← Back to Home

Privacy Policy

ORMA ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use the ORMA Android application.

1. Our Core Promise: Offline First

ORMA is designed with an "Offline-First" philosophy. This means:

• Local Storage: All your journal entries, notes, photos, and voice memos are stored directly on your device.
• No Behavior Tracking: We do not track your behavior, usage patterns, or digital activity within other apps for advertising purposes.
• No Cloud Harvesting: We do not upload your journal content to our servers. We do not have access to your data.

2. Data Handling & Privacy Protections

Your privacy is reinforced with security features built directly into the app:

• Biometric Protection: You can secure your journal entries with your device's fingerprint or face authentication.
• Recents & Screenshot Protection: ORMA includes "Screen Protection" (FLAG_SECURE) which blacks out your app content in the system's "Recent Apps" switcher and prevents screenshots of your private notes.
• GPS Metadata Protection: When you add photos, ORMA is designed to automatically exclude GPS location metadata to protect your privacy.
• Local Vault & Nightly Auto-Backup: ORMA offers industry-standard AES-GCM encryption for backups. If you link a "Local Vault" folder, the app can perform nightly auto-backups. All backup data is encrypted locally and stored only on your device or in your chosen local folder.

3. Permissions

To provide its core functionality, ORMA requires certain permissions solely for manual journaling:

• Microphone: Used only when you choose to record a voice memo.
• Camera/Storage: Used only when you choose to attach or take photos.
• Internet: Reserved for fetching metadata context (title and preview) for links you choose to share with ORMA as "Web Threads." We do not track the source application of shared content.

ORMA does not sell your data to third parties. We do not use third-party analytics SDKs. Standard Google Play crash reporting (Android Vitals) and Google Play Billing services are used for stability and monetization.

4. Payment Processing

ORMA uses Google Play Billing for all in-app purchases.

• Financial Privacy: We do not collect, process, or store your credit card or financial information. All payment transactions are handled securely by Google.
• Transaction Identifiers: We may process anonymized transaction tokens and purchase history solely to verify your Premium status and provide access to features you have purchased.

5. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

Last updated: February 18, 2026