Privacy Policy

Effective Date: April 2026

EventInk ("the App") is developed and operated by Sand Point Studios LLC ("we", "us", "our"). This Privacy Policy explains what data EventInk collects, how it is used, and what choices you have. We designed EventInk with a privacy-first approach: the App does not operate its own backend server, does not maintain a user database, and does not store your images, messages, or personal data on any remote server we control.

1. What We Collect (and What We Don't)

Data We Process

Images you provide — Photos you capture or select are sent to your chosen AI provider for event extraction. Images are transmitted directly from your device to the AI provider's API and are not stored on any server operated by us.
Calendar data — When you connect your Microsoft and/or Google account, EventInk reads your Outlook or Google Calendar events to check availability, detect duplicates, and search for existing events. EventInk writes new events to your calendar only when you explicitly confirm. You can connect one or both providers and pick any calendar from either as your default.
SMS messages (opt-in) — If you enable SMS scanning, EventInk reads recent text messages on your device to detect event-related content. Message text may be sent to your chosen AI provider for natural language processing. SMS scanning is entirely optional and must be explicitly enabled by you.
Natural language text input — Text you type into the event creation or availability fields is sent to your chosen AI provider for processing.
App preferences — Your settings (selected AI provider, API keys, default calendar, theme preferences) are stored locally on your device using AsyncStorage.

Data We Do NOT Collect

We do not collect or store your name, email address, or account credentials on any server we operate.
We do not maintain a user database or create user accounts.
We do not store your images, calendar data, or SMS messages on any remote server.
We do not use analytics, tracking pixels, or advertising SDKs.
We do not sell, rent, or share your personal data with third parties for marketing purposes.

2. How We Use Your Data

All data processing in EventInk serves a single purpose: extracting event information and managing your calendar. Specifically:

Images and text are sent to AI providers solely to extract structured event details (title, date, time, location, description).
Calendar data is read to check your availability and search for events. Calendar writes only occur with your explicit confirmation.
SMS messages are scanned locally and sent to AI providers only to identify potential event information within the text.
Preferences are stored locally to persist your app configuration between sessions.

3. Third-Party Services

EventInk integrates with the following third-party services. When you use these services, your data is subject to their respective privacy policies:

Service	Data Sent	Privacy Policy
OpenAI	Images (base64), text prompts	openai.com/policies/privacy-policy
Anthropic (Claude)	Images (base64), text prompts	anthropic.com/privacy
Google (Gemini)	Images (base64), text prompts	policies.google.com/privacy
Microsoft Graph API	OAuth tokens, Outlook calendar read/write requests	privacy.microsoft.com
Google Calendar API	OAuth tokens, Google Calendar read/write requests	policies.google.com/privacy

When you connect a Microsoft or Google account, EventInk uses the provider's standard OAuth 2.0 flow directly from your device. Credentials are never seen by us.

AI API calls include image data that is processed by each provider according to their own data handling and retention policies. We encourage you to review the privacy policies linked above to understand how each provider handles your data.

Your API keys for these services are stored locally on your device and are sent directly from your device to the provider. We never see, transmit, or store your API keys on any server.

4. SMS Scanning

The SMS scanning feature is designed with privacy as a priority:

Opt-in only — SMS scanning is disabled by default and requires your explicit action to enable.
On-device filtering — EventInk performs an initial scan of messages locally on your device to identify texts that may contain event-related content before sending anything to an AI provider.
Limited transmission — Only messages identified as potentially event-related are sent to the AI provider for extraction. EventInk does not send your entire message history.
No storage — SMS content is not stored by EventInk beyond the active processing session. Messages are read from the device's SMS database in real time and are not copied or cached.
Revocable — You can disable SMS scanning at any time in the App settings, and you can revoke the SMS permission through your device's system settings.

5. Data Storage

EventInk stores data exclusively on your device:

AsyncStorage — App preferences, AI provider configuration, default calendar selection, and event processing history are stored locally using React Native's AsyncStorage. This data never leaves your device unless you explicitly back up your device through your operating system's backup features.
No cloud database — EventInk does not operate any cloud database, backend server, or data warehouse. There is no remote system collecting or storing your data.
Microsoft and Google account tokens — OAuth access tokens for Microsoft Graph and Google Calendar are stored locally on your device and are used only for authorized calendar operations. Tokens are refreshed according to each provider's OAuth flow and can be revoked by signing out of the App or removing EventInk's access from your Microsoft or Google account settings.

6. Self-Hosted AI Option

EventInk supports connecting to a self-hosted Ollama instance for AI processing. When using this option:

All image and text data is sent to your own Ollama server on your local network.
No data is transmitted to any third-party AI provider.
All processing occurs entirely within your own network infrastructure.
This option provides the highest level of privacy, as no data leaves your control at any point.

If data privacy is a significant concern, we recommend using the self-hosted option.

7. Your Rights

Because EventInk does not collect or store your personal data on any server, many traditional data rights (such as deletion requests or data portability) are inherently satisfied by the App's architecture. However, you have the right to:

Disconnect your Microsoft account at any time by signing out in the App or revoking access at account.live.com/consent/Manage.
Disconnect your Google account at any time by signing out in the App or revoking access at myaccount.google.com/permissions.
Revoke permissions — You can revoke camera, SMS, and other permissions through your device's system settings at any time.
Clear local data — You can clear all locally stored data by clearing the App's data through your device settings or by uninstalling the App.
Choose your AI provider — You can switch providers or use a self-hosted option at any time to control where your data is processed.
Contact us — If you have questions about your data or wish to exercise any privacy rights, contact us at the address below.

8. Children's Privacy

EventInk is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal information through the App, please contact us and we will take appropriate steps to address the situation.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in the App's functionality or applicable laws. When we make changes, we will update the "Effective Date" at the top of this page. We encourage you to review this policy periodically. Continued use of the App after changes constitutes acceptance of the updated policy.

10. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or EventInk's data practices, please contact us:

Sand Point Studios LLC
Email: [email protected]