No telemetry, analytics, ads, or tracking of any kind.
AES-256-GCM via Android Keystore hardware security.
Full source available for independent security audit.
This Privacy Policy describes how OneKash Labs ("we," "us," or "our") handles information in connection with the KashCal mobile application ("the App"). KashCal stores all data locally on your device. Nothing is sent to us.
This policy applies to all versions of KashCal distributed via F-Droid, GitHub Releases, or direct APK download.
We do not collect any personal data. KashCal does not transmit telemetry, analytics, crash reports, usage statistics, or any other information to OneKash Labs or any third party. The App contains no third-party SDKs, advertising, or tracking code.
There are no user accounts, no registration, and no server-side infrastructure that processes user information. We have no mechanism to access, retrieve, or view your data.
The following data may exist locally on your device when using KashCal:
| Data | Encryption | In Backups |
|---|---|---|
| Calendar events and reminders | Device encryption | Yes |
| App preferences and settings | Device encryption | Yes |
| Sync account credentials | AES-256-GCM | No |
| Sync logs | Device encryption | No |
| Contact birthday cache | Device encryption | No |
CalDAV Sync. When you configure a CalDAV account (iCloud, Nextcloud, etc.), calendar data flows directly between your device and the server you configure over encrypted HTTPS. KashCal does not proxy or intermediate this data.
ICS Subscriptions. External calendar feeds are fetched directly from the URLs you provide. No data passes through our infrastructure.
Contact Birthdays. With your permission, KashCal reads birthday dates from your contacts. This is processed entirely on-device and never transmitted.
Third-party sync services you connect are governed by their own privacy policies. Review those policies before configuring sync.
| Permission | Required | Purpose |
|---|---|---|
| Internet | Yes | CalDAV sync and ICS feed retrieval |
| Notifications | Yes | Event reminders |
| Exact Alarms | Yes | Precise reminder scheduling |
| Contacts | Optional | Display contact birthdays |
No permission is used to collect, transmit, or share personal data.
As an open-source project, our security implementation is available for independent audit via our public repository.
All data is stored locally, so you have full control over retention. You can delete your data at any time by:
Sync logs are subject to automatic rotation. Because we do not store your data on our servers, there is no residual data on our end after uninstallation.
KashCal is not directed at children under the age of 13. We do not collect personal data from any user, including children.
We may update this policy to reflect changes in the App or applicable regulations. Material changes will be noted in the App's release notes. Continued use of the App constitutes acceptance of changes.
Questions or concerns about this policy: