Privacy Policy

Effective: May 10, 2026 · Version 1.0

One-line summary — HiDay does not have a server that processes your journal. Every entry lives on your phone. Optional features (cloud backup, AI insights) only run through your own cloud account or your own AI vendor API key. The developer (MissMrCrazy) does not have, and cannot gain, access to your journal text.

1. Controller information

The operator of this app is:

Trade name: MissMrCrazy
Representative: Hosung Song
Business registration: 731-64-00881 (Republic of Korea)
Address: 31, Hyangsoseojeong-gil, Danwol-myeon, Yangpyeong-gun, Gyeonggi-do, Korea
Contact: ilikeafrica@gmail.com

2. What we do NOT collect

HiDay does not collect, transmit, store, or process any of your journal text, voice recordings, or AI insight outputs on any developer-side server. The simple reason: no such server exists.

We also do not collect:

Identity data (name, email, phone — your in-app display name lives only on your phone)
Crash reports, usage analytics, behavioral events, advertising IDs
Location history (location is used once and discarded — see §4)
Device identifiers (IDFA, Android Advertising ID)

HiDay integrates no third-party analytics / advertising / tracking SDKs (no AdMob, Facebook SDK, Mixpanel, Amplitude, Crashlytics).

3. Information stored on your phone

The following stays on your device, in storage other apps cannot read:

Journal text: the body of each entry, timestamp, input mode (voice / text)
Entry metadata: city / district name from that day, weather condition, temperature, wind speed
Settings: display name, language, voice and background options, BYOK API keys (if any)
Recent greeting cache: prevents repeating the same greeting

Storage backends:

iOS: app-sandboxed Documents/Library + Keychain (for BYOK keys)
Android: app internal storage + EncryptedSharedPreferences (for BYOK keys)

4. Information sent off-device (only with your explicit opt-in)

(1) Coordinates → OpenWeatherMap (weather lookup)

What is sent: latitude, longitude
Purpose: today's weather
Frequency: once per app launch / refresh
Your journal text is never attached to this request.
Coordinates are not persisted on the phone — they are discarded after the call (the city name from the response may be saved with that day's entry).
You can deny location permission with no impact on journaling — only the weather chip will be empty.

(2) Journal text → OpenAI / Anthropic / Gemini (AI insights, BYOK only)

What is sent: the journal text(s) you specifically requested an insight for
Precondition: you supplied your own API key and turned the feature on
Path: phone → vendor's official API directly. No first-party server proxies this.
Data handling on this path is governed by the chosen vendor's terms (not ours).
If AI features are off, no calls are made.

(3) Backup file → your Google Drive (optional)

What is sent: a single AES-256-encrypted file (.hiday-backup), keyed by a 6-digit PIN you choose
Where it lands: your own Google Drive App Folder — a per-app sandbox not shared with other apps or accounts
Key derivation: PIN → PBKDF2 (100k iterations) → 256-bit key. The key is never stored on the phone or in the cloud — it is derived only when you enter the PIN.
The developer cannot access this file (only your Google account has the entitlement).
If you forget the PIN, the backup is unrecoverable — the developer cannot help.

(4) Gemini TTS API (high-quality voice greeting, BYOK only)

What is sent: the greeting sentence to be synthesized
Precondition: you supplied a Gemini API key and turned high-quality TTS on
When off, only the OS's built-in TTS runs and no call leaves the device

5. Permissions

Location (when in use): weather lookup only — denial is fine
Microphone: only while you tap "I'll speak" to record a voice entry — audio is converted to text by the OS-provided STT and immediately discarded; no audio file is retained (subject to OS-level voice-data policies)
Notifications: optional journal reminders
Internet: used only for the off-device calls listed in §4

6. Your rights

Because the developer does not retain your data, the access / rectification / deletion requests typically directed at a controller have no developer-side target. You can perform all of these directly, instantly, without consent from anyone:

Access: open the entry list inside the app
Rectify: use "Add a line" or edit on each entry's detail screen
Delete: trash icon at the bottom-right of an entry's detail, or uninstall the app
Portability: Settings → Backup → Manual export (JSON file)

7. Security measures

BYOK API keys stored in iOS Keychain / Android EncryptedSharedPreferences
Backup file encrypted with PBKDF2 + AES-256-GCM (PIN-derived key)
All off-device API calls use HTTPS (TLS 1.2+)
Zero third-party tracking SDKs
Vulnerability reports welcome at ilikeafrica@gmail.com — coordinated disclosure committed

8. Children's data

HiDay is not directed at children under 14. That said, since the developer collects and retains no user data at all, the same protection applies regardless of age.

9. Changes to this policy

This policy may be updated as features change. Material changes will be announced in-app and on missmrcrazy.com at least 30 days before the new effective date.

10. Contact

For privacy questions, write to ilikeafrica@gmail.com.