Summary (TL;DR)
What We Collect:
- ✅ Tasks, notes, and app data (stored locally on your device)
- ✅ Optional: Voice input (converted to text immediately, audio not stored)
- ✅ Optional: Calendar data (if you enable calendar sync)
- ✅ Optional: Cloud data (only if you enable Firebase sync)
What We DON'T Collect:
- ❌ Personal information (name, email, phone)
- ❌ Contacts, photos, or media files
- ❌ Browsing history or data from other apps
Your Control:
- ✅ Grant or deny any permission
- ✅ Enable or disable cloud sync
- ✅ Delete your data anytime
- ✅ Export your data anytime
Privacy First: Your data stays on your device. Cloud sync is opt-in only.
1. Introduction
Kairo ("we", "our", "us", or "the App") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application Kairo (the "App").
2. Information We Collect
2.1 Data Stored Locally on Your Device
Kairo stores the following informationlocally on your device only using local database (Hive):
Task Management Data:
- Task titles, descriptions, and notes
- Due dates, reminder times, and start dates
- Priority levels, categories, tags, and folders
- Task status (todo, in progress, completed, cancelled)
- Subtasks and task relationships
- Task templates and favorites
- Estimated and actual task durations
Calendar Integration Data:
- Calendar events synced with your device calendar (if permission granted)
- Event titles, times, and descriptions
- Calendar sync preferences
Voice Input Data (Optional, with your explicit permission):
- Audio recordings are converted to textimmediately using device speech-to-text services
- No audio files are stored - only the resulting text is saved
- Voice processing happens on your device (iOS) or via Google Speech-to-Text (Android)
- Subject to Apple/Google privacy policies for speech recognition
Focus Timer Data:
- Timer sessions and durations
- Focus session history
- Productivity statistics and analytics
- Session completion status
Analytics Data (Local Only):
- Task completion patterns
- Productivity insights
- Time tracking data
- All analytics are calculated locally on your device
- No analytics data is sent to external servers
App Preferences:
- Theme settings (light, dark, AMOLED)
- Notification preferences
- Sound and vibration settings
- Language preferences
- Other customization options
Notes Data:
- Note content and versions
- Note metadata (created date, modified date)
- Note organization (folders, tags)
Weekly Routines:
- Routine schedules and items
- Completion tracking
- Reminder settings
2.2 Optional Cloud Sync Data (Firebase - Only if you enable sync)
If you choose to enable cloud sync and sign in with Firebase:
- Tasks and task details
- Categories and tags
- Notes and note versions
- Weekly routines
- App settings and preferences
- Focus session data
- Analytics data (if sync enabled)
- Cloud sync is opt-in only - disabled by default
- You can disable cloud sync at any time
- Data is encrypted in transit (HTTPS) and at rest
- Data is associated with your Firebase account
- You can delete all cloud data at any time
2.3 Firebase Services Data
Firebase Authentication:
- Email address (if you sign in with email)
- Google account information (if you sign in with Google)
- Apple account information (if you sign in with Apple)
- Authentication tokens (stored securely)
Provider: Google Firebase |Privacy Policy: https://firebase.google.com/support/privacy
Firebase Cloud Messaging (FCM):
- Device push notification tokens
- Used to send push notifications (task reminders, daily planning, etc.)
