Sortify Privacy Policy
Last updated: 16 June 2026 Effective date: 16 June 2026
Who We Are
This Privacy Policy is published by MokingBird Oy, a company registered in Finland. Sortify is a product and registered brand of MokingBird Oy.
In this Privacy Policy, "Sortify", "we", "our", and "us" refer to MokingBird and the Sortify brand and service operated by MokingBird Oy.
For privacy-related questions or requests, contact us at: [email protected]
Introduction
Sortify is a local-first workspace and shared inventory memory application. We built Sortify with privacy at its core: your operational inventory data lives on your device, not on our servers. This Privacy Policy explains what personal data we process, why, how, and what rights you have under applicable law — including the General Data Protection Regulation (GDPR) as it applies in Finland and the European Economic Area.
Please read this policy carefully before using Sortify. By using the app or any Sortify-related service, you acknowledge that you have read and understood this Privacy Policy.
1. What Sortify Is
Sortify is a privacy-first, local-first inventory and shared-space memory app. It helps people, families, labs, workshops, and teams organize physical items across rooms, workspaces, and shared environments.
Sortify is designed so that:
- account authentication is handled through Firebase Authentication and supported identity providers;
- most operational workspace data is stored locally on the user device;
- when user-owned cloud sync is enabled, workspace data is synchronized through encrypted files stored in the user's selected cloud storage account;
- for Google Drive, OneDrive and Dropbox workspaces, Sortify uses these providers only to create, share, read, update, and synchronize Sortify workspace folders and encrypted Sortify sync files;
- entitlement-enabled Sortify Cloud and Enterprise SyncNative workspaces use managed zero-knowledge transport for encrypted events and checkpoints; and
- Sortify is not designed around a central vendor-hosted plaintext inventory database that stores all customer workspace contents on MokingBird servers.
2. Data Controller
The data controller for the Sortify service is MokingBird Oy.
Sortify is a registered brand of MokingBird Oy.
3. Scope
This Privacy Policy applies to:
- the Sortify mobile application (Android and iOS);
- the Sortify website and all legal, informational, and support web pages;
- customer support, account-related, and product communication;
- beta testing, app-store distribution, and public release operations.
This policy does not apply to third-party services you connect to Sortify (for example, your Google Drive, Onedrive or Dropbox account). Those services are governed by their own privacy policies.
For example, when you connect a Google account for Google Drive sync, Google's own privacy policy and account permissions also apply. Sortify's use and transfer of information received from Google APIs is intended to comply with the Google API Services User Data Policy, including the Limited Use requirements where applicable. This is applicable also to Onedrive and Dropbox
4. Categories of Personal Data We Collect
4.1 Account and Registration Data
Depending on how you sign in, we may process:
- email address;
- display name;
- profile photo URL, if provided by your identity provider;
- authentication provider type (Google, Microsoft, Apple, email/password, or email link);
- Firebase Authentication user identifier;
- account creation timestamp;
- last sign-in timestamp;
- email verification status.
We support the following sign-in methods: email and password (credentials managed by Firebase — we do not store your plaintext password), passwordless email link, Google Sign-In, Microsoft Sign-In, and Apple Sign-In (iOS only).
4.2 Guest-Mode Data
If you use Sortify without registering, we may store limited local data on your device, such as:
- guest mode flag;
- an optional guest display name you enter locally.
Guest data remains local to your device and is not transmitted to MokingBird.
4.3 Workspace and Collaboration Data
When you create or participate in a workspace, Sortify may process:
- workspace identifier and name;
- workspace description, if provided;
- workspace owner or primary user identifier;
- workspace member identifiers and roles;
- membership status and join history;
- invite metadata — inviter identity, invite code, join status, and timestamps;
- join request and cloud access request metadata, including whether a request is for Sortify workspace approval or cloud-provider folder access;
- workspace cloud provider selection;
- workspace cloud folder reference;
- Google Drive workspace package file references where Google Drive
drive.fileauthorization is used; - cloud-provider folder sharing status and access grant or revoke state;
- workspace sync timestamps and item and room counts;
- workspace settings metadata.
