Privacy Policy - LoveKeeper

TL;DR: LoveKeeper stores your relationship content (events, memories, photos) locally on your device. To support email reminders and account management, limited account data (such as your email and confirmation/deletion tokens) is stored securely on our server. We use minimal analytics to improve the app.

1. Introduction

Welcome to LoveKeeper ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we handle your information when you use our mobile application LoveKeeper (the "App").

Key Principle: Your personal data belongs to you. We designed LoveKeeper so your core relationship content remains on your device, while only limited account data is processed server-side when you use email/account features.

2. Data We Collect

2.1 Core Data Stored Locally (On Your Device)

The following core app data is stored on your device:

Events: Anniversary dates, birthdays, event names, categories, emojis, and photos
Memories: Photos, titles, descriptions, dates, and categories
Bucket List Items: Goals, descriptions, priorities, and associated photos
Reminders: Notification preferences and reminder times
App Settings: Your preferences and customizations

Important: If you delete the app or reset your device, all this data will be permanently lost unless you have created a backup.

2.2 Account & Email Data Stored Server-Side

When you provide an email address in onboarding/settings or request account deletion, we store limited account data on our server (Supabase):

Account email: Your email address
Email preferences: Opt-in and confirmation status
Security tokens: Email confirmation and account deletion tokens (one-time use)
Token timestamps: When confirmation/deletion requests were generated
Push delivery data: Push token metadata linked to your account (if available)

We do not store your events, memories, or photos on our server as part of this account system.

2.3 Analytics Data

To improve the app, we collect minimal usage data through Amplitude Analytics:

App usage: Which features you use (e.g., created an event, added a memory)
Device information: Device type, OS version, app version
Performance data: App crashes, loading times, error reports
General statistics: Session duration, feature engagement

What we DON'T collect in analytics:

Your actual event names, dates, or details
Your photos or memory content
Your email content or confirmation/deletion tokens
Your location
Your contacts

2.4 Device Permissions

The app requests the following permissions:

Camera: To take photos for your memories and events (optional, only if you use the camera feature)
Photo Library: To select existing photos from your device (optional, only if you add photos)
Notifications: To send you reminders about upcoming anniversaries and events (optional)
Storage: To save your events, memories, and photos locally on your device

You can deny any of these permissions. The app will continue to work, but some features may be limited.

3. How We Use Your Data

3.1 Local Data

Your events, memories, and photos are used solely to:

Display your content within the app
Send you reminders about upcoming events (if you enable notifications)
Provide the core functionality of the app

This data never leaves your device unless you explicitly share it (e.g., by exporting or taking a screenshot).

3.2 Account & Email Data

Server-side account/email data is used to:

Send confirmation emails and validate email ownership
Send optional reminder emails
Process account deletion requests initiated in-app
Maintain push delivery linkage for reminder infrastructure

3.3 Analytics Data

Anonymous analytics data is used to:

Understand which features are most popular
Identify and fix bugs and crashes
Improve app performance
Make decisions about new features

4. Data Sharing

4.1 Third-Party Services

We use the following third-party services:

Supabase (Database & Edge Functions)

Purpose: Store account/email records and execute confirmation/deletion flows

Data Shared: Email, email confirmation/deletion tokens, related timestamps, push token linkage

Privacy Policy: supabase.com/privacy

Resend (Transactional Email Delivery)

Purpose: Send confirmation, reminder, and account deletion emails

Data Shared: Recipient email address and email template content

Privacy Policy: resend.com/privacy

Amplitude Analytics (App)

Purpose: Anonymous usage analytics within the mobile app

Data Shared: App usage events, device/app metadata, and pseudonymous identifiers

Privacy Policy: amplitude.com/privacy

Google Analytics (Website)

Purpose: Anonymous website traffic analytics

Data Shared: Page views, referrer, browser type, general location (country level)

Privacy Policy: policies.google.com/privacy

How to opt-out: Use the Google Analytics Opt-out Browser Add-on

Firebase Cloud Messaging (Push Notifications)

Purpose: Delivering push notification reminders on Android devices

Data Shared: Anonymous device token for notification delivery

Privacy Policy: firebase.google.com/support/privacy

Web3Forms (Contact Form)

Purpose: Processing contact form submissions on our website

Data Shared: Name, email address, and message content you voluntarily provide

Privacy Policy: web3forms.com/privacy

4.2 Advertising Identifier

The Android version of the App may access the Google Advertising ID solely for analytics attribution purposes. We do not use this identifier to serve personalized ads. You can reset or disable your Advertising ID in your device settings at any time.

4.3 What We DON'T Share

We do NOT:

Sell your data to anyone
Share your data with advertisers
Access your photos or events
Share data with social media platforms
Use your data for marketing purposes

5. Data Retention

Local Data: Stored on your device until you delete it or uninstall the app
Account & Email Data: Retained while your account is active and removed after confirmed account deletion (except data required by law)
Confirmation/Deletion Tokens: One-time tokens that are cleared/invalidated after use
Analytics Data: Retained by Amplitude for up to 2 years, then automatically deleted
Crash Reports: Retained for 90 days, then automatically deleted

6. Your Rights

You have the right to:

Access: View all data stored in the app at any time
Export: Export your data (available in app settings)
Delete local content: Delete specific events, memories, or all local app content
Delete account: Initiate permanent server-side account deletion in-app (Settings → Account → Request Account Deletion)
Request Information: Contact us about your data (see contact info below)

7. Data Security

We take security seriously:

Local Storage: Your data is stored securely on your device using iOS/Android built-in security
Scoped Server Storage: Only limited account/email data is stored server-side for account features
Encrypted Connections: All communications with analytics services use HTTPS encryption
Minimal Data Collection: We only collect what's necessary to improve the app

Your Responsibility: Since data is stored locally, we recommend:
• Using device encryption (enabled by default on modern iOS/Android)
• Using a strong device passcode
• Regularly backing up your device
• Not sharing your device with untrusted persons

8. Children's Privacy

LoveKeeper is designed for adults and is not intended for children under 13 years old. We do not knowingly collect data from children under 13. If you believe a child has provided data to us, please contact us immediately, and we will delete it.

9. Push Notifications

If you enable notifications:

We use Apple Push Notification Service (APNS) for iOS and Firebase Cloud Messaging (FCM) for Android
A unique device token is generated to send you notifications
Push token metadata may be stored server-side to deliver reminders and account-related notifications
Notification scheduling for your personal event reminders is configured from app data on your device
You can disable notifications anytime in your device settings

10. Changes to This Privacy Policy

We may update this privacy policy from time to time. When we do:

We'll update the "Last Updated" date at the top of this page
We'll notify you in the app about significant changes
You can always find the latest version at this URL

Continued use of the app after changes means you accept the updated privacy policy.

11. Contact Us

If you have questions, concerns, or requests about your privacy or this policy, please contact us:

Contact Form: Use our contact form

Email: support@lovekeeper.app

Support: Visit our Support Page

Response Time: We aim to respond to all privacy requests within 72 hours.

12. Disclaimer

While we strive to protect your privacy and security, no method of electronic storage is 100% secure. We cannot guarantee absolute security of your data stored on your device.

We recommend:

Regularly backing up your device
Using device encryption
Keeping your operating system updated
Being cautious about device security

13. Compliance

This privacy policy complies with:

Apple App Store Review Guidelines
Google Play Store Data Safety Requirements