Privacy Policy
This Privacy Policy describes how Warner Creates LLC, a Massachusetts limited liability company ("we", "us", or "our"), collects, uses, and shares information when you use the Logged mobile application ("the App"). We take your privacy seriously and are committed to protecting your data.
1. Information We Collect
We collect the following categories of information when you use Logged:
- Account information — your email address and password (stored as a secure hash by Firebase Authentication)
- Business profile — business name, license number, tax rate, default payment note, and optional business logo
- Customer data — names, phone numbers, email addresses, addresses, and service type tags you enter for your customers
- Job data — job titles, types, scheduled dates, status, and notes you create
- Invoice data — invoice numbers, line items, amounts, payment status, and client signatures
- Photos — photos you capture within the App are stored on your device and, when uploaded, stored in Cloudflare R2 cloud storage
- Push notification token — a device token used to deliver push notifications (e.g., when a client views your invoice or pays it)
- Error and crash data — crash reports collected by Sentry to help us identify and fix bugs
We do not collect location data, contacts, browsing history, or any data beyond what is necessary to provide the App's features.
2. How We Use Your Information
- To provide, maintain, and improve the App's features
- To sync your data across devices and store it securely in the cloud
- To send invoices to your clients via email on your behalf
- To deliver push notifications (e.g., invoice viewed and payment received alerts)
- To process your subscription payments through Apple (via RevenueCat)
- To identify and fix crashes and bugs (Sentry)
We do not sell your personal data to third parties, including as defined under the Massachusetts Data Privacy Act (MDPA). We do not use your data for advertising.
3. Third-Party Services
Logged uses the following third-party services. Each has its own privacy policy governing how they handle data.
| Service | Purpose | Data shared |
|---|---|---|
| Firebase (Google) | Authentication, cloud database, push notifications | Email, business data, job/customer/invoice records, FCM token |
| Cloudflare | Photo storage (R2), serverless backend (Workers) | Photos you upload, API request data |
| Resend | Transactional email delivery and click tracking | Your client's email address, invoice email body (including a link to your invoice page on getlogged.app), click events on the View Invoice and Pay Now links |
| RevenueCat | Subscription management | App Store purchase receipts, anonymous usage data |
| Apple | App distribution, in-app purchases | Payment info (handled entirely by Apple — we never see card details) |
| Stripe | Payment processing (for contractors who connect a Stripe account to accept client payments) | Business identity and bank account information collected directly by Stripe during onboarding — we do not store or process payment card data |
| Sentry | Crash and error reporting | Anonymized crash logs and device information |
4. Data Storage and Security
Your data is stored on your device using Apple's SwiftData framework and is synced to Firebase Firestore (hosted in the US). Photos are stored in Cloudflare R2. We use industry-standard encryption in transit (HTTPS/TLS) and at rest.
Your data is associated with your account and is not shared with other Logged users.
Public invoice pages. When you send an invoice by email, the email contains a link to a public web page hosted at getlogged.app/i/<token>. The page displays the invoice details, line items, photos, and payment information. The link acts as a bearer credential — anyone who possesses it can view the page — so we treat it accordingly: the token is a 128-bit randomly generated value, expires 90 days after issue, and is delivered only to the email address you specify when sending the invoice. The page is not indexed by search engines and does not leak the link via referrer headers when your client clicks Pay Now. Access logs record only a SHA-256 hash of the token for rate-limiting and abuse detection; raw tokens are never written to logs.
5. Data Retention and Account Deletion
We retain your data for as long as your account exists. Downgrading from a paid plan to the free tier does not delete your data — your history remains intact and accessible.
Account deletion: You can permanently delete your account at any time from the App's Settings screen ("Delete Account"). Deleting your account immediately and permanently removes:
- All photos and PDF invoices stored in Cloudflare R2 cloud storage
- All records in our database (customers, jobs, invoices, line items)
- Your user profile and authentication credentials
- All data stored locally on your device
Account deletion is irreversible. We do not retain deleted account data except where required by law (e.g., financial records required under applicable regulations). Stripe Connect account history is governed by Stripe's own data retention policies.
6. Your Rights (including Massachusetts Data Privacy Act)
As a Massachusetts limited liability company, we comply with the Massachusetts Data Privacy Act (MDPA, effective July 2025). Regardless of your jurisdiction, you have the following rights with respect to your personal data:
- Access — request a copy of the personal data we hold about you
- Correction — request correction of inaccurate data
- Deletion — request deletion of your data (or use the in-app "Delete Account" feature for immediate deletion)
- Portability — request your data in a portable format
- Opt-out of sale — we do not sell your personal data to third parties, including as defined under the MDPA
To exercise any of these rights, contact us at [email protected]. We will respond within 45 days as required by the MDPA. We will not discriminate against you for exercising these rights.
7. Children's Privacy
Logged is not directed at children under 13 and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
8. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via the App or by email. Continued use of the App after changes constitutes acceptance of the updated policy.
9. Contact
If you have questions about this Privacy Policy, please contact us:
- Email: [email protected]
- Website: getlogged.app
- Company: Warner Creates LLC