Privacy Policy

Last updated: May 5, 2026

Privacy Policy

This is the privacy policy for Journal, a tool for tracking sales, prices, and crafting knowledge in The Elder Scrolls Online. Journal is built and operated by Erros (the same person behind The Study and the Erros YouTube and Patreon channels). It is fan-made and not affiliated with or endorsed by ZeniMax Online Studios, Bethesda Softworks, or any related entity.

This policy explains what data we collect, why we collect it, how it's stored, and what you can do about it. We've tried to write it in plain language. Where the law requires specific phrasing, we've kept it as short as we can.

The short version

  • We collect the bare minimum needed to run the app: your account info, the gameplay data you upload, and basic logs.
  • We do not sell your data. We do not share it with advertisers or marketers.
  • Your sales and inventory are private to your account. Aggregated price data — what items are selling for across the game — is shown to all users and is the whole point of the app.
  • You can export your data or delete your account at any time. Deleting your account removes your account-linked data; aggregated price observations stay in the dataset in anonymized form.
  • Questions: privacy@erros.gg.

What we collect

Account information

When you sign up for Journal, you create an account using one of the supported sign-in methods (currently Discord and Google OAuth). We receive from the provider:

  • A unique account identifier (your Discord or Google user ID).
  • Your email address.
  • Your display name as it exists on that provider.

We do not see your password. The OAuth provider handles authentication; we receive a token confirming you are who you say you are.

We also store a record of your tier (free, or one of the Patreon-linked tiers) so that paid tier features unlock correctly. The actual payment is handled by Patreon; we never see your payment details.

Data you upload from the addon

The Journal Companion addon collects four kinds of data while you play, writes them to a SavedVariables file, and you (or the desktop companion app) upload that file to Journal:

  • Sales — items you sold at guild traders, the price, the buyer, the guild, and the timestamp. The addon scans your guild history and records anything from the last 90 days.
  • Trader prices — unit prices from guild trader search result pages you browse. Kept by the addon for 30 days. These are observations of public listings, not your own sales.
  • Crafting knowledge — recipes, furnishing plans, motifs, and trait research per character on your account.
  • Character metadata — character names (as they appear in-game) and the server region (NA or EU).

The addon does not collect your chat, your mail, your in-game location, your social interactions with other players, your friends list, or anything else not directly related to trading or crafting. The full list of what the addon scans is in the source code at https://github.com/erros-gg/journal-companion.

Server-side derived data

Once your data is on our server, we compute things from it: weekly profit, margin per item, your aggregate sales history, and so on. We also incorporate your trader-price observations into the aggregated market price dataset described below.

Logs and operational data

Like every web service, we keep basic operational logs: IP addresses for incoming requests, timestamps, paths accessed, and error reports. These are kept for 30 days and are used to keep the service running, diagnose problems, and protect against abuse.

Cookies

Journal uses cookies only for things that require them: keeping you signed in, remembering your active character or server, and securing form submissions. We do not use cookies for advertising or for tracking you across other sites.

How we use your data

The data you give us is used for these purposes, and only these:

  1. To run the features you signed up for. Your sales, prices, and crafting knowledge power your dashboard, your sales history, your knowledge tracker, and your alerts.
  2. To compute aggregate market prices. Trader-price observations from all users are pooled to produce the median prices, weekly volumes, and trend lines shown across the app and on journal.erros.gg/eso/prices. Individual contributions are not identifiable in the output.
  3. To operate and protect the service. Logs and operational data help us diagnose bugs, scale the service, and prevent abuse (such as automated scraping or denial-of-service attempts).
  4. To communicate with you when necessary. Account-related emails — sign-in confirmations, security notices, occasional service-impacting announcements. We will not put you on a marketing list.

We do not sell your data. We do not share it with advertisers or marketers. We do not use your data to train machine-learning models.

Aggregated market data

The market prices Journal shows — the price of Rubedite Ore on NA, the weekly volume of Bloodroot, and so on — are computed from trader observations contributed by Journal users. These aggregate numbers are public within the app, and a subset is also published on the public marketing site at https://erros.gg/eso/prices.

The aggregate is just a number. It does not say who observed which listing, when you were browsing, or anything else that could connect a price back to you. Aggregation is one-way: once your observation is in the pool, it cannot be extracted from it.

If you delete your account, we remove the data linked to your account. Your past contributions to the aggregate dataset stay in the dataset in their already-anonymized form, because the aggregate has no way to know which observation was yours. We think this is the right balance — your account is yours; the public-good price data the community contributes to is the community's.

Where your data is stored

Journal runs on the following infrastructure providers:

  • Supabase — primary database and authentication.
  • Vercel — application hosting.
  • Discord and Google — OAuth sign-in providers. Their privacy practices apply when you choose to sign in with them.
  • Patreon — handles tier-based subscriptions. We receive your tier; they handle billing.
  • Cloudflare — DNS and DDoS protection at the network edge.

We rely on these providers to handle your data securely. We use them in their standard configurations and we do not give them broader access to your data than they need to provide their service.

Data at rest is encrypted by the provider. Data in transit is encrypted via TLS. Account passwords are never stored by us — authentication happens at the OAuth provider.

Your rights

You can do all of the following at any time:

  • Export your data. A button in your account settings lets you download a complete copy of the data linked to your account in a structured format.
  • Delete your account. Account deletion removes your profile, your sales, your inventory, your crafting knowledge, and your linked OAuth identifiers. Aggregated price observations stay in the dataset in anonymized form, as described above. This action is irreversible.
  • Correct your data. Most data in Journal you correct yourself by editing it in the app. For anything that isn't user-editable (rare), email privacy@erros.gg.
  • Object or restrict. If you have a specific concern about how we're using your data, email privacy@erros.gg and we'll work it out with you.

If you are in the EU or UK, the GDPR gives you these rights formally, plus the right to lodge a complaint with your local data protection authority. The legal basis we rely on for processing your data is contractual (you signed up to use the service) and legitimate interest (running the service securely).

If you are in California, the CCPA / CPRA gives you the right to know what data we hold about you, to delete it, and to not be discriminated against for exercising those rights. We do not sell personal information as the term is defined under California law.

To exercise any of these rights, email privacy@erros.gg. We will respond within 30 days.

Children

Journal is intended for users 13 years and older. The Elder Scrolls Online is rated for ages 13+ (PEGI 16 in the EU), and the same minimum applies here. We do not knowingly collect data from children under 13. If you believe a child under 13 has signed up, email privacy@erros.gg and we'll remove the account.

Changes to this policy

If we change how Journal handles your data in any material way, we'll update this policy and notify users via the app and by email. The "last updated" date at the top of this page reflects the most recent change. Older versions of this policy are available on request.

Contact

For any privacy question — exercising a right, raising a concern, asking what data we hold — write to privacy@erros.gg. The same address is used for legal notices.

For non-privacy questions, see /contact.