VoxDiary

Privacy Policy

Last updated: July 14, 2026

VoxDiary is built on a simple principle: your diary belongs to you. Voice recordings, transcripts, mood analysis, and AI insights are created and stored entirely on your device. We never see, store, or process the contents of your diary on any server.

Who We Are

VoxDiary is developed by NexlyTech ("we", "us"). This policy explains what data the VoxDiary app handles, where it lives, and the choices you have. It applies to the VoxDiary mobile application published on Google Play under the application ID dev.nexlytech.voxdiary.

The Short Version

  • All voice recordings, transcripts, and AI analysis stay on your device.
  • Speech-to-text and mood analysis run fully on-device. No audio or text is sent to any cloud AI service.
  • Your diary database is stored encrypted on your device.
  • An account is optional. If you create one, it tracks only your subscription status — never your diary.
  • Optional backups are end-to-end encrypted and stored in your own Google Drive. We cannot read them.
  • We use no advertising SDKs, no analytics SDKs, and no trackers.

Data That Never Leaves Your Device

The following data is created and stored only on your device, inside an encrypted local database:

  • Voice recordings (audio files)
  • Transcripts of your recordings
  • Mood and sentiment analysis results
  • AI-generated insights, tags, and follow-up questions
  • Journal entries, edits, and search history

Transcription and analysis are performed by AI models that run locally on your phone. VoxDiary has no server-side processing of diary content, and this is a permanent design decision — not a temporary limitation.

Optional Account Data

You can use VoxDiary fully without an account. If you choose to create one (to secure a paid subscription across devices), we store the following through Supabase, our authentication provider:

  • Your email address
  • Your subscription tier and its expiry date
  • Authentication session data

That is the complete list. Your account is never linked to any diary content, because diary content never reaches our servers.

Purchases and Subscriptions

Subscriptions are processed by Google Play and managed through RevenueCat, our subscription infrastructure provider. RevenueCat receives an anonymized app user ID and purchase information (product, price, purchase date) to validate your subscription. See the RevenueCat privacy policy for details. We do not receive or store your payment card details.

Encrypted Backups (Optional)

Paid plans include an optional backup feature. When enabled, VoxDiary packages your diary database and audio into a single archive, encrypts it on your device with AES-256-GCM using a password only you know, and uploads it to the private app-data area of your own Google Drive.

  • Encryption happens before upload. Google and NexlyTech only ever see ciphertext.
  • The backup is stored under your Google account, in space only VoxDiary can access.
  • Restoring requires signing into the same Google account and entering your backup password.
  • If you lose your backup password, we cannot recover your backup — by design.

VoxDiary requests only the drive.appdata Google Drive scope, which grants access to its own hidden app folder and nothing else in your Drive.

Analytics, Advertising, and Tracking

VoxDiary contains no advertising SDKs, no third-party analytics SDKs, and no tracking technologies. We do not build profiles, we do not sell data, and we have no data to sell.

Device Permissions

  • Microphone — required to record your voice entries. Audio is processed and stored only on your device.
  • Notifications — optional, used for reminders you configure.
  • Biometric authentication — optional, used to lock the app. Biometric data is handled by your device's operating system and never reaches VoxDiary or our servers.

Data Security

Your local diary database is encrypted at rest on your device. Backups are encrypted end-to-end with AES-256-GCM before leaving your device. Account sessions are stored in your device's secure keystore. Communication with our authentication and subscription services uses TLS.

Data Retention and Deletion

  • Diary data — lives only on your device. Deleting an entry, or uninstalling the app, removes it. We hold no copy.
  • Backups — stored in your own Google Drive and removable at any time from the app or via your Google account settings (Google Account → Backups).
  • Account data — you can request deletion of your account and associated subscription records at any time by contacting us at hello@nexlytech.dev. We delete it within 30 days.

Your Rights

Depending on where you live (including the EU/EEA and UK under GDPR, and applicable US state laws), you have the right to access, correct, export, or delete personal data we hold about you, and to object to or restrict its processing. Because the only personal data we hold is your optional account email and subscription status, exercising these rights is simple: email us and we will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

Children

VoxDiary is intended for users aged 18 and older. We do not knowingly collect personal data from children. If you believe a child has created an account, contact us and we will delete it.

International Data Transfers

The only server-side data we hold (optional account email and subscription status) is processed by Supabase and RevenueCat, which may store data in the United States or the European Union under appropriate safeguards such as standard contractual clauses.

Changes to This Policy

If we change this policy, we will update this page and the "Last updated" date above. Material changes affecting how personal data is handled will be announced in the app before they take effect.

Contact

Questions about privacy in VoxDiary? Email hello@nexlytech.dev.