Morry Privacy Policy

Last Updated: January 5, 2026

This Privacy Policy applies to Morry ("this app", "we") Android version (package name: com.piggy.diary). We are committed to clearly and transparently explaining what data we process, why we process it, and how we protect it. This policy is designed in accordance with common global regulations (such as GDPR, CCPA/CPRA, etc.). If local laws have higher requirements, local laws shall prevail.

1. Introduction

Morry is a personal diary application supporting text, moods, and photos. It operates primarily offline with local storage, offering optional cloud backup and PDF export features.

2. Data We Collect

We collect the following categories of data:

• Account & Authentication (Optional): When you choose to enable cloud backup, basic information obtained through Google sign-in (email, display name, account ID).
• Content You Create: Diary text, tags, moods, photos you attach, recycle bin entries.
• App Settings & Preferences: Theme, language, notification preferences, VIP status, password lock settings, etc.
• App-Generated Data: Local database identifiers, timestamps, backup file names and metadata (size, modification time), PDF export paths, etc.
• Device Information: Device model, operating system version, device identifiers (for normal functionality and issue diagnosis).
• Advertising ID: We collect your device's advertising identifier for ad delivery, performance analysis, and ad fraud prevention. You can reset or limit advertising ID usage in system settings. VIP users will not see ads, but advertising ID may still be used for other analytical purposes (if applicable).
• App Usage Statistics: Anonymized app usage, feature usage frequency, and user interaction events collected through third-party analytics services (see Section 4).
• Crash & Performance Data: Crash reports, exception information, and performance metrics automatically collected through third-party services (see Section 4).

3. Permissions Usage

We request permissions only when necessary for specific features:

• Camera (CAMERA): To take photos and attach them to diary entries.
• Storage / Media Images (READ_MEDIA_IMAGES / READ_EXTERNAL_STORAGE): To select photos from your gallery.
• Notifications (POST_NOTIFICATIONS): To send diary reminders.
• Wake Lock (WAKE_LOCK): To ensure diary reminders can wake the device when needed. Note: We use non-exact alarms, which may have a few minutes of delay but do not require special permissions.
• Foreground Service (FOREGROUND_SERVICE / FOREGROUND_SERVICE_DATA_SYNC): To ensure data reliability during long-running tasks such as cloud backups or PDF exports.

Refusing permissions will not affect other unrelated functions, but corresponding features (such as photo attachments, reminders, or cloud backup) may not work.

5. Data Storage & Security

• Local Storage: Your diary entries and photos are stored locally on your device in a Room database and app-specific directories.
• Cloud Backup (Optional): If you enable Google Drive backup, backup files are uploaded directly to your personal Google Drive (DRIVE_FILE scope). We do not have access to your other Drive files.
• Security Note: While we provide app-level password protection, the local database is not encrypted at the disk level in the current version. We recommend setting a device screen lock for maximum security.

4. Third-Party Services

We use the following third-party services to provide features, improve our product, and ensure app stability:

4.1 Google Services

• Google Play Services (Auth): For optional Google sign-in (only used for cloud backup).
• Google Drive API: For creating and managing your backup files in your Google Drive (scope: DRIVE_FILE). Backup files are entirely under your control; we cannot access your other Drive files.
• Google Play Billing: For processing VIP subscriptions and purchases. We do not collect or store your payment credentials (e.g., credit card numbers); transactions are handled entirely by Google.

4.2 Firebase Services (Google)

We use the following Firebase services to improve app quality and user experience:

• Firebase Analytics:

  • Purpose: Collect anonymized app usage statistics, feature usage, and user interaction events.
  • Data Collected: App launches/closes, feature usage frequency, user interaction events, device information (model, OS version), etc.
  • Data Usage: Product improvement, feature optimization, user experience analysis, understanding user needs.
  • Data Retention: According to Firebase policy (typically 14 months).
  • Privacy Control: You can manage analytics data collection in app settings (if applicable).

• Firebase Crashlytics:

  • Purpose: Automatically collect crash reports and exception information to help us quickly identify and fix issues.
  • Data Collected: Crash stack traces, device information (model, OS version), app state snapshots, context information at crash time.
  • Data Usage: Improve app stability, quickly fix crashes, enhance user experience.
  • Data Retention: According to Firebase policy.
  • Privacy Note: Crash reports may contain app state information but do not include your diary content.

• Firebase Performance:

  • Purpose: Monitor app performance and identify performance bottlenecks.
  • Data Collected: App performance metrics, network request times, screen load times, etc.
  • Data Usage: Optimize app performance and improve response speed.

• Firebase Remote Config:

  • Purpose: Remote configuration management, allowing us to dynamically adjust app features and behavior.
  • Data Collected: Configuration fetch records.
  • Data Usage: Flexible app configuration management without requiring app updates.

• Firebase Cloud Messaging (FCM):

  • Purpose: Push notification service (e.g., diary reminders).
  • Data Collected: FCM Token (device identifier for push notifications).
  • Data Usage: Send notifications to your specified device.

