← Back to home

Privacy Policy

Effective as of March 7, 2026

This privacy policy applies to the Small Talk Notebook app (hereby referred to as "Application") for mobile devices, created by Kieran LaMee (hereby referred to as "Service Provider") as a Freemium service.

Small Talk is a local-first app. Everything you store in the Application — names, notes, relationships, birthdays — lives exclusively on your device. The Service Provider does not operate servers that receive, store, or process your personal data. This policy explains how your data is handled within the Application.

What data does the Application store, and where does it go?

The Application stores the following information on your device:

  • Names, relationship types, and custom fields you create about people
  • Birthdays, cities, and workplace or school information
  • Free-text notes about people, including note headlines and body content
  • Relationships between people (e.g. "sister", "coworker")
  • Tags and categories you create
  • References to photos you attach to people and notes (the photos themselves remain in your device's photo library)

All of this data is stored in an encrypted database on your device only. It is never transmitted to the Service Provider or any external server. The Service Provider has no ability to access, view, or recover your data.

Does the Service Provider collect any information?

No. The Service Provider does not collect usage data, analytics, crash reports, or any other telemetry. The Application makes no outbound network requests to any developer-controlled server.

Registration is not required to use the Application.

Do third parties see or have access to my data?

Your personal data is not shared with third parties. The only external communication the Application performs is:

  • App stores: If you purchase Small Talk Plus, the transaction is processed by Apple (via StoreKit on iOS) or Google (via Google Play Billing on Android). The Service Provider does not receive your payment details or account information. The privacy policies of Apple and Google govern these interactions.

Data security

Your data is protected by AES-256 encryption (SQLCipher). The encryption key is generated on your device at first launch and stored securely using platform-provided mechanisms (the Keychain on iOS, the Android Keystore on Android). On iOS, the Keychain entry is included in encrypted iCloud Keychain backups, which allows your data to transfer securely to a new device.

The Service Provider never has access to your encryption key or your data.

iCloud device backup

The Application's encrypted database may be included in standard device backups (such as iCloud or iTunes/Finder on iOS, or Google backups on Android). The database is backed up in its encrypted form — without the corresponding encryption key it cannot be read. The encryption key is stored separately in platform-secured storage. Together, this means a device backup and restore can recover your data, while the backed-up files remain unreadable to anyone without access to both.

Photos

The Application allows you to attach photos from your device's photo library to people and notes. When you attach a photo, the Application stores only a reference identifier pointing to that photo — it does not copy or duplicate the photo itself. The photos remain in your device's photo library at all times.

To access your photo library, the Application requests permission through your device's operating system. On iOS, you can grant full access or select specific photos. On Android, you grant access to photos and images. You can revoke this permission at any time in your device's Settings, and the Application will no longer display photo thumbnails.

Photo reference identifiers are stored in the Application's encrypted database alongside your other data. They are never transmitted to the Service Provider or any external server. If you delete a photo from your device's photo library, the Application detects this and removes the corresponding reference automatically.

Backup and export

The Application includes an optional backup feature (available with Small Talk Plus). When you export a backup, a file containing all your personal data is created on your device and surfaced via the system share sheet. You choose where it goes — Files, AirDrop, email, or any other destination your device supports. The Service Provider does not receive your backup and has no access to it.

Backup files include photo reference identifiers but not the photos themselves. Photos cannot be transferred between devices via backup — only the references are preserved, and they will resolve only if the same photos exist in the new device's photo library.

Backup files are not additionally encrypted beyond whatever protections apply to the destination you choose. You are responsible for storing backups securely.

Data deletion

All personal data stored by the Application lives on your device. Uninstalling the Application removes the encrypted database, deleting all your personal data. If you want to preserve your data before uninstalling, you can export a backup first using the backup feature (available with Small Talk Plus).

Notifications

The Application can send local notifications for birthday reminders and note reminders, if you choose to enable these features. All notifications are generated entirely on your device — no push notification service or external server is involved.

Birthday reminder notifications include the person's name. Note reminder notifications may include your note headline or content. This information never leaves your device.

Biometric authentication

The Application offers an optional App Lock feature using biometric authentication (such as Face ID, Touch ID, or fingerprint). Authentication is handled entirely by the operating system — the Application receives only a pass or fail result and never has access to any biometric data.

Location data

The Application does not collect or access location information from your device.

Children

The Application is not directed to children under the age of 13, and the Service Provider does not knowingly collect information from children. You must be at least 16 years of age to consent to the processing of your information in your country (in some countries a parent or guardian may consent on your behalf).

If you believe a child has used the Application in a way that raises privacy concerns, please contact the Service Provider at support@smalltalknotebook.com.

Changes

This Privacy Policy may be updated from time to time. Any changes will be posted to this page with an updated effective date. Continued use of the Application after changes are posted constitutes acceptance of the revised policy.

Your consent

By using the Application, you consent to this Privacy Policy as currently in effect.

Contact us

If you have any questions about this Privacy Policy or the Application's data practices, please contact the Service Provider at support@smalltalknotebook.com.