Privacy Policy

Last updated: March 13, 2026

1. Data Controller

CalEntry is operated as an independent app. For privacy inquiries, contact us at calentrysupport@gmail.com.

2. Data We Collect

• Device identifier (randomly generated, not linked to your real identity)
• Photos you submit for analysis — processed in real time and never stored on our servers
• Calendar event data you choose to save — stored locally on your device only
• Authentication data if you sign in with Apple (name, email)
• App usage metadata (plan type, scan count) stored in our database (Supabase)

3. Legal Basis for Processing (GDPR Art. 6)

• Contract performance: processing is necessary to provide the service you requested
• Legitimate interest: anonymous usage metrics to improve the app
• Consent: when you grant calendar or notification permissions

4. How We Use Your Data

Photos are sent to Anthropic's Claude API solely to extract event information, then immediately discarded — we never store, index, or share your photos. Event data is saved only on your device via iOS Calendar. Account data (name, email, scan balance) is stored in our Supabase database to enable cross-device access.

5. Third-Party Processors

• Anthropic (Claude API) — AI event extraction. Data: photo content. Retention: none after response.
• Supabase — backend database. Data: device ID, scan count, plan type, auth identity. Location: EU (Frankfurt).
• Firebase Crashlytics (Google) — crash reporting. Data: device model, OS version, app version, crash stack traces. No personally identifiable information is collected. Data location: United States.
• Apple / Google — authentication only, subject to their own privacy policies.

6. Data Retention

• Photos: deleted immediately after AI processing (never persisted)
• Account data: retained while your account is active; deleted upon account deletion request
• Local calendar events: controlled entirely by you via the iOS Calendar app

7. International Transfers

Anthropic's servers are located in the United States. Transfers are covered by Standard Contractual Clauses (SCCs) as required by GDPR Chapter V.

8. Your Rights (GDPR Art. 15–22)

You have the right to: access your data · correct inaccurate data · request erasure ('right to be forgotten') · restrict processing · data portability · object to processing · withdraw consent at any time.

To exercise any right, contact calentrysupport@gmail.com. We will respond within 30 days.

9. Children

CalEntry is not directed at children under 16. We do not knowingly collect data from minors.

10. Changes

We will notify you of material changes via an in-app notice. Continued use after the effective date constitutes acceptance.