUP is rated for ages 3+ (PEGI 3 / Everyone). However:
- We do not knowingly collect data from children under 13
- No account or personal information is required
- Parents should supervise children's use of the app
- If you believe a child has provided data to us, contact us to delete it
Data Retention
Local Data
- Data remains on your device until you delete it
- Uninstalling the app deletes all local data
- We have no access to your local data
Cloud Backups
- Backups remain in your Dropbox until you delete them
- You control retention through Dropbox settings
Analytics Data
- Anonymous analytics data is retained by Firebase according to their policy
- This data cannot be linked back to you or your diary content
International Data Transfers
- Your diary data stays on your device (your country)
- If you use Dropbox sync, data may be transferred to Dropbox servers (varies by your Dropbox region)
- Firebase analytics data may be processed in the United States (Google's servers)
- All transfers use encryption
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do:
- We will update the "Last Updated" date at the top
- Significant changes will be announced in app update notes
- Continued use of the app means you accept the updated policy
- You can always find the latest policy at github.com/romreviewer/NoteItUP/blob/main/PRIVACY.md
Your Consent
By using NoteItUP, you consent to this Privacy Policy.
Contact Us
If you have questions, concerns, or requests about your privacy:
- Email: [email protected]
- GitHub: github.com/romreviewer/NoteItUP/issues
- Response time: We aim to respond within 48 hours
Legal Compliance
This Privacy Policy complies with:
- General Data Protection Regulation (GDPR) — EU
- California Consumer Privacy Act (CCPA) — USA
- Google Play Store Data Safety requirements
- Firebase terms of service
Transparency Commitment
We believe in complete transparency:
- Our code is open source (check our GitHub)
- You can audit what data we collect
- We explain everything in plain language
- No hidden data collection
- No shady practices
Summary
What we believe:
- Your diary is YOUR private space
- Privacy is a fundamental right
- You own your data, not us
- Transparency builds trust
Our promise:
- We will NEVER read your diary entries
- We will NEVER sell your data
- We will NEVER compromise your privacy for profit
- We will ALWAYS be transparent about any changes
Thank you for trusting NoteItUP with your personal thoughts and memories.
This policy is effective as of January 3, 2025.