LLogForMe
Get Started

Docs

Privacy & data

Updated Apr 23, 2026

Short, plain-language summary of what LogForMe stores, why, and how you control it. For the formal legal text, see logforme.com/legal/privacy.

What we store

Account info

  • Email address.
  • Name.
  • Password (hashed with a modern algorithm - we never see or store the plaintext).
  • Email verification status.

Product content (yours)

  • Projects, Time Frames, Entries, Taxes, Preferences - exactly what you create in the app.
  • Invoices you've generated (the PDF URL + metadata; the PDF can be regenerated on demand).

Product usage (limited analytics)

  • Pages visited, in aggregate.
  • Feature usage metrics (which dialogs opened, how many entries created - no content).
  • Performance telemetry (load times, error rates).

Voice recordings (verbal-entry feature)

  • Audio is streamed to the backend for transcription.
  • The audio is removed immediately after the transcription request completes - we don't retain the raw recording at all.
  • The transcribed text flows through the same pipeline as any entry you type - we store the entry itself (description, duration, billable flag) but not the original audio.

Payment data

We don't store any. LemonSqueezy processes payments as Merchant of Record. Your card details go directly to them; we see only the subscription status and metadata (plan, renewal date).

What we don't store

  • Payment card numbers or bank details.
  • Browser fingerprints for tracking/ad targeting.
  • IPs of your clients (they don't interact with LogForMe directly).
  • Anything from your device beyond what you actively send to us.

Why we store it

  • Provide the service. Your data has to exist somewhere for the app to work.
  • Improve the product. Aggregate usage metrics help us prioritize features.
  • Comply with the law. Tax data, subscription records, and the like.

Who else sees it

A short list of subprocessors. Each has their own privacy commitments.

  • LemonSqueezy - payments, Merchant of Record.
  • Cloudflare - frontend delivery, CDN, DDoS protection.
  • DigitalOcean - United States (NYC1) - application and database hosting.
  • Loops.so - transactional and marketing email (account verification, password resets, product notifications, and periodic marketing campaigns). Transactional email is non-optional; marketing email has an unsubscribe link in every message.
  • PostHog - product analytics (aggregate usage metrics).
  • Sentry - error reporting and performance monitoring (we see stack traces and request metadata for crashes, not your time-tracking content).
  • OpenAI (Whisper) - speech-to-text transcription for verbal entries.
  • ElevenLabs - additional transcription / speech processing as a secondary provider.
  • Anthropic (Claude), OpenAI (GPT models), and other LLM providers - used to parse transcribed text into structured entry fields and for other AI-assisted features. The specific model may change over time as we tune cost and quality.

None of these subprocessors are granted standing access to your content - data is sent only when needed to complete a specific request (e.g., an audio blob to Whisper for the duration of a single transcription, a transcribed prompt to an LLM for a single parse).

We don't sell your data. We don't use it for advertising. We don't share it with anyone outside this list.

Your rights

Under GDPR (if in the EU), CCPA (if in California), and similar regimes, you have the right to:

  • Access: get a copy of what we store about you.
  • Export: download your data in a machine-readable format.
  • Correct: fix anything that's wrong.
  • Delete: have it all removed.
  • Object: restrict or stop certain processing.

All of these are available self-service in the app (Settings → Account) or by emailing operations@logforme.com.

Data retention

  • While subscribed: indefinitely.
  • After cancellation: 60 days, then deleted.
  • On account deletion: 30 days, then deleted (lag is so backups age out).

Cookies

  • Essential cookies (auth session, theme preference) are set always. You can't opt out and still have the app work.
  • Analytics cookies (if any - depends on the analytics provider) are optional and gated by a cookie banner in EU/UK traffic.
  • No tracking or advertising cookies, ever.

See the cookie policy at logforme.com/legal/cookies for the current list of cookies and their purposes.

Security

  • HTTPS everywhere (TLS 1.2+).
  • Passwords hashed with a modern algorithm.
  • Regular backups, encrypted.
  • No third-party can log in on your behalf.

We don't have a SOC2 audit. If your compliance posture requires one, use the Community Edition on your own infrastructure - then the security posture is entirely yours.

Reporting a security issue

Email operations@logforme.com with details (a dedicated security@ alias may be added later as volume grows). Please don't post to public social media or GitHub Issues until we've had a chance to fix it. We appreciate responsible disclosure.

Changes to this policy

Material changes → email notification.

Non-material changes (typo fixes, link updates) → quietly. The formal privacy policy on the marketing site always reflects the current state.