Back to Dashboard

Privacy Policy

Last updated: April 25, 2026

1. Introduction

IMPRINT ("we," "us," or "our") is a life-tracking web application operated by the IMPRINT Team, based in Thailand. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our service.

By using IMPRINT, you agree to the collection and use of information in accordance with this policy. We are committed to complying with the Thailand Personal Data Protection Act (PDPA), the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA) where applicable.

2. Information We Collect

2.1 Account Information

  • Name and email address (via Google OAuth)
  • Profile picture (from your Google account)
  • Date of birth (provided during onboarding)

2.2 User-Generated Content

  • Weekly logs and daily journal entries
  • Habits, milestones, and goals
  • People data (names and relationships you track)
  • Time entries and activity logs
  • Photos and images you upload
  • Calendar events (synced from Google Calendar)

2.3 Automatically Collected Information

  • Authentication session data (cookies and tokens)
  • Browser type, device information, and IP address
  • Usage patterns and feature interactions
  • Local storage preferences (theme, language)

3. How We Use Your Information

  • To provide and maintain the IMPRINT service
  • To authenticate your identity and secure your account
  • To sync and display your Google Calendar events back to you within IMPRINT (no other use)
  • To generate insights and visualizations from your in-app content (Google Calendar data is shown back to you only — not analyzed for product trends)
  • To enable data export and backup features at your request
  • To improve and develop new features using aggregated, in-app product usage signals (Google API data is excluded — see Section 5)
  • To communicate important service updates

4. Data Storage and Security

Your data is stored in a PostgreSQL database hosted on Supabase in the Singapore region. We implement the following security measures:

  • Row-level security (RLS) policies in the database
  • Encrypted connections (TLS/SSL) for all data in transit
  • AES-256-GCM encryption for data exports
  • OAuth 2.0 for authentication (no passwords stored)
  • API keys are hashed and never stored in plaintext

5. Third-Party Services

We use the following third-party services:

  • Google OAuthAuthentication and sign-in
  • Google Calendar APIRead and write calendar events (requires your explicit consent)
  • FacebookOptional social integration (only when you connect it)
  • SupabaseDatabase hosting, authentication, and storage (Singapore region)
  • VercelApplication hosting and deployment

Each third-party service has its own privacy policy. We encourage you to review them. We only share the minimum data necessary for each service to function.

Google API Services User Data Policy

IMPRINT's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Data we receive through Google Calendar (calendar events you choose to sync) is used solely to provide and improve the calendar sync feature within IMPRINT itself. In particular:

  • We do not transfer Google user data to third parties, except as necessary to provide or improve the user-facing feature you have requested, to comply with applicable law, or as part of a merger, acquisition, or asset sale (in which case the receiving party will continue to honor this policy).
  • We do not use Google user data to serve advertisements, including personalized or retargeted ads.
  • We do not allow humans to read Google user data, except with your explicit consent for specific data, when necessary for security purposes (such as investigating abuse), to comply with applicable law, or for limited internal operations using anonymized or aggregated data.
  • We do not use Google user data to develop, improve, or train generalized or non-personalized AI/ML models. Calendar event data is processed only to surface a user's own events back to that same user.

6. Cookies and Local Storage

IMPRINT uses:

  • Authentication cookiesEssential for maintaining your login session
  • Local storageTo save your theme preference, language setting, and offline data

We do not use third-party tracking cookies or advertising cookies.

7. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

  • AccessRequest a copy of all data we hold about you
  • ExportDownload your data in encrypted format (AES-256-GCM) at any time via the app
  • CorrectionUpdate or correct your personal information
  • DeletionRequest permanent deletion of your account and all associated data
  • PortabilityReceive your data in a structured, machine-readable format
  • Withdraw consentRevoke consent for optional data processing (e.g., Google Calendar sync, Facebook integration) at any time

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. Data Retention

We retain your data for as long as your account is active. If you request account deletion, we will permanently remove all your data within 30 days. Backups containing your data will be purged within 90 days of the deletion request.

9. Children's Privacy

IMPRINT is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal data, we will delete that information immediately. If you believe a child under 13 is using IMPRINT, please contact us.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your own (including Singapore, where our database is hosted, and the United States, where Vercel operates). We ensure appropriate safeguards are in place for such transfers in compliance with PDPA, GDPR, and CCPA requirements.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice in the app or sending an email. Continued use of IMPRINT after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us: