privacy.

Your email address. A bcrypt hash of your password (never the password itself). The text of every entry you write. The dates of those entries. Hashed session tokens for the devices you're signed in on. That's the entire list.

We don't sell or share your writing. We don't train models on it. We don't analyse it for marketing. We don't embed third-party trackers, ad pixels, or social-network beacons in the app. There are no engagement nudges, streak emails, or shareable cards generated from your content.

Entries are stored in a managed PostgreSQL database (Neon). Sessions are kept in a cookie scoped to daylogg.com and expire on a fixed schedule. Password reset links are sent by email and are valid for one hour.

You can change your password and revoke individual sessions from Settings. You can export every entry you've written as a single JSON file. You can permanently delete your account, and with it every entry and session. There's no recovery once you do.

If this policy changes in any meaningful way, we'll surface a notice in the app before the change takes effect, so you can export your data or delete your account first if you prefer.