Privacy Policy

Effective date: February 19, 2026 · Last updated: February 19, 2026

TellDo ("we," "our," "us") is a voice-first planning application operated by an individual developer based in Montenegro. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our mobile applications (iOS, Android, macOS) and cloud services (collectively, the "Service").

By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use the Service.

1. Data We Collect

1.1 Account Data

Email address — for account creation, login, password recovery, and email reports.
Display name — optional, for personalization.
Password — stored as a bcrypt hash; we never store or see your plaintext password.
Locale and timezone — for language preferences, report scheduling, and date interpretation.

1.2 Audio Recordings

Voice notes you record within the app. Audio is uploaded to our servers for transcription and AI analysis.
Audio is converted to OGG/Opus format (compressed) and stored in encrypted object storage.
Audio is retained for in-app playback and can be deleted by you at any time.

1.3 Generated Content

Notes — transcripts, titles, summaries, tags, priorities, created by AI from your voice.
Tasks — action items with deadlines, tags, priorities, statuses.
Events — calendar events with times, locations, attendees, recurrence rules.
Reports — daily, weekly, monthly, and yearly AI-generated productivity summaries.
Tags — auto-detected and user-created labels for organizing content.

1.4 User Profile Data

If you enable profile features (on by default, opt-out available), we extract observations from your voice notes to build a personal profile:

Names, occupation, interests, people you mention, behavior patterns, communication style.
This data is used solely to personalize AI reports and note analysis for you.
You can view, edit, or delete your profile at any time via the app.

1.5 Device Data

Device identifier (UUID) — generated by the app for multi-device sync and per-device authentication.
Platform and app version — for compatibility and debugging.
Push notification token (if enabled) — for sending notifications.

1.6 Usage and Diagnostic Data

API usage logs — which features you use, request counts, token consumption (for quota management).
Error logs — technical errors for debugging (no personal content included).
We do not use third-party analytics SDKs, advertising trackers, or fingerprinting.

1.7 Integration Data

If you connect third-party integrations (e.g., Todoist), we store:

API tokens for the integration (encrypted at rest).
External task/event IDs for sync purposes.

2. How We Use Your Data

Purpose	Data used	Legal basis (GDPR)
Provide the Service (transcription, AI analysis, sync)	Audio, account, content	Contract performance (Art. 6(1)(b))
Generate productivity reports	Notes, tasks, events, profile	Contract performance
Send email reports	Email, notes, tasks	Consent (opt-out via settings)
Multi-device sync	All content, device ID	Contract performance
Third-party integrations (Todoist)	Tasks, integration tokens	Consent (user-initiated connection)
Personalize AI with user profile	Observations, profile	Consent (opt-out available)
Quota enforcement and billing	Usage counts	Contract performance
Security and fraud prevention	Login attempts, device data	Legitimate interest (Art. 6(1)(f))
Service improvement and debugging	Anonymized error logs	Legitimate interest

We do not:

Sell your personal data to third parties.
Use your data for advertising or marketing purposes.
Use your audio, transcripts, or content to train AI models.
Share your data with data brokers.

3. Third-Party Data Processors

We use the following third-party services to provide core functionality. Your data is processed under data processing agreements with each provider:

Service	Purpose	Data shared	Location
Soniox	Speech-to-text transcription	Audio recordings	United States
OpenAI	AI analysis, note structuring, embeddings, profile synthesis	Transcripts, task context	United States
Anthropic	AI report generation (Pro/Ultra plans)	Report context (notes, tasks summaries)	United States
Resend	Transactional email delivery	Email address, report content	United States
Todoist (if connected)	Task synchronization	Task titles, descriptions, status	United States

All third-party processors are contractually bound to process your data only as instructed by us and to maintain appropriate security measures. None of these providers use your data to train their AI models.

4. International Data Transfers

Our servers are located in Europe (Germany). However, some third-party processors (Section 3) are located in the United States. For these transfers, we rely on:

The EU-U.S. Data Privacy Framework (where applicable).
Standard Contractual Clauses (SCCs) approved by the European Commission.
The processors' own GDPR compliance commitments.

5. Data Retention

Data type	Retention period
Account data	Until account deletion
Audio recordings	Until you delete them or your account
Notes, tasks, events	Until you delete them or your account
Soft-deleted items (trash)	Free: 7 days · Basic: 30 days · Pro: 90 days · Ultra: 365 days
Reports	Until account deletion
User profile & observations	Until you clear profile or delete account
API usage logs	12 months, then anonymized
Error logs	30 days
Backups (encrypted)	30 days, then deleted
Data exports (GDPR)	48 hours after generation

When you delete your account, all personal data is permanently removed within 24 hours of admin approval, including: database records (cascade delete), audio files from object storage, GDPR exports, and Redis quota counters.

6. Data Security

Encryption in transit: All connections use TLS 1.2/1.3 (HTTPS).
Encryption at rest: Audio files stored in encrypted object storage (MinIO). Backups encrypted with AES-256-CBC.
Password security: Passwords hashed with bcrypt (never stored in plaintext).
Authentication: JWT-based with per-device refresh tokens. Tokens are revokable.
Infrastructure: Database, cache, and storage services are not exposed to the public internet.
Access control: Services run under a dedicated system user with minimal privileges.
Monitoring: SSH brute-force protection via fail2ban.

7. Your Rights

7.1 Under GDPR (European Users)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights:

Access (Art. 15) — Request a copy of all your personal data. Available via the in-app data export feature.
Rectification (Art. 16) — Correct inaccurate data via your account settings.
Erasure (Art. 17) — Delete your account and all associated data. Available via the in-app account deletion feature.
Data Portability (Art. 20) — Export your data in machine-readable JSON format. Available in the app.
Restriction of Processing (Art. 18) — Request that we limit processing of your data.
Object to Processing (Art. 21) — Object to processing based on legitimate interest.
Withdraw Consent — Where processing is based on consent (email reports, profile), you can withdraw at any time via app settings.

7.2 Under CCPA (California Residents)

If you are a California resident, you have the right to:

Know what personal information we collect and how it is used.
Delete your personal information.
Opt-out of sale — We do not sell your personal information. We never have and never will.
Non-discrimination — We will not discriminate against you for exercising your rights.

Categories of personal information collected (per CCPA): identifiers (email), audio/electronic information (recordings), internet activity (usage logs), inferences (AI-generated content).

7.3 How to Exercise Your Rights

In-app: Data export and account deletion are available directly in the app settings.
Email: Contact us at privacy@telldo.app for any privacy-related request.
We will respond to verified requests within 30 days.

8. Cookies and Tracking

Our website (telldo.app) does not use cookies, tracking pixels, or third-party analytics. We do not track you across websites. Our mobile apps do not contain advertising SDKs or third-party analytics frameworks.

9. Children's Privacy

The Service is not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If we discover that we have collected data from a child under 16, we will delete it promptly. If you believe a child has provided us with personal data, please contact us at privacy@telldo.app.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

Update the "Last updated" date at the top of this page.
Notify you via email or in-app notification for significant changes.
Request renewed consent where required by law.

Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data:

Email: privacy@telldo.app
General support: support@telldo.app
Website: https://telldo.app

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.

This Privacy Policy applies to the TellDo mobile applications (iOS, Android, macOS) and the cloud service at api.telldo.app. It does not apply to third-party services linked from our app (Todoist, Things, Apple Calendar, etc.), which have their own privacy policies.