Privacy Policy

Last updated: January 11, 2026

This Privacy Policy explains how Ifigo (the "App") handles your information when you create journals, manage your vault, configure recipients, use daily check-ins, and enable backup or send-out features. By using the App you agree to these practices.

Information We Collect

Account Information

When you sign in, Firebase Authentication provides us with your email address, display name, profile photo (if available), and a unique user identifier. RevenueCat may also receive purchase metadata (such as product identifiers, store receipts, and subscription status) to manage your subscription. If you connect Google Drive or iCloud Drive for backups, those providers handle authentication and share access tokens required to store your encrypted backup files.

Journals, Vault Items, and Attachments

The App stores the text, attachments, and metadata you add to journals and vault items, including any security questions and answers assigned to recipients. Attachments you capture or import stay inside the app's storage unless you explicitly back them up or send them to a recipient.

Recipient Details

Recipient names, email addresses, and any security questions and answers you configure are stored so the App can deliver your legacy package to the right contacts.

App Security and Preferences

If you enable the app PIN, we store a hashed version of your PIN, inactivity timeout, and lockout metadata on-device. We also store settings like your daily check-in time, inactivity threshold, notification preferences, and subscription status so the App can send reminders and manage legacy send-outs.

Backup and Operational Data

If you enable cloud backup, the App encrypts your journals, vault items, recipients, and attachments on-device with your device keychain/keystore key and uploads only the ciphertext to your Google Drive (Android) or iCloud Drive (iOS). The App records operational metadata (such as backup status, send-out status, and error timestamps) to help you monitor activity and retry failures.

How We Use Information

Core Features

Your data powers the App's core experience: creating encrypted journals and vault items, assigning recipients, and controlling your inactivity threshold for legacy send-outs.

Notifications and App Security

We use your daily check-in settings to schedule notifications and determine when to trigger legacy send-outs. If you enable the app PIN, we use the stored hash to protect access to your encrypted content.

Backups

When enabled, we create encrypted backup files using a device-held key and upload them to your chosen cloud drive so you can restore your data while keeping the key on your device.

Legacy Send-Out

If your inactivity threshold is met, the App builds password-protected PDF packages and uses Firebase Cloud Functions to email them to the recipients you selected. The email includes your configured security question to help recipients unlock the attachment. Automatic send-outs require an active subscription.

Data Storage and Security

Your journals, vault items, recipients, and attachments are stored in an encrypted Realm database on your device. Encryption keys are kept in your device keychain/keystore and are not uploaded. Backup files are encrypted with the same device-held key before leaving your device. We do not view your content.

Information Sharing

We share data only to provide the App's functionality: Firebase Authentication and Cloud Functions to manage your account and send emails; Google Drive or iCloud Drive to store encrypted backups; and RevenueCat to process purchases. Recipients you designate will receive the content you send out to them. We do not sell your personal information.

Your Choices and Controls

Permissions

You can manage camera, notification, and cloud storage permissions through your device settings. Disabling backup stops new uploads to your cloud drive. Disabling notifications may prevent daily check-in reminders.

Managing Recipients and Send-Outs

You control which journals and vault items are assigned to each recipient and when the inactivity threshold should trigger a legacy package. You can update or remove recipients at any time.

Subscription Management

You can view, renew, or cancel your subscription from the App Store or Google Play. Subscription status affects access to automatic send-out features.

Account Deletion

To delete your account, go to Settings → Delete Account. Deleting your account removes your local data and prevents future backups or send-outs. You may need to delete any backups stored in your cloud drive separately.

Children's Privacy

The App is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided information, contact us and we will remove it.

Changes to This Policy

We may update this Privacy Policy to reflect product changes or legal requirements. Significant updates will be posted in the App.

Contact

If you have questions about this Privacy Policy, contact ifigoapp@gmail.com.

Ifigo
Singapore
ifigoapp@gmail.com