Μετάβαση στο κύριο περιεχόμενο

PRIVACY POLICY

Last Updated: 05/24/2026

This Privacy Policy ("Policy") explains how Eisberg Labs d.o.o. za proizvodnju i usluge ("we", "us", or "our") collects, uses, and protects information from users ("you") of the Dreamiary mobile application and related services (collectively, the "App" or "Services").

The App is designed to work without an account. Many of the data flows described below only apply if you opt in to a specific feature: signing in, AI dream interpretation, voice input, biometric lock, ads, or a paid subscription.

1. WHO WE ARE

Eisberg Labs d.o.o. za proizvodnju i usluge
Celjska ulica 3, 10000 Zagreb, Croatia
OIB: 44452565653
Website: https://www.eisberg-labs.com
Email: support@dreamiary.com

2. INFORMATION WE COLLECT IN THE APP

a. By Default (No Sign-In Required)

You can use the App without creating an account. When you do, we and our service providers may automatically collect:

  • Device type, operating system, and app version
  • IP address (used transiently for network requests)
  • App usage statistics (screens viewed, session duration) and performance data
  • Crash and error reports

Dreams you record without signing in are stored locally on your device in a SQLite database. They do not leave your device unless you sign in or use an opt-in feature described below.

Third-party services that may receive default technical data:

  • Firebase Analytics (Google LLC) - anonymous usage analytics. Firebase Privacy
  • Sentry (Functional Software, Inc.) - anonymous error and crash reporting. Sentry Privacy
  • Firebase Installations (Google LLC) - assigns an anonymous installation identifier used to attribute analytics and enforce free-tier usage limits.

b. If You Sign In (Optional)

Signing in is optional and enables cloud backup and cross-device sync. If you choose to sign in, we receive and store the identifying information your chosen provider returns:

  • Google Sign-In - your email address, name, and profile picture URL
  • Apple Sign-In - your email address (or Apple's private relay address) and name

Account information is managed by Firebase Authentication (Google LLC). Once signed in, your data is synced to Firebase Firestore (Google LLC) under your account so you can access it from another device.

Data stored in Firestore for signed-in users:

  • Content you create within the App
  • App settings and preferences

c. If You Use AI Features (Optional)

When you actively request an AI feature in the App, the relevant content (such as a dream excerpt and your selected language) is sent to a third-party AI provider for processing. We do not send your name or email. The result is returned to your device and, if you are signed in, may be saved with the related entry.

OpenAI does not use API data to train its models. OpenAI may retain the content for up to 30 days for abuse and misuse monitoring, after which it is deleted. For details, see OpenAI's API data usage policies.

If you do not use AI features, no dream content is ever sent to AI providers.

d. If You Subscribe (Optional)

If you purchase a paid subscription, billing is handled by:

  • Apple App Store (iOS) or Google Play Billing (Android) - process the payment itself. We never see your payment method.
  • RevenueCat, Inc. - manages subscription state and entitlement on our behalf. RevenueCat receives a subscription identifier and, if you are signed in, your email address and an app installation identifier so we can correlate purchases across devices. RevenueCat Privacy

e. If You See Ads (Free Tier Only)

If you are not a subscriber, the App may show interstitial or rewarded ads through Google AdMob (Google LLC). For users in the EU, EEA, UK, or Switzerland, we present Google's consent form before the first ad request so you can choose between personalized and non-personalized ads. Subscribers do not have the AdMob SDK loaded and no ad requests are made.

f. If You Use Voice Input (Optional)

If you choose to dictate a dream, the App requests microphone and speech recognition permission. Audio is transcribed by your device's built-in speech recognition (Apple on iOS, Google on Android). We do not record or store the audio.

g. If You Enable Biometric Lock (Optional)

If you enable biometric lock to protect your journal, the App uses your device's Face ID, Touch ID, or fingerprint through the operating system. Your biometric data never leaves the device and is never sent to us.

h. If You Send Feedback (Optional)

If you contact us through the in-app feedback form, we receive your message together with any contact details you choose to provide and basic technical context to help us reproduce the issue and respond to you. Feedback is stored in our Firestore database and delivered to our support inbox via Mailgun Technologies, Inc. (EU region).

i. Notifications

Any notifications the App sends you are scheduled and delivered locally by your device. We do not use push servers and do not collect device push tokens.