- Token is associated with your Firebase account (if signed in)
Provider: Google Firebase |Privacy Policy: https://firebase.google.com/support/privacy
Firebase Analytics (Optional):
- App usage events (if analytics enabled)
- Feature usage statistics
- Crash reports and error logs
- Device information (OS version, app version)
- Anonymized usage data
Provider: Google Firebase |Privacy Policy: https://firebase.google.com/support/privacy
Note: Firebase Analytics can be disabled in app settings
2.4 Data We Do NOT Collect
We do NOT collect, store, or have access to:
- ❌ Your personal information (name, phone number, address) - unless you provide it in tasks
- ❌ Your contacts or contact information
- ❌ Your photos, videos, or media files
- ❌ Your browsing history or web activity
- ❌ Data from other apps on your device
- ❌ Device identifiers for advertising or tracking
- ❌ Biometric data
- ❌ Payment information
- ❌ Any data without your explicit consent
3. How We Use Your Information
3.1 Local Data Processing
All data processing happens locally on your device:
- Task Management: To display, organize, and manage your tasks
- Reminders: To send you timely notifications for tasks and deadlines
- Calendar Sync: To integrate tasks with your device calendar (optional)
- Voice Input: To convert speech to text for task creation (optional)
- Analytics: To show you productivity insights and statistics (calculated locally)
- Focus Timer: To track focus sessions and provide productivity metrics
- Notes: To store and organize your notes
- Routines: To manage weekly routines and reminders
3.2 Cloud Sync (If Enabled)
If you enable cloud sync:
- Data Synchronization: To sync your data across multiple devices
- Backup: To provide cloud backup of your data
- Multi-Device Access: To access your data from any device
- Collaboration: To enable sharing and collaboration features (if available)
3.3 Firebase Services
- Authentication: To verify your identity and manage your account
- Cloud Messaging: To send push notifications
- Analytics: To improve app functionality (if enabled)
- Crash Reporting: To identify and fix bugs (if enabled)
4. Permissions Explained
Kairo requests the following permissions.All permissions are optional - you can use the app without granting any permissions.
4.1 Required Permissions
None - The app functions without any required permissions.
4.2 Optional Permissions
| Permission | Purpose | When Requested | Deny Impact |
|---|---|---|---|
| Notifications | Send task reminders, daily planning alerts, focus session notifications | On app startup (core feature) | No notifications will be sent |
| Calendar | Sync tasks with your device calendar | Only when you enable calendar sync | Calendar sync disabled |
| Microphone | Record audio for voice-to-text conversion | Only when you tap voice input button | Voice input disabled |
| Storage | Save tasks and app data locally | Automatically granted | App may not function properly |
| Exact Alarm (Android 12+) | Schedule precise reminder times | Automatically granted or requested when needed | Reminders may be less precise |
5. Third-Party Services
5.1 Google Firebase Services
Kairo uses Google Firebase services for optional cloud features:
| Service | Purpose | Data Collected | Privacy Policy |
|---|---|---|---|
| Firebase Authentication | User authentication (email, Google, Apple) | Email, authentication tokens | Firebase Privacy |
| Cloud Firestore | Cloud database for data sync (if enabled) | Tasks, notes, categories, routines (if sync enabled) | Firebase Privacy |
| Firebase Cloud Messaging | Push notifications | Device push notification tokens | Firebase Privacy |
| Firebase Analytics | App usage analytics (optional) | Anonymized usage events, crash reports | Firebase Privacy |
5.2 Device-Provided Services
Speech-to-Text Services:
- iOS Provider: Apple Inc. (Apple Speech Recognition)
- Android Provider: Google LLC (Google Speech-to-Text)
- Purpose: Convert voice to text
- Data Collected: Voice audio (temporary, not stored)
- Privacy Policies:
- iOS: Apple Privacy
- Android: Google Privacy
- Control: Deny microphone permission to disable
Device Calendar:
- Provider: Your device's calendar app
- Purpose: Sync tasks to calendar
- Data Collected: Task details synced to your calendar
- Privacy: Data stays on your device
- Control: Deny calendar permission to disable
6. Data Security
6.1 How We Protect Your Data
- ✅ Local Storage: All data is stored locally on your device using encrypted local database (Hive)
- ✅ No Unauthorized Access: We do not have access to your local data
- ✅ Cloud Encryption: If you enable cloud sync, data is encrypted in transit (HTTPS/TLS) and at rest
- ✅ Secure Authentication: Firebase Authentication uses industry-standard security
- ✅ No Data Sharing: We do not sell, rent, or share your data with third parties (except Firebase services as described)