4.4 Inventory and Operational Data
Sortify may process the following operational content that you enter:
- item names, descriptions, and notes;
- room and sublocation information;
- tags, categories, and custom fields;
- quantities;
- barcode and QR data;
- brand, model, serial number, condition, and other identifying metadata;
- purchase date, purchase price, currency;
- expiry date and warranty expiry date;
- photo references and local or remote photo paths;
- item history and change records;
- room definitions and sublocation structures;
- search history and search result counts;
- sync queue and metadata records;
- export files generated by the user.
This content is stored locally on your device. When user-owned cloud sync is enabled, it is encrypted before being uploaded to your selected cloud storage account. When Sortify Cloud or Enterprise SyncNative is enabled, changes and checkpoints are encrypted on-device before managed transport. MokingBird does not receive your plaintext inventory contents in the ordinary course of operations.
4.5 Security and Session Data
Sortify may process security-related data required to protect the app and the user session, such as:
- locally stored PIN status and hashed PIN reference;
- biometric availability state and biometric success or failure events;
- session lock and unlock state;
- auto-lock and inactivity timing preferences;
- workspace encryption keys and account recovery key material stored locally in platform secure storage;
- encrypted account and workspace key envelopes used for account/device recovery, where recovery protection is enabled;
- encryption key fingerprints.
Sortify does not intentionally store raw biometric data. Biometric verification is delegated entirely to device operating system services (iOS Keychain / Android Keystore). MokingBird receives only a success or failure signal.
4.6 Diagnostics, Analytics, and Performance Data
Sortify may process limited technical and product telemetry, including:
- app open events and screen views;
- authentication events;
- workspace and sync events;
- performance events;
- crash and error reports;
- device or app technical context necessary to diagnose failures;
- Firebase Cloud Messaging device tokens and local notification inbox records used to deliver workspace, approval, sync, and account-status notifications.
This telemetry is handled through Firebase services configured for Sortify, including Firebase Analytics, Firebase Crashlytics, and Firebase Performance Monitoring. Telemetry scope and controls may vary by app version, environment, and applicable law.
5. Where Data Is Stored
5.1 Authentication Data
Authentication and sign-in account data are handled through Firebase Authentication (operated by Google LLC) and your selected identity provider.
5.2 Local Device Data
Sortify stores operational data locally on the device, including:
- local SQLite database contents (items, rooms, workspaces, history);
- app preferences and settings;
- search history;
- guest-mode flags;
- sync state and queue;
- sensitive values in platform secure storage (iOS Keychain / Android Keystore).
5.3 Synced Workspace Data
When user-owned cloud sync is enabled, Sortify exports and synchronizes encrypted workspace data to Google Drive, OneDrive, or Dropbox. Sortify Cloud and Enterprise SyncNative use a separate managed encrypted-event and checkpoint transport. Availability of a provider or managed workspace type may vary by app version, account entitlement, organization, region, and backend configuration.
Workspace sync files are encrypted before upload. MokingBird does not receive plaintext workspace contents in the ordinary course of operating Sortify. To support account/device recovery, Sortify may store encrypted key envelopes in Firebase/Firestore, including an encrypted account master key envelope and encrypted per-workspace key envelopes for authorized members. These envelopes are not plaintext workspace keys. They are designed to be decrypted only on the user's device after the user proves account identity and provides the applicable account password or recovery password. MokingBird does not store that password in plaintext and cannot use Firebase Authentication alone to decrypt encrypted workspace files.
For Sortify Cloud and Enterprise SyncNative workspaces, Firebase/Firestore stores safe routing and coordination metadata plus encrypted event/checkpoint payloads. Optional managed photo sync stores compressed, device-encrypted image ciphertext in Firebase Storage and stores only ciphertext references, checksums, sizes, compression profile, actor ID, and timestamps in Firestore. Allowed metadata includes workspace IDs, member IDs, roles, event sequence numbers, device IDs, timestamps, sync cursors, checkpoint generation, organization references, and billing/entitlement flags. It must not contain plaintext item names, room names, locations, notes, quantities, photos, or decrypted workspace data.
