Privacy Policy

Last updated: March 25, 2026

1. Overview

Your privacy matters. Blip It! is operated by Leverageup Solutions and Services, a company registered in Singapore. This policy explains what data we collect, why we collect it, and how we protect it. We designed the Service to be minimal in what we ask from you.

2. Data We Collect

Account data: Your email address and a securely hashed password (if you register with email). If you sign in with Google, we receive your email, name, and profile photo from Google. We never store your Google password or access token beyond the initial authentication.

Your entries (blips): The blips you write are encrypted using AES-256-CBC before being stored in the database. No plaintext version of your entries is stored. Timestamps and automatically generated mood analysis metadata (mood label, score, emoji) are stored alongside the encrypted content.

Session data: IP address, user agent, and session tokens for maintaining your login.

Login attempts: IP address and timestamp for rate limiting and security purposes.

3. How We Use Your Data

Your data is used solely to provide the Service to you. Specifically:

Your email is used for authentication and account recovery. Your entries are stored to display your blips and generate mood insights. Session data keeps you logged in. Login attempt data protects your account from brute-force attacks.

4. Mood Analysis

Blip It! analyzes the text of your entries to detect mood and sentiment. This processing happens entirely on our servers using our own algorithms — no data is sent to third-party AI services or APIs. The mood analysis results (label, score, emoji, confidence) are stored alongside your entries.

5. Data Sharing

We do not sell, rent, or share your personal data with third parties. Your entries are private to you. The only exception would be if required by law through a valid legal process.

6. Data Storage & Security

Encryption at rest: All entries are encrypted using AES-256-CBC with a unique random initialization vector (IV) per entry before being written to the database. The encryption key is stored securely on the server and is never included in the database itself. No plaintext version of your entries exists in our database.

Mood analysis metadata: Mood labels, scores, and emoji indicators derived from your entries are stored unencrypted. These are non-sensitive aggregate classifications (e.g., "happy", "reflective") and do not contain the text of your entries.

Additional security measures: HTTPS encryption for all data in transit, prepared SQL statements to prevent injection attacks, CSRF tokens to prevent cross-site request forgery, rate limiting to prevent brute-force attacks, secure password hashing using modern algorithms, and HTTP-only session cookies.

7. Cookies

We use a single session cookie to keep you logged in. We do not use tracking cookies, analytics cookies, or any third-party cookies. The session cookie is HTTP-only and secure.

8. Your Rights

Access: You can view all your data within the app at any time.

Export: You can export all your entries as JSON or CSV from the Settings page.

Deletion: You can permanently delete your account and all associated data from the Settings page. Deletion is immediate and irreversible.

Correction: You can edit or delete individual entries at any time.

9. Data Retention

Your data is retained for as long as your account exists. Deleted entries are soft-deleted initially and may be permanently purged periodically. When you delete your account, all data is permanently removed.

10. Children's Privacy

Blip It! is not intended for children under 13. We do not knowingly collect data from children under 13. If you believe a child has created an account, please contact us.

11. Changes to This Policy

We may update this policy from time to time. We will indicate the date of the latest revision at the top of this page.

12. Contact

For privacy-related questions or data requests, contact us at hello@blipit.space.

Data Controller: Leverageup Solutions and Services, Singapore.