1. What we collect
We collect only what we need to run the service:
- Account data: display name, email from Apple/Google Sign-In, profile avatar, subscription status, and pairing state.
- Encrypted content: drawings, captions, photo attachments (Premium), mood tags, daily challenge completions, reactions, and streak data. All content objects and widget payloads remain encrypted end-to-end using AES-256-GCM with ECDH key exchange.
- Usage data: challenge completions, mood selections, reaction counts, notes sent/received counts, and streak progress (for gamification features).
- Device & diagnostics: push notification tokens, app version, analytics events (screen views, feature usage, paywall performance), crash reports, and App Check attestation for security.
- Support conversations: anything you send to hello@duonota.app or through in-app feedback.
2. How we use data
- Sync notes, drawings, photos, moods, reactions, and widgets between paired devices in near real-time.
- Maintain encryption keys, challenge completion state, streak progress, and subscription entitlements.
- Enable gamification features: daily challenges, mood tracking, streak counters, and milestone celebrations.
- Deliver personalized daily challenge prompts based on your premium status.
- Prevent abuse (rate limits, App Check) and keep the service reliable.
- Understand which features are used so we can improve DuoNota.
We do not sell personal information or share it with advertisers.
3. Storage & security
Firebase (Google Cloud) hosts authentication, Firestore, Storage, Cloud Functions, Messaging, Analytics, and Crashlytics. iOS extensions store widget data inside an App Group.
- Per-pair ECDH keys live in Secure Enclave/Keychain (iOS) or Android Keystore.
- AES-256-GCM encrypts widget JSON, drawings, photos, and all note content before upload.
- App Check (Apple App Attest / DeviceCheck, Play Integrity) protects APIs from abuse.
- Automatic file deletion: Encrypted drawing and photo files in Firebase Storage are automatically deleted after 7 days for storage optimization and privacy. Note metadata, text, reactions, moods, and challenge completions remain available in Firestore and local History Vault.
- You can delete everything instantly from Account Settings → Delete Account.
4. Third parties
- Google Firebase (auth, data, messaging, analytics, crash reporting) – privacy policy
- Apple Sign In / Google Sign-In for authentication.
- Superwall + StoreKit / Google Play Billing for paywalls and in-app purchases.
- Apple WidgetKit + Notification Service Extension for iOS widget delivery and push notifications.
We do not share decrypted content with any third party. Firebase stores encrypted blobs that cannot be read without your device keys.
5. Features & data handling
Daily Challenges: Your challenge completions, progress, and statistics are stored in Firestore to track your level and unlock new challenges. Challenge data is visible to your partner.
Mood Tracking: Mood selections (e.g., "In Love," "Happy," "Missing You") are stored with each note to enhance emotional context. Moods are visible to your partner.
Reactions: Emoji reactions to notes are stored in Firestore and synced in real-time. Both partners can see reactions.
Streak Tracking: Daily note-sending streaks are calculated from Firestore timestamps. Streak data is shared between partners.
Photo Uploads (Premium): Photos from your camera roll are compressed, encrypted with AES-256-GCM, and uploaded to Firebase Storage. Photos are automatically deleted after 7 days.
History Vault (Premium): Notes are stored locally on your device for unlimited offline access. Local storage is managed by the app and not shared with any service.
6. Your choices & rights
Everyone can access, update, or delete their data by visiting the in-app profile screen. If you live in the EEA/UK you also have GDPR rights (access, correction, deletion, restriction, portability, objection). California residents have CCPA rights (know, delete, opt-out—DuoNota does not "sell" data, but we will honor opt-out requests).
To exercise your rights, email hello@duonota.app or use Account Settings → Delete Account to remove all data immediately.
7. Data retention
We keep account data while you actively use DuoNota. Deleting your account removes:
- Profile information and authentication records
- Encrypted notes, drawings, and photos from Firebase Storage
- Pairing data, challenge progress, streak data, and mood history
- Subscription state and premium entitlements
Deletion is immediate from production systems; backups recycle within 90 days. Aggregated analytics may persist in anonymized form.
Automatic Storage Cleanup: Encrypted drawing and photo files are automatically deleted from Firebase Storage after 7 days. This applies to all users and helps optimize storage costs while protecting privacy. Note metadata (text, reactions, moods, timestamps) remains available in the app.
8. International transfers
Data may be processed in the United States or other regions where Firebase operates. Google's Data Processing Addendum and Standard Contractual Clauses cover cross-border transfers.
9. Children
DuoNota is not directed to children under 13 (or the minimum age required in your country). If you believe a minor has provided data, email hello@duonota.app so we can remove it.
10. Changes
We will post updates here, update the "Last updated" date, and highlight major changes in-app. Continued use after an update means you accept the revised policy.
11. Contact
Email hello@duonota.app for privacy questions or data requests.
Mailing address: DuoNota / Sukhjinder Singh, San Francisco, CA, USA