Pack Your Day Privacy Policy

1. Who We Are

Pack Your Day is a productivity and journaling app published by Kid Apps. If you have questions about this Privacy Policy or your data, you can contact us at kidapps2019@gmail.com.

2. Summary of What the App Does With Data

3. Information We Collect

A. Information you create in the app

• Task titles, notes, task durations, subtasks, reminder settings, and schedule data.
• Habit streak names, targets, completion counts, and highlight status.
• Journal entries, journal titles, and journal tags.
• Upcoming feature votes/claps and comments that you choose to submit.
• AI motivational quote preferences such as your name, goals, tone, and optional custom prompt text.

B. Information collected automatically

• App usage analytics events, screen views, and feature interaction metrics.
• Crash diagnostics and error reports.
• Technical information such as platform type, app version, device state relevant to debugging, and event metadata.

C. Information collected only if you choose optional online features

• Google account sign-in information, if you choose to use Google sign-in.
• Encrypted journal records and related sync metadata, if you choose to use Journal Sync.
• An app-level Journal Sync account record, including an internal sync userId mapped to your current Firebase Authentication account, if you enable Journal Sync.
• Cloud or Firestore-backed data for online features such as Journal Sync, upcoming feature submissions, and certain account-linked functionality.
• Purchase and subscription status information handled through app-store billing systems and RevenueCat, if you choose to buy premium features or Journal Sync.

4. How We Use Your Information

• To provide the core scheduling, journaling, reminder, and habit tracking features of the app.
• To save your preferences and preserve your data on your device.
• To generate motivational quotes that are personalized to the preferences you choose to provide.
• To measure feature usage, improve the app, understand stability, and prioritize future development.
• To investigate crashes, bugs, and reliability issues.
• To support optional account and online features when you choose to use them.

5. Journal Encryption and Privacy

Pack Your Day includes a journal security feature designed to protect journal content on your device and during optional Journal Sync. Journal protection is implemented in the app itself rather than relying only on operating-system storage or cloud account access.

How journal encryption works

• Your journal content, journal title, and journal tags are encrypted before being stored using AES-GCM with a 256-bit key.
• When you set a journal password, the app generates a random journal master key on your device.
• Your password is processed through PBKDF2-HMAC-SHA256 with 120,000 iterations and a unique random salt to derive an encryption key.
• The derived key is used to encrypt the journal master key. The password itself is not stored in plain text.
• A recovery key is also generated, and the same master key is separately wrapped for recovery-key access.
• If you enable Journal Sync, the cloud stores encrypted journal payloads plus encrypted key-wrapping material and limited sync metadata needed to restore and resolve cross-device conflicts.
• Journal Sync uses an app-level sync account record that maps your current Firebase Authentication account to an internal sync userId. Synced journal data is stored under that app-level identifier rather than depending only on the raw Firebase Authentication UID.
• The app keeps the decrypted master key only in memory for the active unlocked session. When the session is locked, that in-memory key is cleared.

What this means for privacy

• We do not use journal text for advertising, analytics profiling, or AI quote generation.
• We do not intentionally transmit journal contents to Firebase Analytics or Crashlytics.
• Journal text, titles, and tags are intended to remain private to the user and protected by app-managed encryption when the journal security feature is enabled.
• When Journal Sync is enabled, the synced cloud copy is designed to remain encrypted before upload so that a plain-text copy of your journal is not intentionally stored in the sync backend.
• Without the journal password or recovery key, previously encrypted journal data may become unreadable because the old key is no longer available.
• If a user resets journal security without providing the recovery key, the app may delete existing journal entries before applying the new password so old encrypted journals are not left inaccessible.

No security method can promise absolute security, but this design is intended to minimize exposure of journal content and align with modern privacy and user-control expectations.

6. Data Storage

Local storage on your device

The app primarily stores the following data locally on your device:

• Packed day schedules and task data
• Habit streaks and completion history
• Journal entries and journal metadata
• Journal security configuration and encrypted key material
• Motivational quote preferences and cached quote batches
• Purchase state, app settings, coach marks, Live Activity preferences, and debug/test preferences

Remote storage and processors

Some data may be processed or stored by the following services when relevant features are used:

• Firebase Analytics for usage measurement
• Firebase Crashlytics for crash and error diagnostics
• Firebase Authentication for optional sign-in
• Cloud Firestore for Journal Sync data, Journal Sync account records in /pyd-users, upcoming feature feedback, and certain account-linked records
• Firebase AI / Google AI services for motivational quote generation
• RevenueCat for purchase, subscription, entitlement, and subscription-management processing

7. Analytics and Crash Reporting

Firebase Analytics

We use Firebase Analytics to understand how people use Pack Your Day. This may include events such as screen views, paywall opens, task completion, habit creation, journal opens, timer usage, and feature interactions.

• We use analytics in an anonymous product analytics style.
• We do not intentionally send journal content, journal titles, journal tags, or other private free-form journal text to Analytics.
• Analytics data may include event metadata, device/platform category, premium entitlement state, app settings state, and feature usage counts.

Firebase Crashlytics

We use Firebase Crashlytics to detect crashes, diagnose app stability issues, and improve reliability. Crash reports may include stack traces, device context, app version, and diagnostic logs that help identify the cause of an issue.

• We do not intentionally include journal content in Crashlytics reports.
• Some technical logs may include operational context needed for debugging, but the app is designed to avoid sending sensitive journal text.

