Privacy Policy

This policy explains how Monglog (the "App") collects, uses, retains, and deletes your personal data. Monglog is a mobile app that interprets dreams you submit via AI and stores them as cards. This page is the authoritative document; the in-app summary (Settings > Privacy Policy) mirrors the same facts.

1. Data We Collect

1) Account & Authentication

• Google account identifier (uid), email, display name, profile image URL
• Sign-in tokens and session info (stored on device only)

2) User-Generated Content

• Dream text (typed or transcribed from voice; anonymized)
• Voice recordings during dream capture — used for speech-to-text; audio is auto-deleted after 7 days
• AI interpretation results, user-written notes and tags

3) Device & Usage Info

• OS / OS version, app version, device model, locale
• Crash logs, stack traces, non-identifying device IDs (Firebase Crashlytics)
• Anonymous usage events — screen views, taps (PostHog, opt-in only)

4) Data We Do Not Collect

• Precise location, contacts, photos / media library, call logs — none are collected.

2. Purposes

• Account identification and authentication (Google Sign-In)
• Dream record storage, retrieval, and sync (Firestore)
• Speech-to-text transcription
• AI dream interpretation via Cloud Functions calling an external LLM provider
• Instagram Story share-card generation (only when you tap Share)
• Service stability via crash analysis and anonymous usage stats
• User support

3. Retention

Account deletion uses a 7-day soft-delete window. You can cancel by signing back in within that window; after 7 days a cleanup job permanently deletes the data. See Account Deletion Guide for details.

4. Third Parties & Processors

We do not sell or share personal data with third parties without your consent (except as required by law). Service processors:

• Google LLC — Firebase Authentication / Firestore / Crashlytics / Cloud Functions
• OpenAI or equivalent LLM provider — used inside Cloud Functions for dream interpretation. Requests are server-side only; user identifiers (uid, email) are not sent.
• PostHog — anonymous usage stats (no PII; opt-in only)

Each processor follows its own privacy policy and is not used outside its purpose.

5. Your Rights

• Access, correct, or delete your personal data
• Export / delete account — instant via in-app Settings > Export/Delete
• Revoke microphone / notification permissions via your device OS settings
• Opt out of marketing notifications anytime via Settings > Notifications

For email requests: dlwlgns1240@gmail.com.

6. Children Under 14

The App is not intended for children under 14. If we learn an account belongs to a child under 14, we will delete it and any related data immediately. Parents/guardians who discover such collection should contact us at the email above.

7. Security

• HTTPS/TLS in transit
• Firebase default at-rest encryption
• Firestore security rules — users can only read their own data
• Provider API keys (LLM, etc.) are never bundled in the client; stored only as Cloud Functions Secrets
• Least-privilege management of all processors

8. Cookies & Similar

The App itself uses no cookies, but processors (Google, PostHog) may use their own identifiers. You can limit these by resetting your advertising ID in your device OS settings.

9. Policy Updates

We will notify you in-app or via this page at least 7 days before any addition, removal, or modification, and at least 30 days in advance for material changes affecting user rights.

10. Contact

• Service: Monglog
• Operator: Lee Ji-hoon (independent developer)
• Email: dlwlgns1240@gmail.com