Granosi

Privacy Policy

Last updated:

Granosi respects your privacy. This Privacy Policy explains what information we collect, how we use it, and what choices you have when you use the Granosi mobile application and related online services.

Data Controller

Granosi is the data controller for personal information processed through the Granosi app and backend services. For privacy questions or requests, contact: translation.daybook@gmail.com

Summary: What We Store and Where

Granosi is designed so your diary content stays primarily on your device. Here is a quick overview:

  • On your device: diary entries, local chat history, app settings, and backup encryption keys (in secure storage)
  • On Granosi servers (Firebase): account profile, language preferences, token balance, subscription status, encrypted AI learning memory, and ad reward records
  • In your cloud account (optional): encrypted backup files on Google Drive (Android) or iCloud (iOS) — only if you enable backup
  • Sent to AI providers for processing: text you submit for translation, chat, or practice feedback — processed to generate responses; not stored by Granosi as a full diary archive

Information We Collect

Account and Authentication Data

When you sign in, we receive information from your authentication provider:

  • Google (Android): user identifier, email address, and profile name (as permitted by your account)
  • Apple (iOS): user identifier and email (which may be Apple's private relay address); name on first sign-in if you choose to share it

We use Firebase Authentication to manage your account. Your Firebase user ID (UID) links your profile across devices.

Language Profile and Account Settings

We store your native language, target language, and related account fields in Firestore, including:

  • AI token balance and daily refresh timestamps
  • Granosi Plus subscription status and expiration (plus_until)
  • Daily ad unlock date (for free-tier users)
  • Backup encryption key material (backup_v3_key_material) to help restore encrypted backups across devices — this is not your diary content in readable form

User Content Submitted to AI Features

When you use AI-powered features, we process the text you submit, such as:

  • Source text and translations for practice and feedback
  • Chat messages in conversation practice
  • Context from recent messages in a conversation

This content is sent to our backend (Firebase Cloud Functions) and forwarded to third-party AI providers to generate responses. Message length limits apply (for example, translation text up to approximately 500 characters and chat messages up to approximately 250 characters).

AI-Derived Learning Memory

To personalize chat and practice over time, Granosi may extract and store learning memory on our servers, including:

  • Short text fragments from your conversations
  • Vector embeddings derived from those fragments (via Google Vertex AI)
  • Difficulty patterns identified during practice

Memory is stored in Firestore collections (chat_memory_chunks and learning_difficulty_chunks). Limits apply (for example, up to 200 chat memory chunks and 100 difficulty chunks per user). Older entries may be removed when limits are reached.

How Learning Memory Is Protected

We apply additional safeguards to learning memory stored on our servers:

  • Encrypted text fields: conversation fragments, difficulty descriptions, and related text fields are encrypted with AES-256-GCM before they are written to Firestore. They are not stored as readable plain text in the database.
  • Server-side keys only: decryption keys are derived on our backend per account. The mobile app does not receive the master key used to protect learning memory.
  • No direct client access: the Granosi app does not read memory chunk documents from Firestore. Memory retrieval for chat and practice runs only through our authenticated backend APIs.
  • Vector embeddings: mathematical embeddings used for similarity search remain stored so the service can find relevant memories. They are not human-readable diary text, but they are derived from your practice content.
  • Deduplication hashes: identifiers used to avoid duplicate memory entries are stored as one-way hashes rather than the original text.

Google still encrypts Firestore data at rest as part of its cloud infrastructure. Our application-layer encryption adds protection so memory text is not exposed in readable form to client apps or casual database inspection.

Subscription and Purchase Data

If you subscribe to Granosi Plus on Android, we process:

  • Product identifier (granosi_plus_monthly)
  • Google Play purchase token and verification status
  • Subscription expiration date

Payment card details are handled by Google Play; Granosi does not receive or store your full payment information.

Advertising and Token Rewards

Free-tier users may watch rewarded video ads (Google AdMob) to unlock daily AI practice or earn additional tokens. We process:

  • Ad reward session identifiers and status
  • Server-side verification data from AdMob
  • Token credit records linked to your account

Cloud Backup (Optional)

If you enable cloud backup, Granosi creates an encrypted backup of your local progress and stores it in your Google Drive (Android) or iCloud (iOS) account. The backup may include diary entries, entry conversations, and chat practice history. Backups are encrypted with AES-256-GCM before upload. Granosi cannot read your decrypted backup content from your cloud storage.