Sortify Cloud and Enterprise SyncNative operate as zero-knowledge managed transport: the app encrypts workspace changes on-device, Firebase transports encrypted payloads, and authorized devices decrypt locally using workspace keys.
5.4 Google Drive OAuth and Workspace File Access
For Google Drive sync, Sortify uses Google Drive access to operate encrypted Sortify workspace files stored in the user's Google Drive account. Google Drive collaboration uses the narrower https://www.googleapis.com/auth/drive.file scope and targeted authorization of known Sortify workspace files.
Under this approach, a workspace owner creates or shares an encrypted Sortify workspace package. When a secondary member joins, Sortify may ask the user to complete a Finalize Join step. This can open Google's authorization interface so the user can grant Sortify access to the specific encrypted Sortify workspace package needed for sync. The purpose is to authorize a known Sortify workspace file, not to browse or inspect unrelated Google Drive files.
Sortify's app logic is designed to restrict Drive operations to Sortify workspace folders, workspace package files, and Sortify sync artifacts. Sortify does not intentionally scan, index, copy, sell, or analyze unrelated Google Drive content. Drive references stored by Sortify are workspace folder IDs, package file IDs, sync file IDs, and version tokens needed to synchronize encrypted workspace data.
Google Drive data used by Sortify may include:
- the signed-in Google account email returned by the Drive connection flow;
- OAuth access and refresh tokens stored in platform secure storage;
- Sortify workspace folder identifiers;
- Sortify workspace package file identifiers where the package sync model is used;
- Sortify sync file identifiers and version tokens;
- Google Drive authorization or Picker completion state for the known Sortify workspace file;
- Google Drive permission/share results needed to grant or revoke workspace member access;
- encrypted Sortify workspace database files;
- Sortify package metadata used to coordinate sync versions, checksums, generations, and file references;
- an optional encrypted
photo_workspace.sortifypkgselected separately when Google Drive, OneDrive, or Dropbox photo sync is enabled per workspace; - photo package authorization, revision, hash, generation, encrypted blob-count metadata, and provider file identifiers needed to locate that photo package.
MokingBird does not receive your plaintext Google Drive files through this integration in normal operation. The app reads and writes Sortify sync artifacts from the user's connected Google Drive account.
5.5 OneDrive OAuth and Workspace Folder Access
When OneDrive sync is enabled and used as cloud provider, Sortify uses Microsoft identity and Microsoft Graph APIs to operate Sortify workspace folders and encrypted Sortify sync files in the user's OneDrive account.
The intended OneDrive permissions are used for:
- signing the user into Microsoft identity for the OneDrive connection;
- reading the connected account identity needed to display and validate the linked provider account;
- creating or locating Sortify workspace folders;
- reading and writing encrypted Sortify workspace database files;
- reading and writing Sortify metadata files;
- using OneDrive file version information such as ETags for conflict prevention;
- inviting workspace members to the provider folder where supported;
- listing and removing provider permissions when a workspace member is removed.
OneDrive sync data used by Sortify may include Microsoft account identity data, OAuth tokens stored in platform secure storage, OneDrive item IDs or paths, file ETags, sharing permission records, encrypted Sortify database files, and Sortify metadata files.
Sortify does not intentionally use OneDrive access to inspect unrelated OneDrive content. OneDrive operations are intended to be limited to Sortify workspace folders and Sortify sync artifacts.
Secondary member must also login to their Onedrive account to have access to Primary member's workspace who uses Onedrive as their provider. Same email address used for Sortify authentication should be used to login to the Onedrive account.
5.6 Dropbox OAuth and Shared Folder Access
When Dropbox sync is enabled and used as cloud provider, Sortify uses Dropbox OAuth and Dropbox API permissions to operate Sortify workspace folders, shared folder references, encrypted Sortify sync files, and membership-related sharing controls.