4.3 Advertising Services

• Google Mobile Ads (AdMob):
  • Purpose: Display app open ads for free users. VIP users will not see ads.
  • Data Collected:
    • Advertising ID
    • Ad impression/click data
    • Device information (for ad delivery)
  • Data Usage: Ad delivery, personalized advertising (if applicable), ad performance analysis, ad fraud prevention.
  • Privacy Control:
    • You can reset or limit advertising ID usage in system settings.
    • We use Google User Messaging Platform (UMP) to handle privacy consent. Based on your location and applicable laws, we will request your consent on first launch.
    • You can modify privacy options in app settings at any time.

4.4 Terms of Service and Privacy Policies

All third-party services above are subject to their respective terms of service and privacy policies. We recommend that you read the relevant privacy policies to understand how they handle your data:

• Google Privacy Policy
• Firebase Terms of Service
• AdMob Policy

6. Data Sharing & International Transfers

• No Sale: We do not sell your personal data, nor do we share it for cross-context behavioral advertising.
• Limited Sharing: We only share data with third-party service providers in the following cases:
  • Google Services: To provide Google sign-in, Drive backup, app analytics, and advertising services, we share necessary data (such as device information, usage statistics, advertising ID, etc.) with Google.
  • Firebase Services: App usage statistics, crash reports, and performance data are sent to Firebase (a Google service).
  • AdMob: Advertising-related data (advertising ID, ad impression/click data) is shared with AdMob.
  • All data sharing follows the principle of minimization, sharing only data necessary to provide functionality.
• International Transfers: When you use cloud backup or third-party services, data may be processed or stored in different countries/regions, subject to the compliance safeguards of relevant service providers (such as Google's Standard Contractual Clauses).

7. User Rights (GDPR/CCPA)

You have control over your data:

• No Account Required: You can use the app completely offline; without signing in, all data remains on your device.
• Permission Management: You can revoke permissions in system settings at any time; corresponding features will be unavailable.
• Access & Export: You can view your data within the app or export it via PDF or backup features.
• Correction & Deletion: You can edit/delete diary entries, clear local data, or delete backup files saved in Google Drive.
• Opt-Out of Cloud Backup: You can sign out or disable backup features and continue using the app locally.
• Advertising ID Control: You can reset or limit advertising ID usage in system settings (Settings → Google → Ads → Reset advertising ID or Limit ad personalization).
• Privacy Options: You can access privacy options in app settings to modify advertising and analytics-related privacy settings (if applicable).
• Analytics Data Control: Although we use Firebase Analytics to collect usage statistics, you can limit advertising and analytics data collection in system settings (Settings → Google → Ads → Limit ad personalization).

To the extent permitted by applicable law, you may also have rights of access, correction, deletion, restriction of processing, objection to processing, data portability, and withdrawal of consent, which can be exercised by contacting us.

8. Data Retention

• Local Data: Retained on your device until you uninstall the app or clear data.
• Cloud Backups: Retained in your Google Drive; the app may provide automatic cleanup policies (e.g., attempting to delete old backups after a certain retention period), and you can also manually delete them at any time.
• Analytics Data: Firebase Analytics data is typically retained for 14 months, after which it is automatically deleted.
• Crash Reports: Firebase Crashlytics data is retained according to Firebase policy for issue diagnosis and improvement.
• Advertising Data: AdMob data is retained according to Google policy.
• Logs/Temporary Files: Saved only for the duration necessary to provide functionality, then deleted.

9. Children's Privacy

This app is not directed to children under 13. We do not knowingly collect personal data from children. If you believe we have collected data from a child without appropriate consent, please contact us and we will take steps to delete such data.

10. Policy Changes

We may revise this policy as features or laws are updated. After changes take effect, we will update the "Last Updated" date and notify you of key points through in-app prompts if necessary.

11. Data Controller & Contact

• Data Controller: Morry Team
• Contact Email: morry.app@gmail.com
• To protect personal privacy, the developer does not publicly disclose real names and addresses unless required by law or regulatory requirements.
• EU/UK Representative: Not currently designated; if designated in the future, we will update this policy.
• Data Protection Officer (if applicable): Not currently designated; if designated in the future, we will update this policy.

12. Regional Supplemental Terms (Overview)

• GDPR (EU/UK):

  • Legal bases include: Contract performance (providing core features), consent (optional notifications/preferences, advertising and analytics data collection), legitimate interests (security and product improvement, crash reporting).
  • You have rights of access, correction, deletion, portability, restriction of processing, objection to processing, and withdrawal of consent, and you can file complaints with supervisory authorities.
  • For advertising ID and analytics data collection, we process based on your consent.

• CCPA/CPRA (California):

  • We do not sell personal information, nor do we "share" personal information for cross-context behavioral advertising.
  • You have rights to know, delete, correct, and non-discrimination, which can be exercised by contacting us using the methods above.
  • The advertising ID and analytics data we collect are used for ad delivery and product improvement but are not sold to third parties.

13. Contact Us

If you have questions about this policy or your data, please contact us at: morry.app@gmail.com

---

Appendix: Main Dependencies and Components (non-exhaustive)

• Room (local database), WorkManager (background tasks and scheduling), Coil (image loading), Google Play Services Auth, Google Drive API, Google HTTP Client, Gson, AndroidX Navigation/Compose, Firebase Analytics, Firebase Crashlytics, Firebase Performance, Firebase Remote Config, Firebase Cloud Messaging, Google Mobile Ads (AdMob), User Messaging Platform (UMP).