Technical Information

We may process limited technical information needed to operate the service, such as:

  • Device type and operating system
  • App version
  • Platform (Android or iOS)
  • Server and error logs related to API requests

Granosi does not currently integrate Firebase Analytics or Crashlytics in the client application.

Information We Do Not Collect

  • We do not automatically upload your full diary to our servers
  • We do not sell or rent your personal information
  • We do not use Firebase Analytics for marketing tracking in the app
  • We do not require unnecessary sensitive data (such as government IDs or payment card numbers — payments are handled by Google Play)

How We Use Information

We use collected information to:

  • Provide translation, grammar, chat, and practice features
  • Authenticate your account and sync your profile
  • Manage AI token balances, subscriptions, and ad rewards
  • Personalize learning through AI memory
  • Enable optional encrypted cloud backup
  • Maintain security, prevent abuse, and troubleshoot errors
  • Comply with legal obligations

Legal Bases (where applicable)

Depending on your location, we process personal data based on:

  • Performance of a contract: to provide the service you request
  • Legitimate interests: to secure the service, prevent fraud, and improve features
  • Consent: where required for optional features such as cloud backup or personalized advertising through rewarded ads
  • Legal obligation: where we must comply with applicable law

AI Processing and Third-Party Providers

Granosi relies on third-party services that may process data according to their own policies:

  • Firebase (Google) — Authentication, Firestore database, Cloud Functions
  • Groq — large language model inference for translations, chat, and feedback
  • Google Vertex AI — text embeddings for learning memory
  • Google AdMob — rewarded video advertisements
  • Google Play Billing — subscription purchases (Android)
  • Google Drive / Apple iCloud — optional user-initiated encrypted backups

User content submitted to AI features is transmitted to these providers for processing. We recommend reviewing their privacy policies for additional details.

Data Sharing

We do not sell your personal information. We share data only:

  • With service providers necessary to operate Granosi (listed above)
  • When required by law, regulation, or valid legal process
  • To protect the rights, safety, and security of Granosi, users, or others

International Data Transfers

Granosi backend services run on Google Cloud (for example, Cloud Functions in southamerica-east1). AI embedding services may run in other regions (for example, us-central1). Data may be transferred to and processed in countries other than your own. Where required, we rely on appropriate safeguards such as standard contractual clauses or equivalent mechanisms.

Data Retention

We retain information for as long as needed to provide the service:

  • Account and profile data: while your account is active
  • AI learning memory (encrypted on server): until you delete your account or until storage limits cause older chunks to be removed
  • Ad reward sessions: removed from our servers about 30 days after they are completed, expire, or are rejected
  • Ad reward transaction records (idempotency logs for rewarded ads): kept about 120 days, then deleted automatically
  • Subscription transaction records: kept while needed to validate purchases and prevent duplicate crediting (low volume)
  • Local diary data: on your device until you delete it, uninstall the app, or clear app data
  • Cloud backups: in your Drive or iCloud account until you delete them

You may request deletion of your account and associated server-side data by contacting us (see Your Choices and Rights below).

Data Security

We implement reasonable technical and organizational measures to protect your information, including:

  • Encrypted cloud backups (AES-256-GCM with PBKDF2 key derivation) stored in your Google Drive or iCloud account
  • Encrypted AI learning memory on our servers (AES-256-GCM for text fields, with per-user key derivation and backend-only access)
  • Firestore security rules that block direct client read/write access to learning memory collections
  • Authenticated API access for features that process your content

However, no method of transmission or storage over the internet is completely secure, and we cannot guarantee absolute security.

Your Choices and Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate profile information
  • Request deletion of your account and associated server-side data
  • Object to or restrict certain processing
  • Data portability, where applicable
  • Withdraw consent for optional processing (such as cloud backup)
  • Lodge a complaint with a supervisory authority (for example, under GDPR or LGPD)

To exercise these rights, email translation.daybook@gmail.com. We may need to verify your identity before processing requests.

You can also:

  • Disable cloud backup in app settings
  • Manage or cancel Granosi Plus through Google Play (Android)
  • Delete local data by clearing app data or uninstalling Granosi
  • Delete encrypted backup files from your Google Drive or iCloud account

Children's Privacy

Granosi is not directed to children under 13 years of age (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children below the applicable age. If you believe a child has provided us personal information, please contact us so we can take appropriate action.

Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest revision. Material changes may be communicated through the app or this website. Continued use of Granosi after changes take effect constitutes acceptance of the updated policy.

Contact

Privacy questions and data requests: translation.daybook@gmail.com

Relationship to Terms of Service

Your use of Granosi is also governed by our Terms of Service.