Privacy Policy

Last updated: April 2026

Data Controller

This application is developed by Mustafa Can. For questions regarding data processing, you can contact info@psyagenda.app.

Data Collected and Processed

The application stores the following data categories locally on your device only:

• Client information: Name (required), phone, email, address, date of birth, notes (all optional).
• Appointment and session data: Date, time, duration, session notes, pre/post-session notes.
• Test data: Rorschach, drawing test, and manual test records, images, and AI evaluations.
• Financial data: Session fees, income-expense records, payment tracking.
• Settings and preferences: Language, currency, calendar preferences, notification templates.

Data Storage

• All data is stored only in the local database (SQLite or IndexedDB) on the user's device.
• No third party, including the developer, can access this data.
• When app lock is enabled, data is protected by a password.

Synchronization and Cloud Storage

• Synchronization is entirely optional and disabled by default.
• When enabled, data is encrypted with a user-defined password using AES-256-GCM standard and stored only in the user's own Google Drive account in the private app data folder (appDataFolder).
• The encryption key is derived only on the user's device; no one, including the developer, can decrypt the data.

AI Usage and Data Sharing

• AI features are entirely optional. Users enter their own API key and decide which data to process.
• When AI is used, only the relevant session notes, test data, or images are sent to the Google Gemini API.
• Client identifying information (name, phone, email, address) is never sent to the AI service.
• Google's data usage policies vary depending on the user's API plan (free/paid). Detailed information is available in the in-app API guide.

Third-Party Services

• Google Gemini API: Optional AI analysis (with the user's own API key).
• Google Drive: Optional encrypted synchronization (the user's own account).
• Google Play / App Store: App distribution and license verification.
• No data is transferred to any third-party service beyond these.

Device Permissions

The application may request the following device permissions to provide certain features. All permissions are optional and are only requested when the related feature is used:

• Internet (INTERNET): Used to connect to Google Drive sync and Gemini AI features. No network connection is established unless you use sync or AI features.
• Camera (CAMERA): Used to attach photos to session notes or test records.
• Notifications (POST_NOTIFICATIONS): Used to send appointment reminder notifications.
• Exact Alarms (SCHEDULE_EXACT_ALARM): Used to trigger appointment reminders at the exact scheduled time.
• Contacts (READ_CONTACTS): Used for the add-from-contacts feature. Only the name, phone number, and email of the contact selected by the user are read; no other contacts are accessed and no contact data is transmitted outside the device.
• External Storage (WRITE_EXTERNAL_STORAGE — only on Android 9 and below): Used to save report downloads (PDF/DOCX) to the device's "Downloads" folder. This permission is not needed on Android 10 and later.

Denying a permission disables the related feature; the rest of the application remains unaffected.

User Rights

All data is under the user's control. Users can at any time:

• Back up and export their data.
• Permanently delete all data from the device.
• Remove the sync connection and delete the cloud copy.
• Stop using AI and synchronization features.

Contact

For questions regarding the privacy policy, you can contact info@psyagenda.app.