We at Calenvar and Bocaracode S.R.L are committed to handling your information honestly and respectfully. We will never sell, rent, or trade your personal information or the content of your Entries, Variables, or Workspaces to third parties.
You should know up front that:
Calenvar is in Beta. Features can change, data loss can happen, and we cannot guarantee the Service against accidental loss, corruption, unauthorized disclosure, or attacks. You agree we shall have no liability for damages arising from these circumstances.
Your textual content is encrypted both in transit and at rest within our systems, and we treat what you write as private: our team does not read, browse, or share the contents of your Entries.
Several features (audio transcription, semantic search, chat) require sending your content to an AI subprocessor in real time. See sections 4 and 5.
2. Information We Collect
To provide, maintain, and improve the Service, we collect:
Account information you provide: email, username, password hash, language, time zone, country, and week-start preference;
Usage telemetry: which features you use, how often, the number of Entries, Variables, Workspaces, and Conversations you create, the character or word count of each, your subscription plan and quota usage — but not the textual content itself;
Technical metadata: browser, operating system, device family, IP address (used for rate limiting and abuse detection — not stored as a profile attribute), and session identifiers;
Error and performance telemetry: HTTP path, route name, status code, and a stack trace when an unhandled exception occurs. Our backend explicitly scrubs user-authored content from these payloads;
Forum content you choose to publish: thread titles, thread bodies, posts, and quotes;
Messages you send through our contact form or official support channels;
If you delete your account: an optional free-text reason you provide.
3. How We Use Your Data
We use the collected data only to:
Operate the Service and authenticate you;
Provide AI features you actively trigger (transcription, semantic search, chat, content extraction);
Analyze and monitor aggregate usage patterns;
Diagnose technical issues and improve performance;
Communicate service-related notifications;
Prevent abuse and enforce our Terms.
4. Subprocessors and Third-Party Services
To run Calenvar we rely on the following third-party services. They process the data described below on our behalf and are bound by their own privacy commitments:
Cloudflare, Inc. — AI inference through Cloudflare AI Gateway and Workers AI. Receives the inputs you submit to AI features: audio files for transcription, entry text for embeddings and summarization, and chat messages with their context. Per Cloudflare's terms for Workers AI, these inputs are not used to train Cloudflare's models.
Cloudflare Turnstile — bot and abuse protection on sign-up, login, and password recovery forms. Loads a script in your browser.
PostHog (United States) — product analytics and error tracking. Receives only identifiers, counts, enumerated event names, country, language, plan ID, model name, and similar non-content properties. Our backend has an enforced denylist that prevents user-authored fields (entry content, chat messages, transcriptions, search queries, forum bodies, titles, etc.) from ever being sent.
Resend — delivery of transactional emails (password recovery, contact form forwarding).
Google — optional OAuth sign-in. If you choose this option, we receive your Google account email and display name to create or match your Calenvar account.
5. AI Processing of Your Content
Several Calenvar features only work by sending your content to our AI subprocessor (Cloudflare Workers AI). Specifically:
Audio transcription — audio you record is sent for speech-to-text processing;
Semantic search and indexing — the text of each Entry is sent so a numerical embedding can be computed and stored. Embeddings are mathematical representations; they cannot reconstruct the original text exactly but they do preserve semantic meaning;
Entry summarization — long Entries (roughly 500 words or more) are summarized so search remains usable;
Chat and question-answering — your messages and the Entries selected as context are sent to the model;
Variable extraction and text cleanup — when you invoke these tools.
Calenvar does not train its own models on your data, and our subprocessor agreements do not authorize training on your inputs. If you do not want a piece of content processed by AI, do not invoke these features on it.
6. Encryption and Security
We implement the following safeguards:
Encryption at rest for the textual content of your Entries, summaries, and descriptions;
Encryption in transit (TLS) for all traffic between your browser, our backend, and our subprocessors;
Industry-standard password hashing — we never store plain-text passwords;
Per-user isolation at the database query level — your data is always scoped to your user ID;
Rate limiting and Turnstile challenges on sensitive endpoints.
Beyond these technical measures, we operate Calenvar as a private space for you: our team does not read, browse, or share the contents of your Entries, and access to production systems is restricted to the people who need it to keep the Service running and respond to support requests. No security system is impenetrable, and during Beta we cannot guarantee absolute protection, but we will continue to strengthen these safeguards as the Service matures.
7. Data You Make Public
The following information is publicly visible to other authenticated users when you choose to engage with collaborative features:
Your username;
Any forum thread you create: its title and body;
Any forum post or quote you publish: its body and the post you quoted.
Treat forum content as public and permanent. See section 11 for what happens to forum content if you delete your account.