8. AI Motivational Quotes and Personal Data

Pack Your Day offers AI-generated motivational quotes. To personalize those quotes, the app may use data that you choose to provide, including your name, goals, preferred tone, and an optional custom prompt.

• This personalization data may be sent to Firebase AI / Google AI services to generate quotes.
• The app stores your quote preferences locally and may cache quote batches on your device.
• The app may display generated quotes inside the app, notifications, reminders, timers, and live activity surfaces.
• Journal entries are not used as quote-generation input unless you explicitly add such content to your own custom prompt.

Because AI systems process prompt data to generate results, you should avoid entering sensitive personal information into optional AI prompt fields unless you are comfortable doing so.

9. Optional Sign-In and Online Features

• If you use Google sign-in, authentication is handled through Firebase Authentication and Google sign-in services.
• Journal Sync is an optional account-linked feature. It requires Google sign-in and eligible premium access before encrypted journal data is synced across devices.
• When Journal Sync is enabled, the app may create a Journal Sync account record in /pyd-users and use a stable internal userId to organize encrypted sync data in Cloud Firestore.
• If different devices have different journal encryption states or different cloud/local journal histories, Journal Sync may pause and ask you to resolve the conflict before syncing continues.
• You may be able to change the sign-in credentials linked to your Journal Sync account after verifying your current journal password or recovery key.
• If you submit upcoming feature claps/comments or use similar online features, those submissions may be stored in Cloud Firestore.
• Comments you submit for upcoming features are user-provided content and may be visible to the app operator for product planning and support purposes.
• Some cloud-linked functionality may vary by app version, platform support, purchase state, and account sign-in status.

10. Purchases and Subscriptions

• Premium purchases and subscriptions are processed through Apple App Store or Google Play billing systems.
• The app also uses RevenueCat to help validate purchases, manage entitlements, restore purchases, and show subscription-management interfaces.
• Purchase-related data may include app user identifiers, product identifiers, entitlement status, subscription expiration dates, and store management URLs.
• We do not receive your full payment card details through the app. Billing is handled by the platform store and its payment systems.

11. Permissions and Device Access

Notifications and alarms

The app may request notification-related permissions so it can send task reminders and alarms. On Android, the app may also request exact alarm and full-screen intent capabilities where supported for alarm behavior.

Live Activities

On supported iOS versions and devices, the app may use Live Activities to show current task information on the Lock Screen or Dynamic Island. Live Activity availability depends on iOS/device support and your system settings, and it can be turned off from the app settings when available.

Location access

The app does not request or use precise location, approximate location, GPS, Bluetooth location, Wi‑Fi location, background location, or geofencing permissions. The app’s time-based behavior uses your device date/time and timezone handling, not your geographic location.

Other sensitive permissions

The app does not request access to your contacts, photos, microphone, camera, or device location for the features described in this policy.

12. How We Share Information

We do not sell your personal information.

We may share or allow processing of data with service providers that help us operate the app, including:

• Google Firebase services such as Analytics, Crashlytics, Authentication, Firestore, and Firebase AI
• RevenueCat for purchase, entitlement, and subscription-management processing
• Platform providers such as Apple App Store and Google Play for purchases, subscriptions, and distribution

We may also disclose information if required by law, regulation, legal process, or to protect the rights, safety, or security of users or the app.

13. Data Retention

• Locally stored app data remains on your device until you delete it, uninstall the app, or clear/reset relevant features.
• Encrypted journal content remains on your device until deleted by you or removed through app reset/uninstall actions.
• If you use Journal Sync, encrypted journal content and related encrypted sync records may remain in the connected cloud account until deleted through the app, overwritten by conflict-resolution choices, or removed through account/reset actions.
• If you choose the in-app Journal Sync cloud deletion option, the app deletes Journal Sync cloud data associated with your current sync userId, deletes the related Journal Sync account record in /pyd-users, and then signs you out. This cloud deletion does not delete journals that remain stored locally on your device.
• Analytics and crash data may be retained by Firebase according to Google/Firebase retention settings and policies.
• Purchase and subscription metadata may be retained by platform stores and RevenueCat according to their operational and legal retention requirements.
• Feature feedback submitted to Firestore may be retained for product planning, app improvement, and abuse-prevention purposes.

14. Your Choices

• You can choose whether to use journal protection.
• You can choose whether to save and keep a recovery key for journal recovery.
• You can choose whether to use optional AI personalization fields.
• You can choose whether to sign in for optional account-linked features.
• You can choose whether to use Journal Sync and whether to keep Live Activities enabled where supported.
• You can delete synced Journal Sync cloud data from the Journal Sync page. Doing so removes the remote cloud copy and the related Journal Sync account mapping for that sync account, then signs you out, but does not remove local journals already stored on your device.
• You can disable notification permissions from your device settings.
• You can stop using the app and remove locally stored data by uninstalling the app.

15. Children’s Privacy

Pack Your Day is not directed to children under the age required by applicable law to provide valid consent for data processing without parental authorization. If you believe a child has provided personal information in violation of applicable law, please contact us and we will review the request.

16. International Processing

If you use online features, your data may be processed on servers located outside your country, including by Google/Firebase infrastructure. By using those features, you understand that information may be transferred to and processed in countries where privacy laws may differ from those in your jurisdiction.

17. Changes to This Policy

We may update this Privacy Policy from time to time to reflect app changes, legal requirements, or operational updates. If we make material changes, we may update the effective date above and publish the revised policy at the policy URL used by the app.

18. Contact

For privacy questions, requests, or concerns, contact: kidapps2019@gmail.com