The intended Dropbox permissions are used for:
- connecting the user's Dropbox account;
- reading account identity needed to show and validate the linked provider account;
- creating or locating Sortify workspace folders;
- reading and writing encrypted Sortify workspace database files;
- reading and writing Sortify metadata files;
- using Dropbox revision IDs for conflict prevention;
- creating or resolving Dropbox shared folder references where required for collaboration;
- inviting workspace members to shared folders where supported;
- removing workspace members from shared folders when access is revoked.
Dropbox sync data used by Sortify may include Dropbox account identity data, OAuth tokens stored in platform secure storage, workspace folder paths or shared folder IDs, file revision IDs, sharing membership records, encrypted Sortify database files, and Sortify metadata files.
Sortify does not intentionally use Dropbox access to inspect unrelated Dropbox content. Dropbox operations are intended to be limited to Sortify workspace folders and Sortify sync artifacts.
Secondary member must also login to their Dropbox account to have access to Primary member's workspace who uses Dropbox as their provider. Same email address used for Sortify authentication should be used to login to the Dropbox account.
5.7 Diagnostics and Monitoring Data
Limited diagnostics and telemetry may be transmitted to Firebase services when enabled for app operation, analytics, performance, and crash reporting.
6. How We Use Personal Data
We use personal data to:
- create and maintain user accounts;
- authenticate users securely;
- enable encrypted account/device recovery where configured;
- enable workspace creation, joining, switching, and collaboration;
- sync encrypted workspace data across devices;
- generate and process workspace invitation links and invite codes;
- distinguish Sortify membership approval from cloud-provider folder access approval;
- support provider-specific Finalize Join flows where an additional cloud-provider access step is required;
- grant and revoke cloud folder access for workspace members where the connected provider supports it;
- support item search, history, scanning, and organization features;
- protect the app and detect security or reliability issues;
- improve app performance, usability, and reliability;
- provide support and troubleshooting;
- comply with legal obligations;
- prevent abuse, fraud, misuse, and unauthorized access.
7. Legal Bases Under the GDPR
Where the GDPR applies, our legal bases include:
- Article 6(1)(b) — processing necessary for the performance of a contract with you (providing the Sortify service) or for steps taken at your request before entering into a contract;
- Article 6(1)(f) — processing necessary for legitimate interests pursued by MokingBird, such as securing the service, improving reliability, and detecting fraud, provided these interests are not overridden by your interests or rights;
- Article 6(1)(c) — processing necessary to comply with a legal obligation applicable to MokingBird Oy;
- Article 6(1)(a) — consent, where we explicitly request it for optional processing in a given release.
Where consent is the legal basis, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.
8. How Collaboration and Invitations Work
Sortify allows workspace collaboration. A workspace owner or authorized user may:
- create a workspace;
- generate invite links or invite codes;
- add or manage workspace members;
- assign or change member roles.
If you are invited to a workspace:
- the inviter may see the identity used to invite you and your membership status;
- your membership, role, invited-by information, join status, and join timestamps may be stored as part of workspace records;
- your actions within a workspace may appear in item history and the activity feed for accountability and collaboration purposes.
Some shared workspaces also require cloud-provider access. This is separate from Sortify membership approval. For example, a Google Drive workspace requires access to the shared encrypted workspace package and may require the secondary user to complete Finalize Join. Optional photo sync requires separate authorization for the photo package. A no-approval Sortify invite can still require provider access if the folder or file is not yet accessible. Sortify may store approval request status, requester identity, owner decision status, provider access status, pending sync-task state, timestamps, and related notification records so the app can distinguish workspace approval, provider access, Finalize Join, and optional photo authorization.
9. Cloud Providers and Third-Party Services
Sortify may interact with the following third-party providers:
- Firebase Authentication — identity and account management;
- Firebase Firestore — membership and coordination records, encrypted recovery envelopes, encrypted managed-sync events/checkpoints, and safe encrypted-media references for eligible Sortify Cloud and Enterprise workspaces;
- Firebase Storage — optional compressed photo ciphertext for eligible Sortify Cloud and Enterprise workspaces; plaintext image bytes are encrypted on the device before upload;
- Firebase Analytics — anonymous usage analytics;
- Firebase Crashlytics — crash and error reporting;
- Firebase Performance Monitoring — performance diagnostics;
- Firebase App Check — app integrity verification (Android Play Integrity / Apple DeviceCheck in production);
- Google Sign-In — federated sign-in;
- Sign in with Apple — federated sign-in (iOS);
- Google Drive — user-selected cloud sync storage using targeted Sortify file access;
- Microsoft OneDrive — user-selected cloud sync storage where enabled;
- Dropbox — user-selected cloud sync storage where enabled.
