Rotation ("we," "us," "our") is a private dating journal. This policy explains what we collect, what we don't, and how we keep your moments yours. We wrote it in plain English because you deserve that.
What we collect
- Account basics: an email address (so you can log in and recover your account) and, optionally, a display name.
- Encrypted journal data: your entries, men, moments, photos, text decodes, and drafts are encrypted on your device before they are stored in Firebase.
- Subscription status: whether you're on a free or paid plan, receipt tokens, and entitlement state from RevenueCat and the Apple or Google store.
- Pseudonymous analytics: Firebase Analytics and PostHog events like "journal entry created" or "app opened" — not the content of entries, notes, photos, or Decoder requests.
- Crash logs: to fix bugs. Stripped of personal content.
What we don't collect
- Readable saved journal content from storage. AI features only receive the text you choose to send for that request.
- A readable copy of the men you log from storage — their names, photos, or info. Saved content is encrypted before server storage.
- Your location, contacts, or camera roll.
- Advertising identifiers. We don't run ads and we don't sell your data. Ever.
Client-side encryption, explained like a friend
When you write an entry, your phone generates a random encryption key that is stored in the device keychain or keystore. Your entries and photos are encrypted with that key before server storage. The encrypted version is what we store in Firebase. Without the key, it's noise. We do not receive the readable key, so we cannot decrypt saved moments or photos from storage.
The key loss warning (please read this)
Because we do not hold the readable encryption key, we cannot recover your journal if you lose it. If you delete the app without backing up, or if you lose your phone without enabling backup, your entries are gone forever. Keep iCloud Keychain or Google Backup enabled if you want your key to come with you to a replacement device.
Third parties we use
- Firebase (Google): auth, server-side functions, database and file storage of encrypted blobs, crash reporting, and some pseudonymous analytics.
- RevenueCat: handles subscriptions with Apple and Google store payments. They see purchase and entitlement data, not your journal content.
- PostHog: product analytics and feature usage events without journal content.
- OpenRouter: routes Decoder and insights requests to AI models when you invoke those features. We send the text needed for that request, not journal content for analytics. Model providers do not train on your data.
Analytics
We use Firebase Analytics and PostHog to count events, not journal content. Identifiers are pseudonymous. We will expose any available analytics controls in app settings as they ship.
Your rights
You can access, export, or delete your account at any time from Settings → Account. Deletion wipes your server-side ciphertext within 30 days. Under GDPR/CCPA you have additional rights; email privacy@tryrotation.app.
Children
Rotation is rated 17+ and not intended for anyone under 17. We do not knowingly collect data from minors.
Changes to this policy
If we change anything meaningful, we'll notify you in the app before it takes effect.
Contact
Privacy questions: privacy@tryrotation.app.