This policy explains what personal data Symploke, operated by Cedergren Designs (Sweden), collects, why, and your rights over it. Cedergren Designs is the data controller. We aim to collect as little as possible and to keep it safe.
1. What we collect
- Account data: your email address and a securely hashed password (we never store your password in plain text).
- Calendar feeds: the iCal/ICS URLs you add, and the event data fetched from them in order to render your planner.
- reMarkable pairing: if you enable sync, an access token for your reMarkable cloud account, stored encrypted at rest. You can remove it at any time by unpairing.
- Preferences: device type, timezone, language, time format, layout and sync settings.
- Operational logs: a limited audit trail (e.g. pairing and sync events) including timestamps and, for security, the IP address and browser user-agent of certain actions.
- Billing data: handled by our payment provider (see section 4); we receive subscription status and identifiers, not your full card details.
2. What we do not do
We don't sell your data, we don't use it for advertising, and we don't use your calendar contents for anything other than generating your planners. Generated PDFs are not retained — they're created on demand and discarded immediately after they're downloaded or pushed to your tablet.
3. Why we're allowed to process it (legal bases)
Under the GDPR, we process your data to perform our contract with you (running the Service), on the basis of your consent where you enable optional features such as reMarkable sync, and for our legitimate interests in keeping the Service secure and reliable.
4. Who we share it with (processors)
We use a small number of trusted providers to run the Service:
- Hosting: our servers and database run on Hetzner, in the EU (Germany).
- Payments: Creem (Armitage Labs OÜ, Estonia), our merchant of record, processes payments and is the seller of record. Creem handles your payment details under its own privacy notice.
- Email: a transactional email provider delivers account emails such as verification and password resets.
- reMarkable cloud: if you enable sync, we transmit your generated planner to reMarkable's cloud so it reaches your tablet. We are not affiliated with reMarkable, and their handling of that data is governed by their own policies.
5. Where your data is stored
Your account and calendar-feed data are stored within the EU. Some processors (for example, payment and email providers) may process limited data outside the EU under appropriate safeguards.
6. How long we keep it
We keep your data for as long as your account is active. When you delete your account, we remove or anonymise your personal data, except where we must retain limited records to meet legal, tax, or accounting obligations.
7. Your rights
Subject to applicable law, you can access, correct, export, or delete your personal data, object to or restrict certain processing, and withdraw consent for optional features at any time. Many of these you can do directly in the app (for example, removing calendar feeds or unpairing your reMarkable); for anything else, email us. You also have the right to complain to your local data protection authority.
8. Security
We use encryption in transit, hashed passwords, encrypted storage of reMarkable tokens, and access controls. No system is perfectly secure, but we take reasonable measures to protect your data and will notify you of a breach where required by law.
9. Changes
We'll update this policy as the Service evolves and post the new effective date here; we'll give notice of material changes.
10. Contact
Cedergren Designs — lars@symploke.app.