Back to Dashboard

Privacy Policy

Last updated: April 13, 2026

1. Introduction

IMPRINT ("we," "us," or "our") is a life-tracking web application operated by the IMPRINT Team, based in Thailand. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our service.

By using IMPRINT, you agree to the collection and use of information in accordance with this policy. We are committed to complying with the Thailand Personal Data Protection Act (PDPA), the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA) where applicable.

2. Information We Collect

2.1 Account Information

  • Name and email address (via Google OAuth)
  • Profile picture (from your Google account)
  • Date of birth (provided during onboarding)

2.2 User-Generated Content

  • Weekly logs and daily journal entries
  • Habits, milestones, and goals
  • People data (names and relationships you track)
  • Time entries and activity logs
  • Photos and images you upload
  • Calendar events (synced from Google Calendar)

2.3 Automatically Collected Information

  • Authentication session data (cookies and tokens)
  • Browser type, device information, and IP address
  • Usage patterns and feature interactions
  • Local storage preferences (theme, language)

3. How We Use Your Information

  • To provide and maintain the IMPRINT service
  • To authenticate your identity and secure your account
  • To sync and display your calendar events
  • To generate insights and visualizations from your data
  • To enable data export and backup features
  • To improve and develop new features
  • To communicate important service updates

4. Data Storage and Security

Your data is stored in a PostgreSQL database hosted on Supabase in the Singapore region. We implement the following security measures:

  • Row-level security (RLS) policies in the database
  • Encrypted connections (TLS/SSL) for all data in transit
  • AES-256-GCM encryption for data exports
  • OAuth 2.0 for authentication (no passwords stored)
  • API keys are hashed and never stored in plaintext

5. Third-Party Services

We use the following third-party services:

  • Google OAuth — Authentication and sign-in
  • Google Calendar API — Read and write calendar events (requires your explicit consent)
  • Facebook — Optional social integration (only when you connect it)
  • Supabase — Database hosting, authentication, and storage (Singapore region)
  • Vercel — Application hosting and deployment

Each third-party service has its own privacy policy. We encourage you to review them. We only share the minimum data necessary for each service to function.

6. Cookies and Local Storage

IMPRINT uses:

  • Authentication cookies — Essential for maintaining your login session
  • Local storage — To save your theme preference, language setting, and offline data

We do not use third-party tracking cookies or advertising cookies.

7. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

  • Access — Request a copy of all data we hold about you
  • Export — Download your data in encrypted format (AES-256-GCM) at any time via the app
  • Correction — Update or correct your personal information
  • Deletion — Request permanent deletion of your account and all associated data
  • Portability — Receive your data in a structured, machine-readable format
  • Withdraw consent — Revoke consent for optional data processing (e.g., Google Calendar sync, Facebook integration) at any time

To exercise any of these rights, contact us at imprintapp.team@gmail.com. We will respond within 30 days.

8. Data Retention

We retain your data for as long as your account is active. If you request account deletion, we will permanently remove all your data within 30 days. Backups containing your data will be purged within 90 days of the deletion request.

9. Children's Privacy

IMPRINT is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal data, we will delete that information immediately. If you believe a child under 13 is using IMPRINT, please contact us.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your own (including Singapore, where our database is hosted, and the United States, where Vercel operates). We ensure appropriate safeguards are in place for such transfers in compliance with PDPA, GDPR, and CCPA requirements.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice in the app or sending an email. Continued use of IMPRINT after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us: