This is the more detailed companion to Our no-logs policy. For each field we store, here's exactly what it is and why we need it.
Identification
- Email — for sign-in, password reset, billing receipts, and security notifications.
- Hashed password (Argon2id) — for sign-in. We can never see the plaintext.
- Display name (optional, user-set) — shown in the account menu.
Subscription
- Plan code — Free, Pro Monthly, Pro Annual, Lifetime.
- Store of record — App Store, Google Play, Stripe, Coingate.
- Status — trialing, active, past_due, canceled, expired.
- Renewal date — when the next charge happens.
Device tracking
- Device fingerprint hash — to enforce the per-plan device limit.
- Platform and OS version — to support troubleshooting and ship platform-specific updates.
- Last-seen timestamp — to expire idle device slots automatically.
Compliance
- Approximate sign-up country — derived once from IP at registration. Used for tax and regional pricing.
Everything we don't list here, we don't store.