Privacy
What Calendstudio sees, what it sends, and what it doesn't.
Last updated: 2026-04-30
What the app touches on your device
The iPhone and Mac apps connect to the Calendstudio service running on your Mac. To do their job they read and (with your action) modify:
- Your task list — titles, deadlines, durations, priorities, notes you've written.
- Your calendar — events on the calendars you point Calendstudio at (iCloud, Google, Microsoft). It needs this to know when you're free and to write study/work blocks.
- Optionally, your email — only if you turn on the Gmail digest feature, only the senders you list, only to summarize.
All of this lives in a SQLite database on your Mac at
~/Library/Application Support/Calendstudio/state.db
(or in the project folder if you installed from source).
No copies are sent anywhere unless you explicitly enable a provider that
needs them.
What goes to Anthropic (Claude)
The agent uses Anthropic's Claude API to interpret natural-language
requests like "I have an essay due Friday." When that happens, the
request you typed plus the relevant slice of your task list is sent
to Anthropic's servers under your own API key (you provide it
during setup). Anthropic processes it according to
their privacy policy.
We never see your API key — it lives only in your own .env.
What goes to Apple (notifications)
If you enable push notifications, the app registers a device token with Apple's APNs service so we can wake your iPhone or Mac when there's something to know. The token is a random per-install identifier — it doesn't identify you personally. The token is stored on your own Calendstudio service for delivery; we don't keep a copy elsewhere.
If you uninstall the app, Apple revokes the token automatically and the Calendstudio service drops it on the next failed delivery.
What we don't do
- No analytics. No SDK that pings home with how often you open the app or what you tap. The apps make HTTP requests only to the Calendstudio service you configured.
- No advertising. The app has no ads and no ad SDKs.
- No third-party data sharing. The only outbound connections are to: your own Calendstudio service; Anthropic (Claude); Apple (APNs); and whatever calendar/task providers you configured (e.g. iCloud CalDAV, Canvas, Google).
- No account. There is no Calendstudio account. The only credential is the auth token your local service generated at install — it's used to gate access and never leaves your devices.
Crash reports
The app sends crash reports to Apple via the standard Apple Diagnostics framework, which you can opt out of in System Settings → Privacy & Security → Analytics & Improvements on each device. We see aggregated crash counts in App Store Connect; the reports do not include your task data.
Children's privacy
Calendstudio isn't directed at children under 13. We don't knowingly collect personal information from anyone — the app is designed not to.
Changes
If anything material here changes, we'll bump the date at the top and call out the change in the next release notes.
Contact
Open an issue on github.com/ELuria17/schedule-agent with anything privacy-related and we'll respond.