Privacy Policy

Effective Date: February 13, 2026Version: 1.1

This Privacy Policy ("Policy") describes how P/E Valerii Alekseev ("we", "us", or "our") collects, uses, and protects your personal information when you use our mobile application Calma (the "App").

This Policy complies with the General Data Protection Regulation (GDPR) (EU), the California Consumer Privacy Act (CCPA) (US), and other applicable data protection laws.

Data Controller:
Developer Account: P/E Valerii Alekseev
Email: info@valery.design
Support Website: https://getcalma.app

Company Requisites:
Individual
P/E Valerii Alekseev Tax ID: 305320480
Support Website: https://getcalma.app

This Policy is a publicly available document and is accessible within the App and on our support website. We may update this Policy from time to time.

1. Definitions

  • Personal Data — any information relating to an identified or identifiable natural person (data subject).
  • Processing — any operation performed on personal data, including collection, recording, organization, storage, adaptation, retrieval, use, disclosure, erasure, or destruction.
  • Data Controller — P/E Valerii Alekseev, the entity that determines the purposes and means of processing personal data.
  • User — any natural person who uses the App.
  • App — the mobile application Calma, available on App Store.

Service-Specific Terms:

  • Voice Recording: an audio file captured by the user through the Calma app for the purpose of task creation, which is then processed using AI-powered transcription and extraction features.
  • AI-Powered Transcription: the process by which the app converts voice recordings into written text using artificial intelligence algorithms.
  • Task Extraction: the process of identifying and categorizing tasks from voice recordings or written entries using AI algorithms.
  • Habit Tracking: the feature within the Calma app that allows users to monitor and record their daily habits, with limitations for free users and unlimited access for paid subscribers.
  • Grace Period: a time-limited period offered to new users during which they can access select premium features of the Calma app without charge.
  • SwiftData Framework: the technology used by the Calma app to store user data locally on the device.
  • Premium Features: additional functionalities of the Calma app available to paid subscribers, including AI-powered voice features, calendar integration, home screen widgets, and unlimited habit tracking.

2. Principles of Data Processing

We process personal data in accordance with the following principles:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

3. Information We Collect

We collect the following categories of personal data:

Information You Provide:

  • No registration is required to use the App

Automatically Collected Information:

  • IP address
  • Device information (model, OS version)
  • Crash data — Yes
  • Device ID — Yes
  • Advertising ID — Yes

Purchase Information (if applicable):

  • Purchase history — Yes

Data Collected Through Device Permissions:

  • Microphone — Yes (to record voice for speech recognition )
  • Tracking (IDFA) — Yes (for personalized advertising)

We do not process special categories of personal data (race, ethnicity, political opinions, religious beliefs, health data, biometric data for identification purposes) without your explicit consent or as required by law.

Our Service is not intended for children under 13 (or 16 in the EU), and we do not knowingly collect their data. If we learn that we have collected personal information from a child without parental consent, we will take steps to delete that information.

4. How We Use Your Information

We use your personal data for the following purposes:

  • To provide and maintain the App
  • To process payments and manage subscriptions (if applicable)
  • To send service notifications and updates
  • To analyze App usage in anonymized form to improve functionality
  • To comply with legal obligations
  • To respond to your inquiries

5. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Your consent (when you register or use features)
  • Performance of a contract (providing access to the App)
  • Legitimate interests (improving the App, analytics)
  • Legal obligations

You may withdraw your consent at any time by contacting us at info@valery.design.

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your data only:

  • With payment processors (Apple Subscriptions) to process transactions
  • With AI service providers (OpenRouter, AI model providers) to process transcriptions for task extraction and journal processing, only with your explicit consent
  • When required by law or to protect our rights
  • In anonymized form for statistical purposes

With Your Consent:

When you grant tracking permission, we may also share certain data with:

  • Apple — to assist with refund decisions and improve App Store services. This may include anonymized usage data and subscription history.
  • Advertising networks — to measure advertising effectiveness and improve marketing campaigns. This may include device identifiers and aggregated usage data.

This data is not linked to your personal identity. We use anonymized or pseudonymized identifiers that cannot be used to directly identify you as an individual. You can withdraw your consent at any time by disabling tracking in your device settings (Settings → Privacy & Security → Tracking).

6a. Third-Party AI Services

To provide AI-powered features (task extraction, journal processing), we send your transcribed text to third-party AI services.

Data We Send:

  • Transcribed text from voice recordings
  • Date/time context for task scheduling
  • System prompts (not user data)

Data We Do NOT Send:

  • Audio recordings (processed on-device)
  • Your name, email, or account identifiers
  • Location data
  • Device identifiers

Service Providers:

  • OpenRouter, Inc. (https://openrouter.ai) — API gateway that routes requests
  • AI Model Providers — Currently Google Gemini; may change. Current provider listed in our Privacy Policy updates.

Purpose: Analyze transcribed text to identify actionable tasks and process journal entries.

Data Retention: We do not store your transcriptions on our servers. Third-party providers retain data per their respective privacy policies. OpenRouter: https://openrouter.ai/privacy. Google: https://ai.google.dev/terms.

User Consent:

  • You will be asked for explicit permission before any transcribed text is sent to AI services
  • You may withdraw consent at any time in Settings → Integrations → AI Processing
  • Withdrawing consent disables AI features; manual task entry remains available

Data Protection: Our service providers are required to protect your data in accordance with applicable laws. We review provider policies to ensure adequate protection.

7. Data Retention

We retain your account data for as long as you use the App. After you delete your account, your data will be permanently deleted within 30 days. Data related to contractual and accounting obligations (such as payment information) is retained for the period required by applicable law, which may be up to 5 years.

8. Your Rights (GDPR/CCPA)

You have the following rights:

  • Right to access — request a copy of your personal data
  • Right to rectification — correct inaccurate data
  • Right to erasure — request deletion of your data
  • Right to restrict processing — limit how we use your data
  • Right to data portability — receive your data in a structured format
  • Right to object — object to processing based on legitimate interests
  • Right to withdraw consent — withdraw consent at any time

California Residents (CCPA): You have the right to know what personal information we collect, delete your personal information, and opt-out of the sale of personal information (we do not sell personal information).

To exercise your rights, contact us at info@valery.design. We will respond within one month.

You may delete your account and associated personal data directly in the App settings or by contacting us at info@valery.design.

9. Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption (HTTPS/TLS), access controls, and regular security audits.

10. International Data Transfers

Our primary servers are located in Spain. However, to provide our Services, we may use third-party service providers (e.g., for analytics, cloud hosting) that are located in other countries. When we transfer your data out of the European Economic Area (EEA), we ensure a similar degree of protection is afforded to it by using specific contracts approved by the European Commission, known as Standard Contractual Clauses (SCCs).

11. Changes to This Policy

We may update this Policy from time to time. We will notify you of any material changes by posting the new Policy in the App and on our website, and, where feasible, by sending you an email notification. The updated version will be posted in the App and on our support website.

12. Contact Us

For questions about this Policy or to exercise your rights, contact us:
Email: info@valery.design
P/E Valerii Alekseev Tax ID: 305320480