Privacy Policy

Effective Date: 2025-01-01

eDiary is a journaling, document, and personal information recording application. This Privacy Policy applies to the eDiary clients for Windows, macOS, Linux, Android, and iOS, as well as the official eDiary website and related cloud sync, AI Writing Assistant, weather, and third-party sync services.

We follow the principle of data minimisation. If you do not enable cloud sync, AI features, weather, third-party sync, Premium purchases, or website analytics, your diary entries, documents, attachments, and local settings are primarily stored on your own device and are not automatically uploaded to eDiary servers simply because you use the local journaling features.

1. Data We Collect

  • Local diary and document data: This may include diary entries, articles, documents, attachments, images, tags, templates, stationery, reminders, drafts, search indexes, local settings, and local logs. By default, this data is stored on your device or in the local file location you choose.
  • Cloud account data: When you register or sign in to eDiary cloud services, we process the information necessary to provide the service, including username, password, email address, account creation time, Premium expiry time, cloud storage allowance and usage, AI quota and usage, login sessions, client platform type, client ID, app version, and recent activity time.
  • Cloud sync data: When you choose to enable eDiary Cloud Sync, we receive sync packages, item IDs, item types, data hashes, data signatures, update counts, data sizes, and encrypted diary, document, attachment, and related sync content so that your data can be synchronised across your devices.
  • Purchase and Premium data: When you purchase Premium, redeem an activation code, or use in-app purchase, we process order time, product type, price, activation code status, receipt verification results, and the necessary information returned by the payment platform to activate Premium benefits, prevent abuse, and support after-sales verification.
  • AI Writing Assistant data: When you actively use the AI Writing Assistant, the text you enter or choose to send to AI is forwarded unchanged through the eDiary AI service to the configured AI model provider for processing. The eDiary server does not store, analyse, train on, or otherwise use the specific content you send to AI. We only record the AI request type, whether the default API key was used, input/output token counts, and quota consumption for billing, quota statistics, and troubleshooting that does not include the specific content.
  • Weather and location data: When you enable automatic weather or location-based weather, the client may request system location permission and send coordinates, a city/region code, or the request IP address to the weather service to return local weather. You can also manually choose a region to avoid using precise location.
  • Third-party sync connection data: When you use third-party sync features, we process the necessary connection information, sync configuration, and eDiary account ID according to your settings in order to connect to the third-party sync service. You can cancel or delete the related configuration in the app.
  • Device permission-related data: When you insert photos, take pictures, save images, use Face ID/Touch ID, or choose files on mobile devices, the system may request access to photos, camera, biometrics, local files, or storage. The related materials are used only for the diary and document editing actions you choose.
  • Technical logs and network information: To keep the service secure and troubleshoot problems, our servers may record request time, API name, IP address, account ID, session status, request result, error code, upload/download size, and similar technical logs. The client may also store local runtime logs on your device.
  • Website analytics data: When you visit the official eDiary website, the website may use tools such as Google Analytics to process page views, browser and device information, approximate region, referring page, and visit duration to understand website usage and improve the website experience.

2. How We Use Data

  • To provide local diary and document editing, attachment management, search, reminders, templates, import/export, backup, and restore features.
  • To provide account registration, login, automatic login, password changes, password reset, email verification codes, Premium status queries, and account deletion.
  • To sync encrypted data when you enable cloud sync, detect sync conflicts, calculate cloud storage usage, process data deletion, and restore sync status.
  • To complete Premium purchases, activation code redemption, in-app purchase receipt verification, service activation, capacity statistics, and AI quota statistics.
  • To generate, rewrite, expand, shorten, translate, summarise, or format text when you actively use the AI Writing Assistant.
  • To retrieve weather for your current or selected region and cache recent weather results in the client when you enable weather features.
  • To maintain service security, prevent abuse, troubleshoot issues, improve performance, handle support requests, and comply with applicable legal requirements.

3. Local Storage, Cloud Sync, and Encryption

  • eDiary local data is stored on your device by default. You control whether to enable a local file password, whether to back up data, where backups are stored, and whether files are exported.
  • If you do not enable cloud sync, eDiary does not upload your diary entries, documents, or attachments for sync purposes.
  • When you enable eDiary Cloud Sync, cloud sync content is stored in encrypted form. Your cloud service password is set and managed by you. We do not provide local password cracking or cloud content decryption services.
  • If you reset your cloud service password, existing cloud data may be cleared because it can no longer be decrypted with the new password. Please make sure you still have usable local data before resetting your password.
  • If you choose WebDAV, FTP, or another third-party sync location, the relevant data will be processed and stored by that third-party service. Please also read and understand its privacy policy and terms of service.