These providers operate under their own terms and privacy notices and are not controlled by MokingBird.
9.1 Google API Data Use and Limited Use
Sortify uses Google API data only to provide user-requested sign-in and Google Drive sync functionality. Specifically:
- Google Sign-In data is used for account authentication and account identification.
- Google Drive data is used to create, locate, share, read, update, and delete Sortify workspace folders and Sortify sync artifacts.
- Google Drive access is not used for advertising, profiling, data brokerage, or sale of user data.
- Google Drive content is not used to train machine learning or AI models.
- Google Drive access is not transferred to third parties except as necessary to provide or improve user-facing Sortify features, comply with law, protect security, or as otherwise permitted by applicable Google API policies.
- Users can revoke Sortify's Google access from their Google Account permissions page, and can also disconnect or stop using Google Drive sync inside Sortify where the app version supports that workflow.
9.2 Microsoft OneDrive and Microsoft Graph Data Use
When OneDrive is used as provider, Sortify uses Microsoft Graph data only to provide user-requested OneDrive sync and collaboration functionality. Specifically:
- Microsoft account identity is used to show and validate the connected OneDrive account.
- OneDrive file and folder access is used to create, locate, read, update, and delete Sortify workspace sync artifacts.
- OneDrive sharing access is used to invite workspace members and revoke access where supported.
- OneDrive data is not used for advertising, profiling, sale of user data, or model training.
- Users can revoke Sortify's Microsoft account access through Microsoft account consent and app-permission controls.
9.3 Dropbox API Data Use
When Dropbox support is used as provider, Sortify uses Dropbox API data only to provide user-requested Dropbox sync and collaboration functionality. Specifically:
- Dropbox account identity is used to show and validate the connected Dropbox account.
- Dropbox file and folder access is used to create, locate, read, update, and delete Sortify workspace sync artifacts.
- Dropbox sharing access is used to invite workspace members to shared folders and remove members where supported.
- Dropbox data is not used for advertising, profiling, sale of user data, or model training.
- Users can revoke Sortify's Dropbox access through Dropbox account app-permission controls.
10. We Do Not Sell Personal Data
MokingBird does not sell user personal data to third parties. We do not transfer personal data to advertising networks or data brokers.
11. Data Sharing
We may share limited data only:
- with service providers required to operate the app (acting as data processors under appropriate agreements);
- when a user intentionally shares workspace or invite information;
- when collaboration within a workspace requires member visibility of account, role, and activity information;
- where required by law, legal process, or regulatory obligation;
- to protect the rights, safety, and integrity of users, MokingBird, or the service.
12. International Data Transfers
Your data may be processed outside your country or the European Economic Area depending on:
- the cloud storage provider you choose and the location of their infrastructure;
- Firebase and identity provider processing locations;
- the app-store or support infrastructure in use.
Where required by applicable law, we will rely on appropriate safeguards for international transfers, such as Standard Contractual Clauses (SCCs) approved by the European Commission.
13. Data Retention
We retain data for as long as necessary to:
- operate the service and maintain account functionality;
- preserve workspace collaboration records for accountability and continuity;
- support security, debugging, and fraud prevention;
- comply with legal obligations.
Because Sortify uses local-first and user-controlled cloud storage patterns, retention of most operational data is controlled by you, not by us. Local device data remains until you delete the app or clear app data. Sync files in your cloud storage remain until you or an authorized workspace owner deletes them.
