When you enable Grid Diary Sync, your data is stored on a secure database provided by Grid Diary and only the developer is allowed to access that data. But since the data is stored as plain text so anyone has that data have no problem reading it (we as the developer, hackers, or our service providers).
The solution is end-to-end encryption. End-to-end encryption utilizes a private encryption key to encrypt all entries before they reach the Grid Diary sync servers. With that, no one can read your data on the servers, even us.
How does it work?
The app will generate a random encryption key. The key then will be encrypted with another random generated encryption passphrase. With possession of the encryption key stored locally on the device, maximum security is assured for your data.
The app will encrypt data using the encryption key so your data is always encrypted before sending to the servers.
When a new device join, the app will ask for the passphrase to decrypt the encrypted-encryption-key then store it on that device for later use.
What will be encrypted?
Text and photos of your entries, the title of your journals. Please note that the tags and your custom prompts and quotes are currently not encrypted.
What if I forgot my encryption passphrase?
Only you keep the passphrase. Without it, you can't decrypt data on a new device. Grid Diary does not have access to the encryption key at any point. It is your responsibility to keep the encryption key in a safe place.
Grid Diary also offer a feature to store your encryption key securely on iCloud through your Apple ID, so you don't have to enter the passphrase manually on all your Apple devices. This feature is on by default.