- ✅ Offline-First: App works completely offline - no internet required for core features
6.2 Your Responsibilities
- Keep your device secure with a passcode/biometrics
- Keep your device's operating system updated
- Only install the app from official app stores (Google Play, Apple App Store)
- Use strong passwords if you enable cloud sync
- Backup your device regularly (we don't provide cloud backups unless you enable sync)
7. Data Retention and Deletion
7.1 Local Data
- Retention: Data is stored on your device indefinitely until you delete it
- Deletion:
- Individual items: Delete within the app
- All data: Uninstall the app or clear app data in device settings
- Backup: Use the export feature (CSV, JSON, PDF) to backup your data
7.2 Cloud Data (If Sync Enabled)
- Retention: Data is stored in Firebase until you delete it
- Deletion:
- Individual items: Delete within the app (syncs to cloud)
- All cloud data: Use "Delete All Cloud Data" option in settings
- Account deletion: Delete your Firebase account
- Backup: Cloud data serves as automatic backup
8. Your Rights and Choices
8.1 Access Rights
- View Data: All your data is viewable in the app
- Export Data: Use the export feature to download your data (CSV, JSON, PDF)
8.2 Modification Rights
- Edit Data: You can modify any data at any time within the app
- Update Preferences: Change settings and preferences anytime
8.3 Deletion Rights
- Delete Individual Items: Delete tasks, notes, or other items within the app
- Delete All Local Data: Uninstall the app or clear app data
- Delete Cloud Data: Use "Delete All Cloud Data" option in settings (if sync enabled)
- Delete Account: Delete your Firebase account (if signed in)
8.4 Permission Control
- Grant Permissions: Grant permissions when requested
- Revoke Permissions: Revoke permissions anytime in device settings
- Deny Permissions: You can deny any permission - app will work with reduced functionality
8.5 Opt-Out Rights
- Disable Cloud Sync: Turn off cloud sync in settings
- Disable Analytics: Turn off Firebase Analytics in settings
- Disable Notifications: Turn off notifications in app settings or device settings
8.6 GDPR Rights (European Union)
If you are in the European Union, you have the following rights:
- Right to Access: Request a copy of your data (use export feature)
- Right to Rectification: Correct inaccurate data (edit in app)
- Right to Erasure: Delete your data (delete items or uninstall app)
- Right to Restrict Processing: Disable cloud sync
- Right to Data Portability: Export your data (CSV, JSON, PDF)
- Right to Object: Opt-out of analytics or cloud sync
- Right to Withdraw Consent: Revoke permissions in device settings
8.7 CCPA Rights (California)
If you are a California resident, you have the following rights:
- Right to Know: This privacy policy discloses what data we collect
- Right to Delete: Delete your data (delete items or uninstall app)
- Right to Opt-Out: Opt-out of data sharing (disable cloud sync)
- Right to Non-Discrimination: We will not discriminate for exercising your rights
Note: Since we primarily store data locally and cloud sync is opt-in, most CCPA rights are already satisfied.
9. Children's Privacy
Kairo is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13.
Since most data is stored locally and cloud sync is opt-in, the app is generally safe for all ages. However, parental supervision is recommended for young children.
Age Restrictions:
- Google Play Store: Rated for ages 3+ (Everyone)
- Apple App Store: Rated 4+ (Ages 4 and up)
10. International Data Transfers
10.1 Local Data
- No Transfers: Local data never leaves your device
- No International Transfers: No data is transferred internationally
10.2 Cloud Data (If Sync Enabled)
- Firebase Services: Data may be stored in Firebase data centers worldwide
- Google's Data Processing: Subject to Google's data processing locations
- Safeguards: Data is encrypted in transit and at rest
- Your Control: You can disable cloud sync to prevent international transfers
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect:
- Changes in our data practices
- New features or services
- Legal or regulatory requirements
- User feedback
How We Notify You:
- Updated policy will be posted in the app (Settings → Privacy Policy)
- Updated policy will be posted on our website (if applicable)
- Updated policy will be linked in app store listings
- Version number and "Last Updated" date will be updated
Your Continued Use:
- Continued use of the app after changes constitutes acceptance of the new policy
- If you do not agree with changes, you can stop using the app and delete your data
12. Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or your data:
Email: support@kairohub.app
Website: https://kairohub.app
Response Time: We aim to respond within 48 hours.
