Privacy Policy

Last Updated:

1. Introduction

Welcome to DocLog ("we," "our," or "us"). DocLog is a data management application designed to help you organize and manage customer-related information, documents, and images in an easy-to-access timeline view. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application.

By using DocLog, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our application.

2. Information We Collect

2.1 User Account Information (Stored in Firebase)

When you create an account, we collect the following information which is stored securely in Firebase:

• Phone Number: Required for account authentication via OTP (One-Time Password) verification
• Full Name: Your name
• Email Address: Optional contact information
• Gender: Optional demographic information
• City: Optional location information
• Referral Code: Automatically generated code for referral program
• Account Creation Date: Timestamp of when your account was created

2.2 Customer Data (Stored Locally Only)

All customer data is stored exclusively on your device and is never transmitted to our servers or any third-party cloud services. This includes:

• Customer identification information (NIC number, full name)
• Date of birth
• Gender
• Phone number
• Address
• Data history entries (timeline records)
• Notes and descriptions
• Documents (PDF files, reports, etc.)
• Images (photos, scans, etc.)
• Timeline entries with associated files
• Any other customer-related information you enter

2.3 Usage Data

We may collect anonymous usage analytics through Firebase Analytics to help us improve the app. This includes:

• App usage patterns (anonymized)
• Feature usage statistics
• Crash reports and error logs
• Device information (device type, operating system version)

This analytics data does not include any customer information or personally identifiable information about your customers.

3. How We Use Your Information

3.1 User Account Information

We use your account information to:

• Authenticate your identity and provide secure access to the app
• Manage your account and preferences
• Provide customer support
• Send important notifications about your account
• Facilitate the referral program

3.2 Customer Data

Customer data is used solely within the app on your device. We do not access, process, or use customer data in any way. You have complete control over how customer data is used within the app. The app provides a timeline view that allows you to easily view and access customer-related images and documents organized by date.

3.3 Analytics Data

We use anonymous analytics data to:

• Understand how the app is being used
• Identify and fix bugs
• Improve app performance and user experience
• Develop new features based on usage patterns

4. Data Storage and Security

4.1 User Account Data

Your account information is stored securely in Firebase (Google Cloud Platform), which provides enterprise-grade security including:

• Encryption in transit (TLS/SSL)
• Encryption at rest
• Regular security audits
• Compliance with industry standards (ISO 27001, SOC 2, etc.)

4.2 Customer Data

Customer data is stored locally on your device in a SQLite database. This provides:

• Complete Privacy: Data never leaves your device
• Offline Access: Full functionality without internet connection
• Data Control: You have complete control over your customer data
• GDPR Compliance: No data processing or transfer to third parties
• Easy Access: Timeline view allows you to quickly find and view customer documents and images

Files (documents and images) are stored as encrypted BLOBs within the SQLite database, providing an additional layer of security. The timeline view organizes all entries chronologically, making it easy to access historical data and associated files.

4.3 Backup Data

When you create a local backup, the backup file is stored on your device in an accessible location (Documents/Backups folder). These backup files are encrypted ZIP archives containing your customer data. You are responsible for securing these backup files.

5. Data Sharing and Third Parties

5.1 Third-Party Services

We use the following third-party services:

• Firebase (Google): For user authentication, account management, and analytics. Firebase's privacy policy applies to this data: https://firebase.google.com/support/privacy
• Firebase Analytics: For anonymous usage analytics

5.2 Customer Data Sharing

We do not share, sell, or transmit customer data to any third parties. Customer data remains on your device and is never accessed by us or shared with external services.

5.3 Legal Requirements

We may disclose your account information if required by law or in response to valid requests by public authorities (e.g., a court or government agency). However, we cannot access or disclose customer data as it is stored locally on your device.

6. Your Rights and Choices

6.1 Access to Your Account Information

You have the right to:

• Access your account information stored in Firebase
• Update or correct your account information through the app
• Request deletion of your account

6.2 Customer Data Control

You have complete control over customer data:

• Add, edit, or delete customer records at any time
• Add timeline entries with associated documents and images
• View all customer data in an organized timeline view
• Search and filter customer records easily
• Create local backups of your data
• Restore data from backups
• Delete all customer data by deleting the app (data is stored locally)

6.3 Account Deletion

You can delete your account at any time through the app settings. When you delete your account:

• Your account information will be removed from Firebase
• All associated customer records will be deleted from Firestore
• All locally stored customer files will be deleted
• Your authentication account will be removed

Warning: Account deletion is permanent and cannot be undone. Make sure to create a backup before deleting your account if you want to preserve your data.

6.4 GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate personal data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to processing of your data

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

7. Data Retention

7.1 Account Information

We retain your account information for as long as your account is active or as needed to provide you services. If you delete your account, we will delete your account information within 30 days, except where we are required to retain it for legal purposes.

7.2 Customer Data

Customer data is retained on your device until you:

• Delete individual customer records
• Delete timeline entries
• Delete the app (which removes all local data)
• Delete your account (which removes all associated customer data)

7.3 Analytics Data

Anonymous analytics data is retained according to Firebase Analytics' data retention policies, typically up to 14 months.

8. Children's Privacy

DocLog is designed for use by individuals and businesses to manage customer data and is not intended for use by children under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

9. International Data Transfers

Your account information may be stored and processed in any country where Firebase (Google) operates. By using DocLog, you consent to the transfer of your account information to countries outside your country of residence, which may have different data protection rules than your country.

Customer data, however, remains on your device and is not subject to international transfers.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date at the top of this policy
• Notifying you through the app if significant changes are made

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

11. Security Measures

We implement appropriate technical and organizational measures to protect your information:

• Secure authentication using Firebase Auth with OTP verification
• Encrypted data transmission (TLS/SSL)
• Encrypted data storage in Firebase
• Local SQLite database encryption for customer files
• Regular security updates and patches
• Access controls and authentication requirements

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For GDPR-related requests, please include "GDPR Request" in your subject line and provide details about your request.

13. Compliance

DocLog is designed to comply with:

• GDPR (General Data Protection Regulation): European data protection law
• Data Protection Best Practices: Following security and privacy best practices for data management applications
• Industry Standards: Adhering to industry standards for data security and privacy

© DocLog. All rights reserved.