Privacy Policy
Last updated: 18 June 2026
1. Overview
Logr is an open-source, self-hostable time-tracking and invoicing application licensed under AGPL-3.0. This policy applies to the hosted instance at logr.work. If you self-host Logr, your data never touches our servers — you are solely responsible for your own deployment.
2. Data we store
On the hosted instance, your data — time entries, clients, projects, and invoices — is stored in a Supabase Postgres database under your account. Every table is protected by Row-Level Security (RLS) policies so that only your authenticated user can read or write your records. We do not have access to the contents of your time entries or invoices in the normal course of operations.
3. Authentication
Logr supports authentication via Google OAuth and email magic links, both handled by Supabase Auth. We store your email address and a hashed session token. We do not store passwords. OAuth tokens from Google are used only to confirm your identity and are not persisted beyond the session.
4. Data sharing & selling
We do not sell, rent, or share your personal data with third parties for advertising or marketing purposes. Data may be disclosed only where required by law or to protect the rights and safety of users.
5. Self-hosting
The Logr source code is publicly available on GitHub under AGPL-3.0. When you self-host Logr, you control the database, the infrastructure, and the data. This policy does not apply to self-hosted deployments — you are the data controller for your own instance.
6. Contact
Logr is an open-source project. For privacy-related questions, please open an issue or start a discussion on GitHub. We will respond within a reasonable timeframe.