Privacy Policy

• Account Details – Your email and name to set up and sign in to your account (via Apple, Google, or email). This is used for subscription management and our business logic (free tier vs subscription access). Without providing this minimal data, our services cannot be used.
• Google Calendar Connection – If you connect your Google account (OAuth), we store access tokens to create, update, and delete events in your Google Calendar at your request. We only access calendar data when you instruct us to and do not use it for any other purpose.
• Subscriptions & Payments – Payment details are handled by our trusted partners (Apple for iOS, Stripe for web). We receive subscription status updates (active, canceled, etc.) to control access.
• Calendar or Reminder Content – The text or images you submit are temporarily stored so we can extract events/reminders for you. Temporary storage of your processed results and optional Calendar Links you create for sharing. You choose how long these links stay active.
• Security & Reliability Logs – Minimal technical details (like IP address) to detect abuse and keep the service stable. These logs are automatically deleted after a short period.
• Website Analytics – Basic, privacy-friendly analytics through Plausible, a self-hosted, cookie-free analytics tool. It helps us understand overall usage trends without tracking you across the web or storing any personal data.

• AI Processing – We send the content you submit (such as text and images) to OpenAI and Google Gemini to process your request. Voice input is transcribed on your device using Apple's Speech framework (iOS); your audio is never stored or transmitted externally — only the resulting text is sent for processing. Our service providers do not use your data to train their models. This processing is not automated decision-making under GDPR Article 22, as it requires your active input and you control the results.
• Google Calendar – When you connect your Google account, we use the Google Calendar API to read and write events (titles, dates, locations, attendees) only when you request it. Calendar data is processed in memory for the specific operation and not retained beyond what is needed to complete your request. You can disconnect or revoke access at any time.
• Result Storage – Results are stored temporary until access by the user. Calendar Links expire based on the time you select. Once expired, they are removed from the server.
• Calendar Link Storage – Keeps the original link, expiration date, minimal technical details for security.
• Security Logs – Automatically deleted after a short retention period (about 72 hours).
• ChatGPT App Integration (MCP) – When you use our app through ChatGPT, we receive only the specific event or contact data you choose to create. We do not collect, store, or have access to your ChatGPT conversations, chat history, or any other ChatGPT data. The integration is request-based: you provide specific information (like 'meeting tomorrow at 2pm'), we generate the calendar event or contact card, and return it to you. Generated calendar files (.ics) and contact cards (.vcf) are temporarily stored in memory for up to 1 hour to enable mobile app downloads, then automatically deleted. No conversation data is retained.

• Essential Cookies – Needed for sign-in and security.
• Analytics – We use Plausible Analytics, which is cookie-free and collects no personal data. No analytics cookies are set. You can opt out by setting localStorage key plausible_ignore to "true" in your browser.

• Contract – To deliver the service you request (e.g., process your calendar data, manage your account).
• Legitimate Interests – To maintain security, prevent abuse, and understand service performance.
• Consent – For any optional analytics or marketing (if applicable).

We work with a small number of trusted providers who process information for us, including:

• OpenAI – AI text/image processing.

• Google (Gemini) – AI text/image processing.

• Google (Calendar API) – For Google Calendar integration; we read and write events in your connected calendar when you instruct us to.

• Stripe – Web payment processing.

• Apple – In-app purchases.

• Hosting & Email Providers – To run our infrastructure and support.

• Plausible Analytics – Self-hosted, cookie-free website analytics.

These partners cannot use your information for their own purposes.

Your data may be processed in the EEA, US, or other countries where our partners operate. When required, we use legal safeguards such as Standard Contractual Clauses to protect your data.

• Calendar results – Up to 15 minutes, then deleted.
• Calendar Links – Kept until the expiration you choose.
• OAuth tokens – Stored for as long as your Google account remains connected; deleted when you disconnect or revoke access.
• Logs – Deleted after about 72 hours.
• Minimal account/payment records – Kept as needed for legal or accounting purposes.

Depending on your location, you may have the right to:

• Access and maintain your information

• Delete your data

• Restrict or object to processing

• Withdraw consent at any time

EU/EEA & UK users – You may contact your local data protection authority. If you feel we haven't addressed your concerns properly, you're always welcome to reach out to your local data protection authority for guidance.

California residents – You have rights under the CCPA, including the right to know, delete, correct, opt out of sale/share (we do not sell/share), and non-discrimination.

Brazil residents – LGPD grants similar rights, plus review of automated decisions.

To exercise any rights, email [email protected].

Our services are not intended for children under 13 (or the legal minimum in their country).

We protect your data with encryption, secure authentication, and minimal retention.

If a breach affects your personal data, we will notify you and relevant authorities as required by law.

If we make material changes, we will notify you in-app or on our website before they take effect.