8. Cookies and Local Storage
We use a small number of cookies and browser storage items, all strictly necessary to operate the Service:
A primary session cookie (HTTP-only, encrypted) that keeps you logged in;
A session middleware cookie used by our OAuth flow;
Cookies set by Cloudflare Turnstile on pages where the challenge is displayed;
Browser local storage used by the application to remember UI preferences.
We do not use third-party advertising or cross-site tracking cookies.
9. Email Communications
We will use the email address you provide to send you transactional and service-related messages only — for example, password recovery, important security notices, and replies from our support team. We will never share or sell your email address to external companies. If we ever add a marketing or product-update mailing list, it will be opt-in, with clear unsubscribe controls.
10. Your Rights and Choices
You can, at any time, from within the Service:
Access and review your account profile, subscription and quota usage, and active sessions through the in-app account settings;
Edit or delete individual Entries, Variables, Workspaces, and Conversations from within the Service;
Correct your profile information (username) from the settings page;
Revoke device sessions from the settings page;
Export a portable copy of your Entries, Variables, Workspaces, and Conversations from the settings page;
Delete your forum threads and posts individually from the forum interface;
Delete your account from the settings page — see section 11 for what this actually does.
Important: all of these actions — including non-destructive ones like exporting your data — must be performed by you, signed in, from inside the Service. We do this to protect you: a request received by email or any other out-of-band channel gives us no reliable way to verify that the person asking is actually you, and acting on it could expose or destroy the wrong person's data. Please use the in-app controls.
Please only about these rights if the Service is down or the in-app controls are not working; in that case we may require additional verification before acting.
11. Data Retention and Deletion
Account deletion can only be initiated by you, while signed in, from the "Settings" page within the Service. We do not honor account-deletion requests received by email or any other out-of-band channel, because we cannot reliably verify the requester's identity that way and we will not risk destroying the wrong person's data. The only exception is if the Service or the in-app deletion control is broken; in that case, contact us and we will guide you through additional verification.
When you delete your account from the settings page, the following happens, in this order:
Immediately: your email and username are replaced with anonymous placeholders, your password is removed, every active session is revoked, and you are logged out;
Within 30 days: your Entries, Variables, Workspaces, Variable Categories, Variable Observations, Conversations, Conversation Messages, configuration, and quota records are purged from our active systems;
Forum content: your threads and posts remain visible because other users may have replied to them, but they are reattributed to an anonymous author. Once your account is deleted there is no way to map an anonymized post back to you, so we cannot remove specific posts on your behalf afterwards. If you want any of your forum content gone, delete it yourself from the forum before deleting your account — the forum exposes a delete button on each of your threads and posts for exactly this purpose;
Deletion feedback: if you provided a free-text reason when deleting your account, we keep the reason text to improve the Service. We do not link this text back to your former email or username after the anonymization step described above;
Backups: encrypted backups rotate on a maximum 30-day cycle; deleted data disappears from backups as they rotate out;
Analytics (PostHog): our analytics do not store your email, username, or any other field that can identify you in the real world — only enumerated event names, counts, and similar non-content properties keyed by an opaque user ID. When you delete your account, any analytics records that are tied to your user ID and could still be considered personal are purged along with your account, so there is nothing left for you to ask us to delete separately. Aggregated, non-identifying telemetry may be retained indefinitely.
We may also, at our sole discretion, delete accounts that have shown no activity for more than one (1) year, following the same anonymization and purge process described above.
12. International Data Transfers
Calenvar is operated from Costa Rica, and our subprocessors are located in the United States and the European Union. By using the Service, you acknowledge that your data may be transferred to and processed in countries other than your own, under the safeguards described in this Policy.
13. Children's Privacy
The Service is not directed to children under 13, and we do not knowingly collect personal information from anyone under that age. Some jurisdictions require a higher minimum age (16 in parts of the European Union); if local law requires a higher age, you must meet that age to use the Service. If you become aware that a minor has provided us with personal information without appropriate consent, please contact us so we can remove it.
14. Prohibited Uses of Content
Under no circumstances will we use the textual content of your Entries, Variables, or Workspaces to:
Train machine-learning or language models, whether our own or a third party's;
Sell, rent, or share with external companies for their own purposes;
Identify you publicly or compromise your personal or professional reputation;
Any other purpose not explicitly authorized in this Policy.
15. Legal Disclosure Exception
We will only disclose your information if required to do so by a valid court order or as otherwise required by applicable law. Where legally permitted, we will notify you before complying.
16. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and post the new version here. For changes that materially reduce your rights or expand our use of your data, we will make a reasonable effort to notify you by email or via an in-app notice at least 30 days before the change takes effect.
17. Contact Us
If you have any questions or concerns about this Privacy Policy, please . Remember that destructive actions on your account or content must be performed by you, signed in, from inside the Service (see sections 10 and 11).