CrackLog CrackLog

Privacy Policy

Effective date: June 26, 2026 · Last updated: June 26, 2026

1. Introduction

CrackLog ("we," "us," or "our") operates the CrackLog mobile application (package name com.cracklog.monityl) and the website at https://crack-log.com (collectively, the "Service").

This Privacy Policy explains what information we collect, how we use it, with whom we share it, and the choices you have. By using the Service, you agree to the collection and use of information as described here.

Important: CrackLog provides informational crack assessments powered by AI. It is not a substitute for professional structural engineering, inspection, or legal advice.

2. Data We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address and password (for email sign-up)
  • Display name
  • Firebase user ID (UID)
  • Google profile information if you sign in with Google (name, email, profile photo URL)

2.2 User-Generated Content

When you use CrackLog, you may provide:

  • Photographs of structural cracks (captured via camera or selected from your gallery)
  • Crack labels, surface types, property labels, and notes
  • Measurement data (width, length, confidence scores) generated on your device
  • AI-generated analysis results (crack classification, severity assessments, recommendations)
  • PDF reports you generate within the app
  • Custom company logo (Inspector subscription tier only)

2.3 Subscription & Billing Data

If you purchase a subscription, payment is processed entirely by Google Play. We receive and store:

  • Subscription product ID and tier level
  • Google Play purchase token (for verification and entitlement management)
  • Subscription expiry date
  • Monthly usage counters (scans and reports used)

We do not collect or store credit card numbers or other payment instrument details.

2.4 Device & Technical Data

We may automatically collect:

  • Device type, operating system version, and app version
  • Firebase installation identifiers and App Check attestation tokens
  • Standard analytics events via Firebase Analytics (if enabled by Google)
  • Crash or performance data only if enabled in future app versions

2.5 Data We Do Not Collect

CrackLog does not collect:

  • Precise geographic location (GPS) — "surface location" in the app refers to crack surface type (e.g., wall, foundation), not your physical location
  • Contacts, microphone audio, SMS, or call logs
  • Advertising identifiers for ad targeting (we do not show ads)

2.6 Local Device Data

The app stores data locally on your device using Room database and DataStore preferences, including cached cracks, scans, reports, theme and language preferences, and reminder settings. Local data may be included in Android system backups depending on your device settings.

3. How We Use Your Data

We use collected information to:

  • Provide, maintain, and improve the CrackLog service
  • Authenticate your account and sync data across devices
  • Process crack images through on-device computer vision and cloud AI analysis
  • Generate growth trend summaries and PDF reports
  • Manage subscription entitlements and usage limits
  • Send local reminder notifications you configure (processed on-device; we do not send push notifications from our servers)
  • Protect against fraud, abuse, and unauthorized access (via Firebase App Check)
  • Respond to support requests
  • Comply with legal obligations

4. AI Processing

CrackLog uses Google Gemini AI to analyze crack photographs and generate text summaries. When you request AI analysis:

  • Your crack photograph is sent as a JPEG image to our secure Firebase Cloud Functions
  • Our servers forward the image and associated measurement metadata to Google's Generative Language API (Gemini)
  • For growth summaries, only historical measurement dates and widths are sent — not photographs
  • AI responses are stored in your account and displayed in the app

AI analysis requires an authenticated account and is subject to your subscription tier's usage limits. Google's use of data sent to the Gemini API is governed by Google's Privacy Policy and applicable API terms.

5. Third-Party Services

We use the following third-party services that may process your data:

  • Google Firebase — Authentication, Cloud Firestore database, Cloud Storage, Cloud Functions, App Check, and Analytics (Firebase Privacy)
  • Google Gemini — AI image analysis and text generation (Gemini API Terms)
  • Google Play — In-app subscription billing and purchase verification (Google Privacy Policy)
  • Google Sign-In — Optional authentication (Google Privacy Policy)
  • OpenCV — On-device computer vision processing (runs locally; no data sent to OpenCV)

We do not sell your personal information to third parties. We do not use your data for third-party advertising.

6. Data Storage & Security

Your cloud data is stored in Google Firebase infrastructure, primarily in the United States (us-central1 region for Cloud Functions). Data is organized per user account:

  • Profile and subscription: users/{your-uid}
  • Crack records: users/{your-uid}/cracks/{crack-id}
  • Scan data: users/{your-uid}/cracks/{crack-id}/scans/{scan-id}
  • Reports: users/{your-uid}/reports/{report-id}
  • Photos: users/{your-uid}/cracks/.../original.jpg
  • PDFs: users/{your-uid}/reports/.../report.pdf

Access to your cloud data is restricted by Firebase Security Rules so that only you (when authenticated) can read or write your data. All network communication uses HTTPS/TLS encryption. Firebase App Check helps prevent unauthorized API access.

While we implement industry-standard safeguards, no method of transmission or storage is 100% secure. You are responsible for keeping your account credentials confidential.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account and crack data are kept until you delete your account or request deletion
  • Subscription records are retained as required for billing reconciliation and legal compliance
  • Usage counters reset monthly per your billing cycle
  • Local device data persists until you uninstall the app or clear app data

When you delete your account through the app, your Firebase Authentication account is removed and local preferences are cleared. To request complete deletion of all cloud-stored data (Firestore documents, Storage files), contact us at [email protected]. We will process verified requests within 30 days.

8. Your Rights & Choices

Depending on your location, you may have the following rights:

  • Access — View your data within the app (cracks, scans, reports, account settings)
  • Correction — Edit crack labels, names, and preferences in the app
  • Deletion — Delete individual cracks, scans, and reports in the app; delete your entire account in Account settings
  • Portability — Export PDF reports from the app; contact us for additional data export requests
  • Opt-out of marketing — We do not send marketing emails
  • Withdraw consent — Stop using the Service and delete your account

California residents (CCPA): We do not sell personal information. You may request disclosure or deletion by contacting us.

EEA/UK residents (GDPR): Our legal bases for processing include contract performance (providing the Service), legitimate interests (security, improvement), and consent (where applicable). You may lodge a complaint with your local data protection authority.

Camera & photo permissions: You can deny camera or gallery access, but crack scanning features will not function. You can revoke permissions in your device settings at any time.

Notifications: Reminder notifications are local only. You can disable them in the app or device settings.

9. Children's Privacy

CrackLog is not directed at children under 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

10. International Transfers

CrackLog is operated from the United States. If you access the Service from outside the US, your data may be transferred to and processed in the United States and other countries where our service providers operate. By using the Service, you consent to such transfers. We rely on standard contractual clauses and provider safeguards where required by law.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the revised policy on this page with an updated effective date. For material changes, we may notify you through the app or by email. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us: