privacy at nuuko
your words are yours. here's exactly how we handle them.
last updated: december 2024
the short version
nuuko is local-first. your journal entries live on your device by default. we can't read them, sell them, or use them to train AI. if you enable cloud sync, your entries are encrypted before they leave your browser.
how your data is stored
nuuko uses a local-first architecture. this means:
- without an account: all your entries are stored in your browser (IndexedDB + localStorage). nothing ever leaves your device. if you clear your browser data, your entries are gone—so consider exporting them occasionally.
- with an account: your entries are still stored locally first. when you enable sync, they're encrypted on your device before being sent to our servers. we store the encrypted data—we cannot read it.
| data type | where it's stored | who can read it |
|---|---|---|
| journal entries (no account) | your browser only | only you |
| journal entries (with sync) | your browser + our servers (encrypted) | only you (we can't decrypt) |
| account info (email) | our database (Supabase) | us (for login only) |
| mood & writing stats | your browser only | only you |
encryption details
when cloud sync is enabled, your entries are encrypted client-side before upload:
- algorithm: AES-256-GCM — military-grade encryption
- key derivation: PBKDF2 with 100,000 iterations using your password
- what's encrypted: your journal entry content
- what's not encrypted: entry timestamps, mood tags, and word counts (needed for sorting/display)
important: if you forget your password, we cannot recover your encrypted entries. there's no backdoor. that's the point.
analytics (optional)
when enabled, we use vercel web analytics for anonymous page-view counts. it runs without cookies, and we don't send personal data. if the analytics token isn't configured, nothing loads.
what we don't do
- no ads. we don't show ads and never will.
- no ad pixels or cross-site trackers. if analytics are on, it's only vercel's cookie-free page views.
- no selling data. your entries are not a product.
- no AI training. your words are not used to train any AI models.
- no third-party access. no one else sees your data.
ai summaries (optional)
nuuko offers an optional AI summary feature powered by Google's Gemini API. here's how it works:
- you choose which entries to include—it's opt-in per summary
- selected entries are sent to Gemini only when you tap "share with gemini"
- we don't store the data sent to Gemini—it's a one-time request
- Google's Gemini API has its own privacy policy for processing
if you never use this feature, your entries never touch any AI service.
data you can control
- export: download all your entries anytime from settings
- delete: delete individual entries or clear everything
- account deletion: email us and we'll delete your account and all server-side data
browser permissions
nuuko may request these browser permissions:
- persistent storage: prevents your browser from auto-deleting your entries when storage runs low
- notifications (optional): gentle reminders to journal—you control the frequency
we don't request camera, microphone, or location access.
our infrastructure
- hosting: Vercel (frontend) + Supabase (database)
- servers: located in the US
- https: all connections are encrypted in transit
questions?
if you have any questions about how nuuko handles your data, reach out anytime. we're a small team and we care about getting this right.