← Back to home

Privacy Policy

Last updated: May 24, 2026

Short version: everything you write in calmflect stays on your device. The app has no servers, collects no analytics, and never sees your entries. This website collects no personal data at all.

1. Who we are

calmflect is provided by the developers of calmflect, the data controllers for the limited processing described here. Contact: hello@calmflect.com.

2. What is stored, and where

Your entries (answers, notes, dates), any in-progress draft, and your settings (reminder time, app-lock preference, language) are stored only in calmflect's private storage on your device. This data never leaves your device and is never sent to us or anyone else.

3. This website

This website is purely informational. It has no sign-up, no contact form, and no analytics, and it collects no personal data from you. It sets no cookies and loads no third-party scripts; fonts are served from this site rather than from a third party. The Android version is still in development; when it's ready it will be announced here and on Google Play.

4. Sign in with Apple

Signing in with Apple is optional and can be skipped. If you use it, we store only a one-way (SHA-256) hash of your Apple user identifier on your device, so the app can recognise the device. We do not store or transmit your name, email, or your actual Apple ID. The sign-in itself is handled by Apple and is subject to Apple's own privacy policy.

5. What we do NOT do

We do not collect analytics, we do not run ads, we do not track you, we use no third-party SDKs, and the app operates no servers or cloud sync. We do not access your health data, location, contacts, camera, microphone, or photos.

6. Face ID / Touch ID and passcode

The optional app lock uses iOS's built-in authentication. Your biometric data is handled entirely by iOS — calmflect never has access to it.

7. Notifications

If you enable reminders, they are scheduled as local notifications by iOS on your device. No push servers or notification tokens are involved.

8. Legal basis and transfers

Because your app data stays on your device and we receive no copy, there is no transfer of that personal data to us, to any processor, or to any country outside the EU. To the extent any processing occurs, it happens locally under your control. Where any limited processing does rely on a legal basis — for example the optional Sign in with Apple — it rests on your consent, which you give by choosing that option and can withdraw by signing out or resetting.

9. Keeping and deleting your data

Your app data remains on your device until you delete it. You can erase everything at any time using Reset in Settings, or by deleting the app.

10. Your rights

Under the GDPR you have rights to access, rectify, erase, restrict, port, and object to the processing of your personal data. Because your app data lives solely on your device and we hold no copy, you already hold and control that data yourself: you can read and edit your entries in the app, and erase all of it at any time using Reset in Settings or by deleting the app. If you have any questions, contact us at hello@calmflect.com. You also have the right to lodge a complaint with your local EU data protection supervisory authority.

11. Children

calmflect is not directed at children under 16 and does not knowingly process their data.

12. Changes

We may update this policy. We'll note material changes inside the app and update the date above.

13. Contact

Questions about your privacy? Email hello@calmflect.com.