Privacy & Security
This page explains exactly how we handle your data. No marketing, no jargon — just the facts. For our broader mission and values, see What We Stand For.
Data collection
We collect only what's needed to run our service:
We track how features are used so we can improve the product and personalize your experience. This data is never shared with third parties or used for advertising.
Cookies
We use a small number of cookies to keep the service running. No tracking cookies, no analytics cookies, no advertising cookies.
| Name | Purpose | Flags |
|---|---|---|
| loggers_session | Keeps you signed in | httpOnly, secure, sameSite lax |
| loggers-theme | Remembers your light/dark preference | secure, sameSite lax |
| i18n_redirected | Remembers your language choice | secure, sameSite lax |
No tracking cookies. No analytics cookies. No advertising cookies.
Encryption
All data in transit is encrypted with TLS 1.2+ between your device and our servers. All data at rest is encrypted at the storage level with AES-256. Database backups are encrypted and stored in the same jurisdiction as the primary data.
Infrastructure
Your data is stored in data centers in Europe, run by European companies. We picked our providers and jurisdiction for strong data protection laws and clear rules about who can access your data.
Where we host matters — we think carefully about it.
Visual elements of the website (design files, images, fonts) may load from servers in other regions. Your personal data, account info, or content never passes through those servers.
Access controls
Only you can access your data by default. Our team's access is role-restricted, protected by multi-factor authentication, and logged. We review access logs regularly. No team member can see your content without a documented reason.
Data retention and deletion
We keep your data as long as your account is active. When you delete content, we remove it from our servers right away and clear it from backups shortly after.
Self-service account deletion and data export are actively under development. Until then, contact us and we'll handle it manually. When your account is deleted, we permanently remove all your data.
Third parties
We share your data with no one, with the following exceptions:
Payment processing:
Our payment provider processes your payment. They only receive what's needed to complete the transaction.
Legal obligation:
If compelled by a valid legal order. See below.
We don't use sub-processors for data storage, email delivery, analytics, or any form of data enrichment.
Government requests and legal orders
As of today, we've received 0 (zero) government requests for member data. We'll update this number as our transparency report evolves.
If we receive a legally binding order from authorities in our jurisdiction, we'll:
- 1Evaluate its legal validity and challenge it if we believe it's overbroad or unjustified
- 2Notify the affected member, unless we are legally prohibited from doing so
- 3Comply only with the minimum scope required
- 4Publish a summary in our transparency report (without identifying affected members)
We cooperate with lawful requests through proper legal channels in our jurisdiction. Requests from foreign governments or agencies must follow the same process.
If that paragraph is ever removed from this page, draw your own conclusions.
Your responsibilities
We provide the tools. Using them is on you.
No amount of server-side protection can make up for a compromised device or a reused password.
What we can't protect against
We're honest about our limits:
Incident response
If we ever experience a data breach or security incident: