← Back to home
Legal

Privacy Policy

Effective date: March 16, 2026 · Last updated: March 16, 2026 ·  Questions? privacy@plurallog.com

1. Who we are

PluralLog is a software product developed and published under the Arcade Armor LLC entity. PluralLog is intended to stand on its own as an independent product; Arcade Armor LLC is the legal owner and the party responsible for this privacy policy.

PluralLog™ is an unregistered trademark of Arcade Armor LLC.

Privacy matters: privacy@plurallog.com
General contact: contact@plurallog.com

2. Our core principle

We do not collect your personal data. PluralLog is designed to operate entirely on your device. The app stores all data locally, encrypted. We have no servers that receive, store, or process your personal information as part of normal app operation.

Any data collection described in this policy is minimal, voluntary, and clearly disclosed below.

3. Data we collect and why

3.1 App usage — none

The PluralLog app collects no analytics, no crash reports, no usage data, and no telemetry. Your journals, member profiles, front logs, and all other in-app data live only on your device.

3.2 Website

Our website may collect:

  • IP addresses — collected automatically by our web hosting infrastructure for server security and rate limiting. These are not linked to personal profiles and are not retained beyond standard server log rotation (typically 30 days).
  • Cookies — we use only minimal, functional cookies (for example, to remember display preferences). We do not use tracking or advertising cookies. You can disable cookies in your browser without affecting your ability to use the site.

3.3 Email contact — voluntary

If you email us at any of our published addresses, we receive your email address and the contents of your message. We use this only to respond to your inquiry. We do not add you to any mailing list without explicit consent.

3.4 Future opt-in features

If we introduce optional features that involve data collection (such as an email newsletter or community forum), participation will be clearly voluntary, separately disclosed, and subject to explicit opt-in. This policy will be updated at that time.

4. Third parties

We do not share, sell, license, or otherwise transfer your personal data to any third party, with the following narrow exceptions:

  • Arcade Armor LLC — as the owning entity, Arcade Armor LLC may access data as needed for legal and operational purposes, and is bound by the same commitments described in this policy.
  • Legal requirements — we may disclose information if required by applicable law, court order, or governmental authority. We will make reasonable efforts to notify you of such requirements where legally permitted.
  • Web hosting infrastructure — our website host processes server logs containing IP addresses as described in section 3.2. We do not share personal information with them beyond what is technically necessary to serve the website.

We do not work with advertising networks, analytics companies, data brokers, or any other third parties for marketing or profiling purposes.

5. Federated relay servers

PluralLog's optional federation feature allows you to connect to a relay server of your choosing. These relay servers are not operated by Arcade Armor LLC or the PluralLog team unless we explicitly confirm otherwise in writing.

When you connect to a third-party relay server:

  • That server's operator is a separate and independent party with their own privacy practices.
  • Your data is encrypted end-to-end before leaving your device; the relay operator cannot read its contents under the current protocol design.
  • We accept no liability for data handling, availability, or security practices of third-party relay servers.
  • You connect to third-party relays entirely at your own discretion.

Any relay server we ourselves operate will be explicitly identified as such. Any server not listed as ours is independently operated.

6. Encryption and export compliance

PluralLog uses standard, widely-deployed cryptographic algorithms: AES-256-GCM for symmetric encryption, Ed25519 for digital signatures, X25519 for key exchange, and HKDF-SHA256 for key derivation. These are open, published standards implemented via publicly available libraries.

No proprietary encryption algorithms are used or exported. PluralLog does not develop, manufacture, or export encryption technology. The cryptographic implementations used in PluralLog are based on open-source libraries that are widely distributed and qualify under the encryption technology export license exemptions in U.S. Export Administration Regulations (EAR), specifically the “publicly available encryption items” provisions of 15 C.F.R. Part 742.15.

PluralLog is consumer software designed for personal use and does not provide encryption tools to foreign governments or military end-users. If you are distributing or deploying PluralLog in a jurisdiction with specific import controls on encryption software, it is your responsibility to ensure compliance with local laws.

7. Your rights

Because we collect minimal data, most rights are exercised directly through your device:

  • App data — all your PluralLog data is stored on your device. You can delete it at any time by clearing app data or uninstalling the app.
  • Relay server data — if you have connected to a relay, you may delete your account from within the app's federation settings. This sends a deletion request to the relay server to remove your encrypted volumes and account record.
  • Website data — to request deletion of website data (e.g., server logs), contact us at privacy@plurallog.com. We will process requests within 30 days.
  • Email correspondence — contact us to request deletion of any stored correspondence.

If you are in the European Economic Area, United Kingdom, or California, you may have additional rights under GDPR, UK GDPR, or CCPA respectively. We honor these rights regardless of your location.

8. Data retention

  • App data — retained on your device until you delete it. We have no copy.
  • Relay server data — retained until you delete your account from the relay. Third-party relays may have their own retention policies.
  • Server logs (website) — rotated within 30 days.
  • Email correspondence — retained as long as reasonably necessary to address your inquiry, then deleted.

9. Security

We take reasonable measures to protect any data we hold. All network communications use TLS 1.3. App data is AES-256-GCM encrypted on-device. Our relay server, where operated by us, stores only encrypted blobs and does not log request content.

No security measure is perfect. If you discover a security vulnerability, please contact privacy@plurallog.com before public disclosure.

10. Children

PluralLog is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, please contact us and we will delete it promptly.

11. Changes to this policy

We may update this policy from time to time. When we do, we will update the effective date at the top of this page. Significant changes will be noted in the app and on the website. Continued use of PluralLog after changes constitutes acceptance of the updated policy.

12. Contact

Privacy inquiries: privacy@plurallog.com
General: contact@plurallog.com
Support: support@plurallog.com
Press: press@plurallog.com