Halname Privacy Policy
Halname (حالنامه) is a personal journal for iPhone where you log good and hard moments of your day. It is private by default: the app works fully without an account, and your entries stay on your device unless you explicitly sign in to enable sync. This policy states, factually, what the app stores, where, and who can access it.
1. Using Halname without an account (the default)
- Your entries — the date, whether the moment was good or hard, your one-line note, and the time it was saved — are stored in a database on your device only.
- The local database is protected with iOS Data Protection (complete file protection): it is encrypted at rest with keys derived from your device passcode.
- Reminder times and app settings are likewise stored on the device.
- In this mode, your entries are never transmitted to us or to anyone else.
2. Optional sign-in and sync
You may sign in with Sign in with Apple or Google to back up your entries and sync them across your devices. Sign-in is never required to use the app. If you sign in:
- Account data we receive: a unique user identifier, and the name and email address your identity provider (Apple or Google) shares. Authentication is handled by Firebase Authentication (a Google service).
- Where entries are stored: in Google Cloud Firestore, in a private area tied to your account. Server-side security rules permit only your authenticated account to read or write your data.
- End-to-end encryption of notes: the text of every note is encrypted on your device with AES-256-GCM before upload. The encryption key is generated on your device and stored in your iCloud Keychain; it is never sent to us or to Google. Google's servers store only ciphertext — neither dbaydev LLC nor Google can read your notes.
- What is not end-to-end encrypted: the entry date, the good/hard flag, and timestamps are stored in ordinary (server-side encrypted) form, as they are needed to order and sync entries. They remain private to your account.
- A practical caveat: because only your devices hold the note key, losing access to your iCloud Keychain means your synced note text cannot be recovered by anyone, including us.
- Signing out stops syncing; your local data remains on the device.
3. Usage analytics
Halname records anonymized usage statistics through Google Analytics for Firebase so we can understand how many people use the app and which features matter. This includes counts of events such as: an entry was saved (only whether it was good or hard — never the note text), onboarding was completed, a reminder was added, and a sign-in was completed, along with standard device information collected by the SDK (such as device model, OS version, and app opens). We do not use advertising SDKs and do not track you across other apps or websites.
4. Reminders and notifications
Daily reminders are local notifications, scheduled entirely on your device. No notification data is sent to any server.
5. Ratings prompt
Halname may occasionally show Apple's standard in-app rating prompt. This is handled by iOS; the app sends nothing to us.
6. What Halname does NOT do
- No advertising and no advertising SDKs.
- No selling or sharing of your data with third parties beyond the processors listed below.
- No reading of your note content by us or by Google — synced notes are end-to-end encrypted.
- No location collection, no contact access, no cross-app tracking.
7. Third-party processors
- Google LLC — Firebase Authentication (sign-in), Cloud Firestore (encrypted sync storage), and Google Analytics for Firebase (anonymized usage statistics). Servers located in the United States. See Firebase's privacy documentation.
- Apple Inc. — App Store distribution, Sign in with Apple, iCloud Keychain (stores your note-encryption key), and the in-app rating system.
8. Data retention & deletion
- Entries: deleting an entry in the app removes it from your device and, if you are signed in, from the synced copy in Firestore.
- Local data: deleting the app removes all locally stored data.
- Account: to delete your account and all synced data, email dev@dbay.dev from the address linked to your account and we will remove it.
9. Children
Halname is not directed to children under 13 and does not knowingly collect data from them.
10. Security
All network traffic uses TLS encryption. Local data is encrypted at rest by iOS Data Protection. Synced note text is additionally end-to-end encrypted with a key held only in your iCloud Keychain.
11. Changes to this policy
We may update this policy from time to time. When we do, we will revise the effective date above accordingly.
12. Contact
Halname is owned and operated by dbaydev LLC, 30 N Gould St, Sheridan, WY 82801-6317, United States. For privacy questions or data requests, contact dev@dbay.dev.
Last Updated: July 5, 2026