Privacy Policy
Privacy Policy for Calarm
Last Updated: February 28, 2026
App Details
- Developer: Rivelo Labs
- App Name: Calarm - Smart Wake-Up
- Bundle ID: com.eventalarm.app
- Contact Email: rivelolabs@gmail.com
1. Introduction
Calarm ("we", "our", or "the App") respects your privacy. This Privacy Policy explains what information we collect, how we use it, how we share it, and your choices regarding your data when you use the Calarm iOS application.
By using Calarm, you agree to the collection and use of information as described in this policy.
2. Information We Collect
2.1 Information You Provide
| Data Type | Purpose | Required |
|---|---|---|
| Google Account Email | Account creation and identification | Yes |
| Google Display Name | Personalization within the app | Yes |
| Google Calendar Data (read-only) | Reading your calendar events to create alarms automatically | Yes |
2.2 Information Collected Automatically
| Data Type | Purpose | Required |
|---|---|---|
| Firebase Authentication Token | Secure API authentication | Yes |
| Apple Push Notification (APNs) Token | Delivering alarm notifications to your device | Yes |
| Device Name | Identifying your device for push notification delivery | Yes |
| Subscription Status | Managing your free or premium plan | Yes |
2.3 Information We Do NOT Collect
- We do not collect your precise location
- We do not collect your contacts or address book
- We do not collect health or fitness data
- We do not collect photos, videos, or media files
- We do not collect browsing history
- We do not collect financial or payment information (all payments processed by Apple)
- We do not collect advertising identifiers (IDFA)
- We do not run any analytics or tracking SDKs
- We do not collect your Google account password
3. How We Use Your Information
We use the information we collect for the following purposes:
- Account Authentication: To securely sign you in via Google Sign-In and Firebase Authentication.
- Calendar Sync: To read your Google Calendar events (read-only) and automatically create alarms based on event colors you configure.
- Alarm Delivery: To schedule system-level alarms (via AlarmKit on iOS 26+) and send push notifications so you never miss an event.
- Subscription Management: To verify your subscription tier (Free, Trial, or Premium) and provide the appropriate features.
- App Functionality: To save your alarm preferences (alarm color rules, timing settings, sound preferences).
4. Third-Party Services
4.1 Firebase Authentication (by Google)
- Purpose: Secure user authentication
- Data Shared: Email address, authentication tokens
- Privacy Policy: https://firebase.google.com/support/privacy
4.2 Google Sign-In (by Google)
- Purpose: User login and Google Calendar authorization
- Data Shared: Google account email, display name, calendar read-only access token
- Privacy Policy: https://policies.google.com/privacy
4.3 Google Calendar API
- Purpose: Reading calendar events to create automatic alarms
- Access Level: Read-only (`calendar.readonly` scope)
- Data Accessed: Event titles, start/end times, locations, descriptions, calendar names, event colors, and event links
- We do NOT modify, create, or delete your calendar events
4.4 Apple StoreKit
- Purpose: In-app subscription purchases
- Data Shared: Transaction data processed entirely by Apple
- Privacy Policy: https://www.apple.com/legal/privacy
4.5 Apple Push Notification Service (APNs)
- Purpose: Delivering alarm notifications
- Data Shared: Device push token, notification content (event title, time)
5. Data Storage and Security
5.1 Local Storage
- Keychain: Your authentication token is stored securely in the iOS Keychain with `afterFirstUnlock` protection, encrypted by the device hardware.
- AlarmKit: Alarm data is stored locally on your device by the iOS system for scheduled alarms.
- No other data is stored locally on your device.
5.2 Server Storage
- Your account data, alarm records, and preferences are stored on our secure backend server hosted on Railway (https://railway.app).
- All communication between the app and our server uses HTTPS encryption.
- Authentication is enforced via Firebase ID tokens on every API request.
5.3 Google Calendar Tokens
- Your Google Calendar authorization code is exchanged server-side for an access token.
- Calendar access tokens are stored securely on our backend server.
- These tokens provide read-only access to your calendar.
6. Data Sharing
We do not sell, rent, or trade your personal information to third parties.
We share data only with:
- Google (Firebase and Google Sign-In): For authentication purposes only.
- Apple: For push notification delivery and subscription transaction processing.
- Our Backend Server: To sync your alarms, preferences, and subscription status.
We may disclose your information if required by law or to protect our legal rights.
7. Data Retention
- Your data is retained as long as your account is active.
- When you delete your account (via Settings > Delete Account), we permanently delete:
- Your user profile and email
- All alarm records
- All calendar connection tokens
- All color rule preferences
- Your Firebase authentication account
- Push notification tokens are removed when you sign out or delete your account.
8. Your Rights and Choices
8.1 Access and Deletion
- You can view your account information in the Settings tab.
- You can delete your account and all associated data at any time from Settings > Delete Account.
8.2 Google Calendar Access
- You can disconnect Google Calendar access by revoking Calarm's permissions in your Google Account settings at https://myaccount.google.com/permissions.
8.3 Push Notifications
- You can disable push notifications at any time via iOS Settings > Calarm > Notifications.
8.4 Subscription
- You can manage or cancel your subscription at any time via iOS Settings > Apple ID > Subscriptions.
9. Children's Privacy
Calarm is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal data, we will delete it promptly.
10. Permissions Used
| Permission | Reason |
|---|---|
| Notifications | To deliver alarm alerts when your calendar events are approaching |
| AlarmKit (iOS 26+) | To schedule system-level alarms that ring even when the app is closed |
| Internet Access | To sync alarms with our server and authenticate with Google |
| Google Calendar (read-only) | To read your events and automatically create alarms based on color rules |
11. Apple App Tracking Transparency
Calarm does not track you across other companies' apps or websites. We do not use the App Tracking Transparency framework because we do not perform any tracking. We do not collect the Identifier for Advertisers (IDFA).
12. California Privacy Rights (CCPA)
If you are a California resident, you have the right to:
- Know what personal data we collect about you
- Request deletion of your personal data
- Not be discriminated against for exercising your privacy rights
To exercise these rights, delete your account within the app or contact us at rivelolabs@gmail.com.
13. European Privacy Rights (GDPR)
If you are in the European Economic Area, you have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion of your data
- Object to processing of your data
- Data portability
Our legal basis for processing your data is your consent (by signing in and using the app) and legitimate interest (providing the alarm service). To exercise these rights, contact us at rivelolabs@gmail.com.
14. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last Updated" date at the top of this page. Continued use of the App after changes constitutes acceptance of the updated policy.
15. Contact Us
If you have any questions about this Privacy Policy, please contact us:
- Email: rivelolabs@gmail.com
- Website: https://rivelolabs.com/privacy/calarm
Apple App Store Privacy Nutrition Label
Below is the data declaration for the App Store privacy label:
Data Used to Track You
- None - We do not track you across apps or websites.
Data Linked to You
| Data Type | Purpose |
|---|---|
| Email Address | App Functionality, Account Authentication |
| Name | App Functionality, Personalization |
| User ID (Firebase UID) | App Functionality, Account Authentication |
Data Not Linked to You
| Data Type | Purpose |
|---|---|
| Purchase History | App Functionality (subscription status) |
| Device ID (APNs Token) | App Functionality (push notifications) |
Data Not Collected
Location, Contacts, Photos, Health, Fitness, Financial Info, Sensitive Info, Browsing History, Search History, Diagnostics, Advertising Data, Usage Data.