Privacy Policy - LatteLog
Last Updated: December 8, 2025
Introduction
LatteLog ("we," "us," or "our") is operated by Connor Thorpe (sole proprietor) and respects your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.
By using LatteLog, you agree to this Privacy Policy. If you don't agree, please don't use the app.
Information We Collect
Account Information
When you create an account using Google Sign-In or Apple Sign-In, we collect:
Your name
Your email address
This information is used solely to create and manage your account.
Journal Content
Your coffee journal entries, including:
Cafe names
Coffee drink names
Ratings (1-5 coffee beans)
Coffee style selection (from our pre-made illustrations)
Optional notes and price information
Entry dates
Technical Information
We automatically collect basic usage data to maintain and improve the app:
Device type and operating system
App version
Error and crash reports
How We Use Your Information
We use your information to:
Provide and maintain LatteLog's features
Sync your journal across your devices
Process in-app purchases
Respond to your support requests
Fix bugs and improve app performance
Send important account notifications
Location Information
When you add a journal entry, we may request access to your device's location to show nearby cafes. This is optional - you can deny permission and manually enter cafe names instead.
If you grant location permission:
Your location is used only to query Google Places API for nearby cafes
We do not store your device location
We store only the cafe's location data (name, address, place ID) that you select
You can revoke location permission at any time in your device settings.
We do not:
Sell your data to third parties
Use your data for advertising purposes
Share your journal with other users
Access or read your private journal entries except when legally required or with your explicit permission for technical support
Legal Basis for Processing (GDPR)
We process your data based on:
Contract performance: Account information and journal content are necessary to provide LatteLog's services
Legitimate interest: Technical information is collected to maintain app functionality and security
Data Storage and Security
Where Your Data Is Stored
Your journal data is stored:
Locally on your device (using secure device storage)
In our secure cloud database hosted by Supabase (USA) to enable sync across your devices
Security Measures
We use industry-standard security practices to protect your information:
Encryption in transit (TLS/SSL)
Encryption at rest (via Supabase)
Secure authentication protocols
However, no internet transmission is 100% secure. We cannot guarantee absolute security, but we take reasonable measures to protect your data.
Service Providers
We work with trusted third-party service providers who process data only as instructed:
Supabase (USA): Secure database hosting and data synchronization
Supabase Privacy PolicyRevenueCat (USA): In-app purchase processing and subscription management
RevenueCat Privacy PolicyGoogle (USA): Authentication service (Google Sign-In)
Google Privacy PolicyGoogle Places API (USA): Cafe search and location suggestions
Google Privacy PolicyApple (USA): Authentication service (Apple Sign-In)
Apple Privacy Policy
All providers are GDPR-compliant and have appropriate data processing agreements in place.
Note: RevenueCat processes transaction data for purchases but does not store or access your journal content.
Sharing Your Information
We only share your information in these limited circumstances:
Legal Requirements
We may disclose information if required by Norwegian law, court order, or to protect the rights, safety, and security of LatteLog, our users, or others.
Business Transfers
If LatteLog is acquired, merged, or undergoes a business transfer, your information may be transferred to the acquiring entity. We will notify you via email and/or in-app notification before this occurs.
Your Rights (GDPR)
Under GDPR and Norwegian data protection law, you have the right to:
Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Delete your account and associated data
Export: Receive your data in JSON format
Objection: Object to data processing
Withdraw Consent: Revoke consent for data processing at any time
How to Exercise Your Rights
Delete your account directly in the LatteLog app under Settings, or contact us at pixelrainstudios@gmail.com. We will respond within 30 days and delete your data within 30 days after account deletion, unless legally required to retain certain information.
Right to Lodge a Complaint
You have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) if you believe we've mishandled your data.
Data Retention
We retain your data as long as your account is active. After account deletion, we permanently delete your data within 30 days, unless we're legally required to retain certain information (e.g., transaction records for tax purposes).
Children's Privacy
LatteLog is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover that a child has provided us with personal information, we will delete it immediately.
International Data Transfers
Your data may be stored and processed outside Norway (via our service providers in the USA). All data transfers comply with GDPR requirements, including Standard Contractual Clauses and adequate safeguards to protect your information.
Cookies & Analytics
Mobile App
LatteLog does not use cookies in the mobile app. We do not currently use third-party analytics services.
Future Website
If we launch a website, we will only use essential cookies required for functionality. Any non-essential cookies will require your explicit consent.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via:
Email to your registered address
In-app notification