Daylogue is a personal AI-powered journaling app that helps you track your moods, discover emotional patterns, and gain meaningful insights into your wellbeing through daily, weekly, and monthly check-ins.

How does mood tracking work in Daylogue?

Daylogue uses simple daily check-ins where you rate your mood, energy, and stress levels. The AI analyzes your entries over time to identify patterns and provide personalized insights about your emotional wellbeing.

Is my journal data private and secure?

Yes, Daylogue prioritizes your privacy. Your journal entries are stored securely and are only accessible to you. We use encryption and follow best practices for data protection.

Is Daylogue private and secure?

Yes. Daylogue uses local-first storage (your data stays on your device first) and end-to-end encryption. Even Daylogue staff cannot read your journal entries. Your encryption keys stay under your control.

Does Daylogue sell my data?

No. Daylogue has no ads, no data selling, and no third-party trackers. We make money from subscriptions, not from your emotional insights. Your data will never be sold to advertisers or anyone else.

Can I export or delete my Daylogue data?

Yes. You can export all your check-ins, insights, and data anytime in standard formats. You can also permanently delete everything whenever you want, no questions asked. Your data, your choice.

What encryption does Daylogue use?

Daylogue uses AES-256 encryption at rest and TLS 1.3 encryption in transit. Your data is encrypted before it leaves your device with end-to-end encryption, meaning we literally cannot read your journal entries.

Is Daylogue HIPAA compliant?

Daylogue is designed with HIPAA Security Rule principles in mind for our technical safeguards. We do not claim HIPAA compliance and do not currently offer Business Associate Agreements. Our zero-knowledge encryption means we cannot access your encrypted data.

What encryption does Daylogue use?

Daylogue uses AES-256-GCM encryption with unique 96-bit IVs per entry. Keys are derived using PBKDF2-SHA256 with a minimum of 100,000 iterations. All encryption happens on your device before data is uploaded.

Where are my encryption keys stored?

Your encryption keys are generated and stored on your device. On mobile, keys use the platform keychain (iOS) or keystore (Android). On web, keys are stored in secure browser storage. Keys never leave your device unencrypted.

What is NOT encrypted in Daylogue?

While your journal content is encrypted, some metadata is not: timestamps, device information, and ciphertext sizes. This metadata is necessary for sync and app functionality but does not reveal what you wrote.

How we protect your journal

End-to-end encryption for everything you write. Your keys, your control.

How encryption works

Your words are encrypted before they ever leave your device.

You write

Your journal entry exists only on your device

Device encrypts

AES-256-GCM encryption using your key

Ciphertext syncs

Only encrypted data leaves your device

We store safely

We hold your data but cannot read it

Security in depth

Multiple layers of protection for your most personal thoughts.

End-to-end encryption explained

Your journal entries are encrypted on your device before they ever leave it. This means the data that travels to our servers is already scrambled. Even if someone intercepted it, they would see meaningless ciphertext. We store your encrypted data but cannot read it.

Your encryption keys

Your encryption key is generated on your device and never leaves it unencrypted. When you add a new device, you must approve it from an existing device. This device approval flow ensures only your authorized devices can access your data. A recovery phrase lets you regain access if you lose all devices.

Web security

We enforce a strict Content Security Policy (CSP) that prevents cross-site scripting attacks. Cryptographic operations run in isolated contexts. All connections use HTTPS with modern TLS. Security headers protect against clickjacking, MIME sniffing, and other common web attacks.

What encryption does not cover

We want to be transparent: some metadata is not encrypted. This includes timestamps (when you created entries), device information (which device synced what), and ciphertext sizes. This metadata is necessary for sync to work but does not reveal what you wrote.

Encryption Algorithm

AES-256-GCM with unique 96-bit IV per entry

Key Derivation

PBKDF2-SHA256 with minimum 100,000 iterations

Mobile Key Storage

Platform keychain (iOS) / keystore (Android)

Web Key Storage

Secure browser storage with isolation

Key Logging

No key material in logs or error reports

Transit Security

TLS 1.2+ for all network requests

Note: These specifications may evolve as we adopt stronger cryptographic standards. We will always communicate changes in advance and ensure backward compatibility for your existing data.

Multi-Device Security

New devices need your approval

When you sign in on a new device, it cannot access your encrypted data until you approve it from an existing device. This prevents unauthorized access even if someone has your password.

Device approval required

New devices must be approved from an existing trusted device

Key exchange protocol

Encryption keys are securely transferred between your devices

Recovery phrase backup

A recovery phrase lets you regain access if you lose all devices

Revoke anytime

Remove device access instantly from your security settings

Trusted

New

Approve new device

Keys transfer securely between your devices. Only you control access.

Your thoughts, protected

Start journaling with confidence. Your words stay yours.