3. INFORMATION WE COLLECT ON THE WEBSITE

The Dreamiary website may use cookies, analytics, and third-party advertising services to support functionality and display relevant content or ads. These technologies may collect:

  • Browser type and version
  • IP address and location (approximate)
  • Pages visited and time spent
  • Cookies or similar identifiers

Advertising and Analytics

The website uses Google AdSense (Google LLC) to display advertisements. Google AdSense uses cookies, including the DoubleClick cookie, to serve ads based on your prior visits to this website and other sites across the internet. These cookies allow Google and its partners to serve ads to you based on your visit to our site and/or other sites on the internet.

You may opt out of personalized advertising by visiting Google Ad Settings or www.aboutads.info. You can also manage or disable cookies in your browser settings.

For more information about how Google uses data when you use our website, see: https://policies.google.com/technologies/partner-sites

4. USE OF THE ADVERTISING ID

If you are on the free tier and have consented to ads, Google AdMob may use your device's advertising identifier (Google Advertising ID on Android, IDFA on iOS) to serve and measure ads. Firebase Analytics may reference the advertising identifier on Android where available.

You can reset or opt out of personalized ads at any time through your device settings:

  • Android: Settings -> Google -> Ads
  • iOS: Settings -> Privacy & Security -> Tracking

Subscribers do not have ads loaded and the advertising identifier is not used by AdMob.

5. HOW WE USE INFORMATION

We use collected information to:

  • Operate, maintain, and sync the Services
  • Provide AI interpretation when you request it
  • Process subscriptions and enforce free-tier limits
  • Analyze app and website performance
  • Improve user experience
  • Identify and fix technical problems
  • Display advertisements in the free tier (via Google AdMob) and on the website (via Google AdSense)
  • Respond to feedback and support requests

We do not sell your personal data.

6. LEGAL BASES (EEA / UK USERS)

Where the General Data Protection Regulation (GDPR) or UK GDPR applies, we rely on the following legal bases:

  • Performance of a contract - providing the App, syncing your account, processing your subscription, and fulfilling AI features you actively request
  • Consent - ad personalization where required, and iOS App Tracking Transparency
  • Legitimate interests - basic analytics, crash reporting, fraud and abuse prevention
  • Legal obligation - responding to lawful requests from authorities

7. SHARING INFORMATION

We share information only with:

  • The service providers listed in Sections 2 and 3, who process data on our behalf
  • Authorities, where disclosure is required by law
  • A successor entity, if our business or assets are sold or merged

8. INTERNATIONAL DATA TRANSFERS

Some of our service providers (Firebase, Sentry, OpenAI, RevenueCat, Google AdMob and AdSense) are based in the United States or other countries outside the European Economic Area. Where data is transferred internationally, we rely on the providers' Standard Contractual Clauses or equivalent safeguards approved under GDPR.

9. DATA RETENTION

  • Dreams and account data are kept until you delete the dream, delete your account, or sign out and uninstall the App.
  • Local-only dreams (no sign-in) are removed when you uninstall the App.
  • Analytics and crash data are retained according to the third-party provider's defaults (typically up to 14 months for Firebase Analytics, up to 90 days for Sentry).
  • Feedback messages are retained for as long as needed to resolve your request and for our records.

10. YOUR RIGHTS

Depending on where you live (EEA, UK, California, and other jurisdictions with similar laws), you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Delete your data ("right to be forgotten")
  • Export your data in a portable format
  • Object to or restrict certain processing
  • Withdraw consent at any time (for processing based on consent)
  • Lodge a complaint with your local data protection authority (in Croatia: AZOP)

To exercise any of these rights, contact us at support@dreamiary.com.

11. ACCOUNT AND DATA DELETION

If you are signed in, you can delete your account and all associated data directly from the App. This permanently removes your dreams, tags, emotions, settings, and authentication record from our servers.

If you used the App without signing in, your dreams are stored only on your device - uninstalling the App removes them.

You can also request deletion by emailing support@dreamiary.com.

12. DATA SECURITY

We use appropriate technical and organizational measures to protect data, including:

  • Encrypted device-only storage for sensitive settings (Secure Store / Keychain)
  • TLS for all network communication
  • Firebase Authentication and Firestore security rules restricting access to your own data
  • Optional biometric lock on the device

However, no method of transmission or storage is completely secure.

13. CHILDREN'S PRIVACY

Our Services are not directed to children under 16 in the EU/EEA, under 13 in the United States, or under the equivalent minimum age in your jurisdiction. We do not knowingly collect data from children. If we discover such data, we delete it immediately.

14. CHANGES TO THIS POLICY

We may update this Policy periodically. The "Last Updated" date at the top indicates the most recent version. Continued use of our Services means you accept any updates.

15. CONTACT US

If you have any questions or concerns about this Policy, contact us at: 📧 support@dreamiary.com