Privacy Policy

Last updated: 16 May 2026 · Agreement version: 4

Legal Framework

This Privacy Policy is prepared in accordance with Turkey's Personal Data Protection Law No. 6698 (KVKK) and the EU General Data Protection Regulation 2016/679 (GDPR). The policy covers the management of personal data stored on the user's device and processed via optional cloud/AI features.

Data Controller

This application is developed by Mustafa Can. For questions regarding data processing, you can contact info@psyagenda.app.

Data Ownership

All data created and stored within the application (client records, appointments, session notes, financial records, tests, images) is entirely the property of the user. The developer makes no claim over this data; it is not analyzed, sold, licensed, or shared with any third party.

Data Collected and Processed

The application stores the following data categories locally on your device only:

• Client information: Name (required), phone, email, address, date of birth, notes (all optional).
• Appointment and session data: Date, time, duration, session notes, pre/post-session notes.
• Test data: Rorschach, drawing test, and manual test records, images, and AI evaluations.
• Financial data: Session fees, income-expense records, payment tracking.
• Settings and preferences: Language, currency, calendar preferences, notification templates.

Data Storage

• All data is stored only in the local database (SQLite or IndexedDB) on the user's device.
• Beyond user-initiated synchronization and support emails, no third party including the developer can access this data.
• When App Lock is enabled, data is protected by a password.

Synchronization and Cloud Storage

• Synchronization is entirely optional and disabled by default.
• When enabled, data is encrypted with a user-defined password using AES-256-GCM standard and stored only in the user's own Google Drive account in the private app data folder (appDataFolder).
• The encryption key is derived only on the user's device; no one, including the developer, can decrypt the data.

AI Usage and Data Sharing

• AI features are entirely optional. Users enter their own API key and decide which data to process.
• When AI is used, only the relevant session notes, test data, or images are sent to the Google Gemini API.
• Client identifying information (name, phone, email, address) is never sent to the AI service.
• Google's data usage policies vary depending on the user's API plan (free/paid). Detailed information is available in the in-app API guide.

Third-Party Services

• Google Gemini API: Optional AI analysis (with the user's own API key).
• Google Drive: Optional encrypted synchronization (the user's own account).
• Google Play / App Store: App distribution and license verification.
• RevenueCat: A device-specific random user identifier (App User ID) and the store purchase receipt are shared for subscription purchase flow and receipt validation. No personal data (name, email, session notes, confidential client information) is shared.
• Beyond these, and beyond support emails the user voluntarily initiates via About > Support/Feedback, no data is transferred to any third-party service.

No Advertising or Tracking

• PsyAgenda displays no advertisements. There is no integration with any ad network.
• It contains no analytics services (Google Analytics, Firebase Analytics, Mixpanel, etc.); no usage statistics are collected.
• Under Apple's App Tracking Transparency (ATT), no tracking is performed; advertising identifiers such as IDFA are not requested.
• No crash reporting / automatic error reporting service is used. Diagnostic logs are transmitted only via support emails the user manually initiates.

Age Restriction and Children's Data

• PsyAgenda is designed for professional therapists (psychologists, psychiatrists, counselors) aged 17 and over. It does not present child-oriented content or interaction and does not collect data directly from children.
• If the user (therapist) enters information about a minor client, this occurs under the parent/guardian's consent and within the user's own professional/ethical responsibility. The developer is not involved in this consent process.

Encryption and Export Compliance

• The application uses only standard, publicly available encryption algorithms: AES-256-GCM (data and backup encryption), PBKDF2-HMAC-SHA-256 (key derivation), SHA-256 (integrity verification).
• These algorithms fall under the "standard exempt" category under Apple App Store and U.S. export regulations. The application does not implement any proprietary cryptographic algorithm.

Data Retention

• Data is stored locally on the device until the user deletes it themselves. There is no automatic deletion.
• The user can permanently delete all device data via Settings > Storage > "Delete All Local Data" and cloud data via Settings > Sync > "Delete All Drive Data".
• Diagnostic logs (DIAG_ERRORS) are kept in a sliding window of approximately 1 MB; older entries are automatically discarded.

Bug Reports and Diagnostic Data

• The application generates technical diagnostic logs for errors that occur during use, and stores them locally on your device only (a sliding window of approximately 1 MB; older entries are automatically discarded).
• These logs contain only: error messages and technical stack traces, action types within the app (e.g. "screen changed", "modal opened/closed", "notification toast displayed", "synchronization started/completed", "license state changed", "AI button clicked", "native system operation (file save/delete, notification scheduling) result"), the active screen name, device platform, app version, language, license type, and network status.
• These logs do not contain client identifying information, phone numbers, emails, addresses, session note content, appointment titles, financial records, photos, or any other personal data — this is technically guaranteed by the application architecture: every log point that could carry user content is designed to record only short static identifiers rather than the content itself. Only the type of action is recorded — never its content.
• Diagnostic logs stay on your device. They are sent to info@psyagenda.app only when you use About > Support/Feedback > "I'm having a problem" and tap Send — together with the description you wrote.
• Before sending, the email client opens so you can review, edit, or cancel the message. This feature is fully under your control; no automatic or background submissions occur.

Device Permissions

The application may request the following device permissions to provide certain features. All permissions are optional and are only requested when the related feature is used:

• Internet (INTERNET): Used to connect to Google Drive sync and Gemini AI features. No network connection is established unless you use sync or AI features.
• Camera (CAMERA): Used to attach photos to session notes or test records.
• Notifications (POST_NOTIFICATIONS): Used to send appointment reminder notifications.
• Exact Alarms (SCHEDULE_EXACT_ALARM): Used to trigger appointment reminders at the exact scheduled time.
• Contacts (READ_CONTACTS): Used for the add-from-contacts feature. Only the name, phone number, and email of the contact selected by the user are read; no other contacts are accessed and no contact data is transmitted outside the device.
• External Storage (WRITE_EXTERNAL_STORAGE — only on Android 9 and below): Used to save report downloads (PDF/DOCX) to the device's "Downloads" folder. This permission is not needed on Android 10 and later.

Denying a permission disables the related feature; the rest of the application remains unaffected.

User Rights (KVKK Art. 11 / GDPR Art. 15-22)

All data is under the user's control. Users may exercise the following rights at any time:

• Backup and portability (GDPR Art. 20): Export data as an encrypted .thnbak backup.
• Right to erasure (KVKK Art. 7 / GDPR Art. 17): Permanently delete all data from the device.
• Delete cloud copy: Remove the sync connection or use "Delete All Drive Data" to delete the cloud copy.
• Right to object (GDPR Art. 21): Stop using AI and synchronization features; both are optional and disabled by default.
• Right of access (KVKK Art. 11 / GDPR Art. 15): Access all data stored in the app directly through the user interface; data is under the user's control while not encrypted.
• Right to rectification (KVKK Art. 11 / GDPR Art. 16): Edit all client, appointment, financial, and other records directly in the app.
• Right to lodge a complaint: Under KVKK, users may apply to Turkey's Personal Data Protection Authority; under GDPR, users may apply to the relevant EU member state's data protection authority.

Contact

For questions regarding the privacy policy, you can contact info@psyagenda.app.