4. Permissions

  • Camera: Used to take photos and insert them into your diary or documents.
  • Photos: Used to choose images from your photo library for insertion into your diary or documents, or to save images to your photo library.
  • Location: Used to automatically retrieve local weather. If you deny location permission, you can still manually choose a region.
  • Face ID/Touch ID or device biometrics: Used to securely unlock your diary on your device. We do not use biometric data to identify you, build profiles, or upload biometric information.
  • Files and storage: Used to open, save, import, export, and back up diary files, attachments, and documents.
  • We do not request permissions unrelated to eDiary's core features. Denying optional permissions such as location, camera, or photos does not prevent you from using the local journaling features that do not depend on those permissions.

5. Third-Party Services and Sharing

  • App stores and payment platforms: Apple App Store, Google Play, or other payment/distribution platforms process purchase, refund, subscription, tax, and receipt verification data according to their own rules.
  • AI model providers: When you use the AI Writing Assistant, the eDiary server only forwards the relevant text unchanged to the configured model provider. It does not store, analyse, train on, or otherwise use that content on the server. How third parties process that content is governed by their own privacy policies and terms of service.
  • Weather providers: Weather services may use IP address, region code, or coordinates to query weather and location information.
  • Third-party sync services: WebDAV, FTP, and similar services process your connection, files, and sync data according to their own rules.
  • Website analytics services: The official website may use Google Analytics to understand website visits. You can limit cookies through your browser settings or use relevant privacy controls.
  • Except where necessary to provide the features above, comply with legal obligations, or protect users and service security, we do not sell your personal information and do not use your diary content for advertising profiling or cross-app tracking.

6. Data Retention and Deletion

  • Local data: Your local diary entries, documents, attachments, backups, and exported files are controlled by you. Uninstalling the app may not delete files you have saved to external folders, third-party storage, or backup locations.
  • Cloud sync data: You can delete sync items, sync packages, or your account in the app. When an account is deleted, we clear the cloud sync data associated with that account and delete the account record.
  • Account deletion: Mobile users can initiate account deletion in Settings, and desktop clients also provide an account deletion entry. Account deletion requires verification of your cloud service password. After deletion, Premium benefits, cloud data, cloud AI quota, and account-related information can no longer be used. We will complete deletion within a reasonable period, except for information that must be retained by law or for finance, dispute handling, or security audit purposes.
  • Password reset: To protect encrypted data, resetting your cloud service password may clear existing cloud sync data. Please make sure your local data is complete before proceeding.
  • Technical logs: Server logs, security audit records, order records, and finance-related records are retained for as long as necessary for security, troubleshooting, abuse prevention, dispute handling, tax, or legal compliance.
  • Third-party data: Data generated through app stores, AI providers, weather providers, third-party sync services, and website analytics services is also subject to the deletion and retention policies of those third parties.

7. Your Choices and Rights

  • You can choose to use only local diary and document features without creating a cloud account, enabling cloud sync, using AI, or using automatic location-based weather.
  • You can withdraw camera, photos, location, biometric, and file access permissions in system settings. After withdrawal, the corresponding features may no longer work, but unrelated features are not affected.
  • You can change your cloud password, cancel third-party sync configuration, delete cloud data, or delete your account in the app.
  • You can contact us using the contact information below to request access to, correction of, or deletion of account information we hold. To protect account security, we may need to verify your identity first.
  • If you do not agree with the processing practices of AI providers, weather providers, third-party sync providers, app stores, or website analytics services, please do not use the corresponding feature.

8. Children's Privacy

eDiary is not specifically directed to children. Minors should use eDiary with the consent and guidance of a parent or guardian. If a parent or guardian believes that a minor has provided personal information to us, please contact us using the information below.

9. Security Measures

  • We use transmission encryption, access controls, server-side permission separation, data validation, logging, auditing, and necessary security restrictions to protect the service.
  • Because internet transmission, device environments, third-party services, and user password management all involve risk, no system can be guaranteed to be absolutely secure. Please keep your local password, cloud service password, device lock password, and backup files secure.

10. Changes to This Privacy Policy

We may update this Privacy Policy due to feature changes, platform review requirements, or changes in laws and regulations. The updated policy will be posted on the official eDiary website. If there are material changes, we will notify you through the website, in-app notices, or other reasonable means.

11. Contact Us

If you have any questions about this Privacy Policy, our data processing practices, account deletion, or privacy rights requests, please contact us at support@ediary.io.