13. Legal Basis for Processing (GDPR)
For users in the European Union, we process your data based on:
- Consent: You grant permission for optional features (voice, calendar, cloud sync)
- Legitimate Interest: Essential app functionality (local task storage, notifications)
- Contract: Providing the service you requested (task management app)
- Legal Obligation: Complying with legal requirements (if applicable)
Withdrawal of Consent:
You can withdraw consent at any time by:
- Revoking permissions in device settings
- Disabling cloud sync in app settings
- Uninstalling the app
14. California Privacy Rights (CCPA)
14.1 Data Collection Disclosure
- Categories Collected: Tasks, notes, voice input (optional), calendar data (optional)
- Sources: You (user input), device sensors (microphone)
- Purpose: App functionality, task management, reminders
- Sharing: Only with Firebase services (if cloud sync enabled)
14.2 Your Rights
- Right to Know: This policy discloses what we collect
- Right to Delete: Delete data in app or uninstall app
- Right to Opt-Out: Disable cloud sync and analytics
- Right to Non-Discrimination: We will not discriminate
14.3 Data Sales
- We Do NOT Sell Your Data: We do not sell personal information to third parties
- No Advertising: The app does not display advertisements
- No Data Brokers: We do not share data with data brokers
15. Data Protection Officer
We do not have a Data Protection Officer (DPO) as we are a small app developer and do not meet the GDPR requirement for mandatory DPO appointment.
For privacy inquiries, please contact us using the contact information in Section 12.
16. Breach Notification
In the unlikely event of a data breach affecting your personal information:
- We will notify you within 72 hours of becoming aware of the breach
- Notification method: Email (if provided) or in-app notification
- Information provided: Nature of breach, data affected, steps taken, recommendations
Note: Since most data is stored locally, the risk of data breach is minimal. Cloud data breaches would be handled by Firebase's security measures.
17. App Store Compliance
17.1 Google Play Store Requirements
- ✅ Privacy policy URL provided
- ✅ Data safety section completed
- ✅ Permissions explained
- ✅ Third-party services disclosed
- ✅ Data collection practices transparent
17.2 Apple App Store Requirements
- ✅ Privacy policy URL provided
- ✅ Privacy nutrition labels completed
- ✅ Permission usage descriptions provided
- ✅ Data collection practices transparent
- ✅ Third-party services disclosed
18. Summary
Privacy First Principles:
- ✅ Local-first architecture - Data stays on device
- ✅ Opt-in cloud sync - Disabled by default
- ✅ No tracking - No advertising, no analytics without consent
- ✅ Transparent - We tell you exactly what we collect and why
- ✅ You control everything - Grant/deny permissions, enable/disable features
We respect your privacy because we never see your data in the first place.
19. Acknowledgment and Consent
By downloading, installing, accessing, or using Kairo, you acknowledge that you have read this Privacy Policy in its entirety and understand its contents. You consent to the collection, use, and disclosure of your information as described in this Policy.
Your continued use of the App following any changes to this Privacy Policy constitutes your acceptance of such changes. If you do not agree with any part of this Policy or any subsequent modifications, you must discontinue use of the App and may delete your account and data as described in Section 7 (Data Retention and Deletion).
This Policy is effective as of the date stated above and will remain in effect except with respect to any changes in its provisions in the future, which will take effect immediately upon being posted in the App or on our website.
Version: 1.0
Effective Date: January 4, 2026
Last Updated: January 4, 2026
This Privacy Policy is effective as of January 4, 2026 and applies to Kairo on both Android and iOS platforms.