Yurnal.ing
Back to Home

Privacy Policy

Last updated: January 21, 2026

1. Information We Collect

We collect the following types of information:

  • Account Information: Name, email address, and authentication credentials
  • Usage Data: Journal entries, document attachments, access activity, and audit logs
  • Technical Data: IP address, browser type, device information
  • Payment Data: Billing information (processed securely via Stripe)

2. How We Use Your Information

We use your information to:

  • Provide and improve our Service
  • Process transactions and send billing information
  • Send technical notices and support messages
  • Maintain security and prevent fraud
  • Comply with legal obligations

3. Data Security

We implement industry-standard security measures to protect your data:

  • AES-256 encryption for all documents at rest and in transit
  • Encrypted databases with role-based access control
  • Annual SOC 2 Type II audits
  • Regular penetration testing
  • Background checks on all employees with data access

4. Journal Entry Storage and Retention

Your journal entries and attached documents are stored securely and automatically deleted based on your plan's retention policy. Once deleted, entries are permanently purged from our systems and cannot be recovered.

Retention by Plan:

  • • Free Plan: 30 days
  • • Pro Plan: 1 year
  • • Enterprise: Custom retention

5. Audit Logs

Yurnal maintains comprehensive audit logs of all journal entry access, including:

  • Journal entry creation and modifications
  • Document attachment and access
  • Entry viewing (including IP address and timestamp)
  • Account authentication events

Audit logs are retained for 7 years and are available for export by account owners.

6. Data Sharing

We do not sell your data. We only share data in the following circumstances:

  • With Your Consent: When you explicitly authorize sharing
  • Service Providers: With trusted partners who operate our infrastructure
  • Legal Requirements: When required by law or court order
  • Business Transfer: In connection with a merger or acquisition

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your journal entries and documents
  • Opt-out of marketing communications

To exercise these rights, contact us at privacy@yurnal.ing

8. Compliance

Yurnal complies with major data protection regulations:

  • GDPR: EU General Data Protection Regulation
  • HIPAA: Health Insurance Portability and Accountability Act (Business Associate Agreements available)
  • SOC 2: Service Organization Control 2 Type II
  • CCPA: California Consumer Privacy Act

9. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will take immediate steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes via email or through the Service. Your continued use after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or requests, please contact us at privacy@yurnal.ing