# Privacy Policy Version: v1.0 Effective Date: 2026-05-23 Data Controller: RomiDev OÜ (Estonia) Contact: info@romidev.ee --- ## 1. Introduction This Privacy Policy explains how RomiDev OÜ collects, uses, and protects information when you use the application. The application is designed with privacy in mind. Wherever possible, data is stored locally on the user’s device. --- ## 2. Data We Collect We may collect or process the following types of data: ### 2.1 Google Account Information - Name - Email address - Profile information provided by Google Sign-In This data is used solely for authentication and account identification. ### 2.2 Google Calendar Data - Calendar event metadata (such as event title, time, and participants) This data is accessed via the Google Calendar API to provide calendar-related functionality within the application. ### 2.3 User-Created Content - Notes - Handwritten input - Application-generated summaries (if applicable) All user-created notes and handwritten content are stored locally on the user’s device and are not transmitted to or stored on our servers. ### 2.4 Analytics Data We use Amplitude to collect limited usage analytics such as: - App interactions - Feature usage - Performance and diagnostic information This data is used to improve app performance and user experience. --- ## 3. How We Use Data We use collected data to: - Provide core application functionality - Enable authentication and calendar integration - Improve app performance and stability - Understand feature usage and user experience --- ## 4. Data Storage - Notes and handwritten content are stored locally on the user’s device. - We do not operate a backend system that stores user notes or personal content. - Some metadata (e.g. analytics events) may be processed by third-party services. --- ## 5. Third-Party Services We use the following third-party services: - Google (Google Sign-In, Google Calendar API) - Amplitude (analytics and usage tracking) These providers may process data in accordance with their own privacy policies. --- ## 6. Legal Basis (GDPR) We process personal data based on: - Contractual necessity (to provide app functionality) - Legitimate interests (to improve and maintain the application) - User consent (where required by law) --- ## 7. Data Sharing We do not sell personal data. We may share limited data with: - Google (for authentication and calendar functionality) - Amplitude (for analytics) Only the minimum necessary data is shared for these purposes. --- ## 8. International Data Transfers Some third-party service providers may process data outside the European Economic Area (EEA). Where applicable, appropriate safeguards are used to protect personal data. --- ## 9. Data Retention - Account-related data is retained while the user actively uses the application. - Analytics data is retained according to third-party provider policies. - Local data remains on the user’s device until deleted by the user. --- ## 10. User Rights (GDPR) You have the right to: - Access your personal data - Request correction of inaccurate data - Request deletion of your data - Restrict or object to processing - Data portability (where applicable) - Withdraw consent at any time - Lodge a complaint with a supervisory authority To exercise these rights, contact: info@romidev.ee --- ## 11. Security We use reasonable technical and organizational measures to protect data. However, no system is completely secure, and absolute security cannot be guaranteed. --- ## 12. Children’s Privacy The application is not intended for children under the age of 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect data from children. --- ## 13. Changes to This Policy We may update this Privacy Policy from time to time. Updated versions will be published within the application or on the official website, along with a revised effective date. --- ## 14. Contact RomiDev OÜ Email: info@romidev.ee