Morry Privacy Policy

Last Updated: September 18, 2025

This Privacy Policy applies to Morry ("this app", "we") Android version (package name: com.piggy.diary). We are committed to clearly and transparently explaining: what data we process, why we process it, how we protect it, and how you can exercise your rights. This policy is designed in accordance with global common regulations (such as GDPR, CCPA/CPRA, etc.). If local laws have higher requirements, local laws shall prevail.

1. Scope of Application and Introduction

• Product Positioning: Personal diary application supporting text, tags, moods, and photos, providing local storage, PDF export, and optional cloud backup.
• Offline Availability: You can use it without logging in, only locally; if cloud backup is not enabled, data is only stored on your device.

2. Categories of Data We Process

• Account and Authentication (Optional): When you choose to enable cloud backup, basic information obtained through Google sign-in (email, display name, account ID).
• Content You Create: Diary text, tags, moods, photos you attach, recycle bin items.
• App Settings and Preferences: Theme, language, notification preferences, VIP status, password lock settings, etc.
• App-Generated Data: Local database identifiers, timestamps, backup file names and metadata (size, modification time), PDF export paths, etc.

The current version does not collect advertising identifiers, does not display third-party advertisements, and does not include third-party behavioral analytics or crash reporting SDKs. If non-member advertising features are introduced in the future, relevant descriptions will be updated in the privacy policy.

3. Permission Usage and Purpose

• Camera (CAMERA): Take photos and attach them to diary entries.
• Read Media Images (READ_MEDIA_IMAGES, Android 13+)/Read External Storage (READ_EXTERNAL_STORAGE): Select images from photo albums.
• Write External Storage (WRITE_EXTERNAL_STORAGE, Android ≤ 9): Compatible with old system file export; new systems use scoped storage and app-specific directories.
• Notifications (POST_NOTIFICATIONS): Send diary writing or task progress notifications after you enable reminders.
• Foreground Service/Data Sync (FOREGROUND_SERVICE, FOREGROUND_SERVICE_DATA_SYNC): Reliably execute time-consuming tasks (such as cloud backup/export) when needed and display system notifications.

Refusing permissions will not affect other unrelated functions, but corresponding functions will be unavailable and may affect some personalization or cloud backup features.

4. How We Use Data

• Provide Core Functions: Create, edit, organize, and view diary entries and photos.
• Local Storage: Use Room database and app private directories to store data and image thumbnails.
• PDF Export: Generate PDFs locally for you to save or share.
• Cloud Backup and Restore (Optional): If you choose, use your Google account to create/update backup files in your Google Drive for cross-device restoration.
• Personalization: Remember theme, language, and preference settings.
• Security: Support optional app password lock (not equivalent to device-level encryption).

5. Data Storage and Security

• Device Local: Diaries and photos are stored in Room database and app directories on your device.
• Transmission Security: Interactions with Google services use TLS transmission encryption.
• Cloud Location: Cloud backup files are stored in your Google account's Google Drive, completely under your control and management. You can delete or manage backup files at any time.
• Minimization Principle: Process data and request permissions only to the extent necessary to provide functionality.

Note: No security measures can guarantee 100% absolute security. Please enable device lock and system encryption, and keep your system updated.

6. Third-Party Services

• Google Play Services (Auth): Used for Google sign-in.
• Google Drive API: Used to access backup files in your Drive (permission scope: DRIVE_FILE). These services are subject to their respective terms of service and privacy policies.

7. Data Sharing and International Transfer

• No Sale: We do not sell your personal data, nor do we "share" personal information for cross-context targeted advertising.
• Limited Sharing: Only exchange minimal information with relevant service providers when necessary to implement Google sign-in and Drive backup.
• Cross-Border Transfer: When you choose to enable cloud backup, data may be processed or stored in different countries/regions, subject to Google's compliance safeguards.

8. Your Rights and Choices

• No Account Required: Can be used completely offline; without login, all data remains local.
• Permission Management: You can withdraw permissions at any time in system settings; corresponding functions will be unavailable.
• Access and Export: Can export PDFs within the app and create/import local or cloud backups.
• Correction and Deletion: You can edit/delete diary entries; can clear local data; can delete backup files stored in Google Drive.
• Opt Out of Cloud Backup: You can log out or disable backup features and continue with pure local use.

To the extent permitted by applicable law, you may exercise rights of access, correction, deletion, restriction of processing, objection to processing, data portability, and withdrawal of consent.

9. Data Retention

• Local Data: Retained on your device until you uninstall the app or clear data.
• Cloud Backup: Retained in your Google Drive; the app may provide automatic cleanup policies (such as attempting to delete old backups after reaching a certain retention period), and you can also manually delete them at any time.
• Logs/Temporary Files: Stored only for the period necessary to implement functionality, then deleted.

10. Children and Minors

This app is not intended for children under 13 (or under the age specified by your local jurisdiction). We do not actively collect children's data. If you believe we have collected children's data without parental consent, please contact us, and we will take measures as soon as possible.

11. Changes to This Policy

As features or laws are updated, we may revise this policy. After changes take effect, we will update the "Last Updated" date and inform you of key points through in-app notifications when necessary.

12. Data Controller and Contact Information

• Data Controller: Morry Team
• Contact Email: morry.app@gmail.com
• To protect personal privacy, developers do not publicly disclose real names and communication addresses; unless otherwise required by law or regulatory requirements.
• EU/UK Representative: Currently not designated; if designated in the future, we will update it in this policy.
• Data Protection Officer (if applicable): Currently not designated; if designated in the future, we will update it in this policy.

13. Regional Supplementary Terms (Overview)

• GDPR (EU/UK):
  • Legal basis includes: contract performance (providing core functions), consent (optional notifications/preference settings), legitimate interests (security and product improvement).
  • You have rights of access, correction, deletion, portability, restriction of processing, objection to processing, and withdrawal of consent, and can complain to supervisory authorities.
• CCPA/CPRA (California):
  • We do not sell personal information, nor do we "share" personal information for cross-context targeted advertising.
  • You have rights to know, delete, correct, and non-discrimination, which can be exercised by contacting us through the above methods.

Appendix: Main dependencies and components (non-exhaustive). If advertising and advertising identifier collection are involved in the future, the policy will be updated according to relevant laws.

• Room (local database), WorkManager (background tasks and scheduling), Coil (image loading), Google Play Services Auth, Google Drive API, Google HTTP Client, Gson, AndroidX Navigation/Compose.