Where encrypted account/device recovery is enabled, encrypted key envelopes and recovery status metadata may be retained while your account or workspace membership is active so that authorized devices can restore access after app reinstall, device loss, or local data clearing. If account deletion offers a deletion-pending recovery window, the duration shown in the app applies. After the permanent deletion point, active recovery records and encrypted key envelopes for that account are deleted, revoked, or cryptographically shredded subject to legal, security, backup, and provider limitations.
OAuth tokens are retained on the device only as long as needed for the connected provider session, unless removed by sign-out, account deletion, app data clearing, token expiration, provider revocation, or disconnect flows supported by the app. Provider-side access grants and shared folder permissions remain subject to the provider's own controls and the workspace owner's actions.
14. Security Measures
MokingBird uses a layered security approach including:
- Firebase App Check for app integrity verification;
- platform secure storage (iOS Keychain / Android Keystore) for sensitive values;
- AES-256-GCM encryption for workspace sync files;
- encrypted account and workspace key envelopes for recoverable end-to-end encrypted sync;
- password-derived recovery unlocking on the user's device, not plaintext key storage by MokingBird;
- local PIN and biometric access controls;
- session timeout and auto-lock behavior;
- role-based workspace access patterns;
- sync conflict handling and backoff behavior;
- encrypted export options for workspace data.
No security system is absolute. We cannot guarantee that unauthorized access, hardware failure, or other events will never occur.
15. Your Rights Under the GDPR
As a data subject in the EEA, you have the following rights:
- Right of access (Art. 15) — request a copy of your personal data and information about how it is processed;
- Right to rectification (Art. 16) — request correction of inaccurate personal data;
- Right to erasure (Art. 17) — request deletion where the legal basis for processing no longer applies;
- Right to restriction of processing (Art. 18) — request restriction in certain circumstances;
- Right to data portability (Art. 20) — receive a machine-readable copy of personal data you provided where processing is based on consent or contract;
- Right to object (Art. 21) — object to processing based on legitimate interests;
- Right to withdraw consent (Art. 7(3)) — withdraw consent at any time without affecting prior lawful processing;
- Right to lodge a complaint — with the Finnish Data Protection Ombudsman (tietosuoja.fi) or the supervisory authority in your EU member state of residence or work.
To exercise your rights, contact: [email protected]
16. Account Deletion and Workspace Implications
If you delete your account:
- your Firebase Authentication account may be disabled, scheduled for deletion, or deleted depending on the account deletion flow in effect;
- local app data may remain on your device until you remove it;
- encrypted account/device recovery records and key envelopes may be retained during a limited deletion-pending recovery window and then deleted, revoked, or cryptographically shredded after permanent deletion;
- shared workspace records may still retain certain historical references necessary for audit, collaboration continuity, or legal compliance unless separately removed;
- encrypted synced files in user-controlled cloud storage may remain until removed by the authorized cloud account owner or workspace owner;
- cloud-provider sharing permissions may need to be revoked by the workspace owner or through the provider's own account controls, depending on provider behavior and workspace ownership.
17. Children's Privacy
Sortify is not intended for children in circumstances where parental consent is legally required and has not been obtained. We do not knowingly collect personal data from children without appropriate authorization. Contact [email protected] if you believe a child has provided data without required consent.
18. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will update the "Last updated" date and, where required by law, provide additional notice. Updated versions become effective when published unless applicable law requires a different process.
The current version is always available at: https://sortify.mokingbird.xyz/privacypolicy
19. In-App Availability
An offline-readable version of this Privacy Policy is available in the Sortify app. The in-app version mirrors this policy for offline reading. The authoritative version is the one published at the URL above.
20. Contact
For privacy, data protection, or legal requests:
MokingBird Oy — Sortify Privacy Email: [email protected] Website: https://sortify.mokingbird.xyz
21. Summary
Sortify is built to help users organize shared spaces while keeping authentication secure, limiting unnecessary data collection, and storing synced workspace content in user-controlled and encrypted cloud storage rather than in a centralized MokingBird inventory database. We do not sell your data. Your inventory stays on your device and in your cloud.
Sortify is a registered brand of MokingBird Oy, Finland. Governing law: Finland (EU).