1. Introduction
Fastrepl, Inc. ("we," "our," or "us") operates Anarlog. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application and services.
2. Local-First Design
Anarlog is a local-first, open-source application. Your notes, transcripts, and meeting data are stored locally on your device. You can use Anarlog entirely offline with a local language model. Optional cloud-powered features (such as cloud transcription and AI summarization) require an account; if you no longer wish to maintain one, you can request deletion at any time by contacting us at hello@anarlog.so.
3. Information We Collect
3.1 Information You Provide
We collect information that you directly provide to us, including:
- Account Information: Name, email address, password, and profile information (only if you create an account for cloud features)
- User Content: Notes, documents, and other content you choose to sync to cloud features
- Payment Information: Billing details and payment card information, processed securely through third-party payment processors
- Communications: Information you provide when you contact us for support or feedback
3.2 Information Collected Automatically
When you use the Service, we may automatically collect:
- Usage Data: Anonymous information about how you interact with the Service, including product interaction events (such as onboarding, downloads, note creation, transcription, summary generation, exports, and settings interactions)
- Device Information: Device type, operating system, browser type, and IP address
- Log Data: Access times, pages viewed, system activity, and technical diagnostics (latency, status codes, error events)
- Website Analytics Data: On Anarlog-owned websites, behavioral metrics, click and scroll activity, referrers, approximate location derived from IP address, browser/device information, and similar interaction metadata
- Service Telemetry Metadata: Pseudonymous identifiers, app/browser version metadata, and cloud feature usage metadata (speech-to-text duration, AI token counts, AI latency, provider/model metadata) used for operations, billing, product improvement, and abuse prevention
Analytics and telemetry events are designed to avoid raw meeting audio, transcript text, note content, and summary text.
3.3 Google Calendar and Other Connected Calendar Accounts
If you connect Google Calendar or another supported calendar provider, we collect and process the data needed to sync calendars and events into Anarlog. This may include:
- Calendar Information: Calendar IDs, names, colors, access or ownership metadata, and source or account identifiers
- Event Information: Event IDs, titles, descriptions, locations, meeting links, start and end times, time zones, recurrence metadata, organizer details, and attendee details such as names, email addresses, and RSVP status
- Connection Information: Provider connection IDs, connection status, and the Google account identity associated with the connection
We use this data only to provide the user-facing calendar features you enable in Anarlog. We do not use Google Calendar data for advertising, marketing personalization, sale to data brokers, or training generalized AI models. The use of information received from Google Workspace APIs adheres to the Google Workspace API User Data and Developer Policy, including the Limited Use requirements.
4. How We Use Your Information
We use your information to:
- Provide, maintain, and improve the Service
- Process transactions and manage your account
- Send technical notices, updates, and support messages
- Send marketing communications (newsletters, product announcements, updates) — you may opt out at any time
- Provide and improve calendar sync features when you connect Google Calendar
- Respond to your comments, questions, and requests
- Protect against fraud and other illegal activities
- Comply with legal obligations
5. Data Storage and Security
We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. Your data is encrypted in transit and at rest.
For connected calendars, synced calendar and event data is primarily stored locally on your device. We may store limited connection metadata on our backend (integration ID, connection ID, connection status, error state, timestamps) needed to operate the integration securely. We protect this data in transit using HTTPS/TLS and at rest using encryption and access controls.
No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
6. Data Sharing and Disclosure
6.1 We Do Not Sell Your Data
We do not sell, trade, or rent your personal information to third parties, including Google user data.
6.2 Service Providers
We may share your information with third-party service providers who perform services on our behalf, such as:
- Cloud hosting and infrastructure providers (e.g., Fly.io, Netlify, Cloudflare, Supabase) for hosting our application and storing data securely
- Integration providers (e.g., Nango) for OAuth connection management and calendar sync infrastructure
- Payment processors (e.g., Stripe) for processing payments securely
- Analytics services (e.g., PostHog, Google Analytics) for understanding how users interact with our Service
- Speech-to-text providers (e.g., Deepgram, AssemblyAI, Soniox) for cloud-based transcription when you enable this feature
- AI model providers (e.g., via OpenRouter) for cloud-based AI features when you enable them
- Error monitoring services (e.g., Sentry) for identifying and fixing issues
- Email services (e.g., Loops) for sending transactional and marketing communications
6.3 Google User Data Sharing
When you connect Google Calendar, we may share Google user data only:
- With service providers directly involved in authenticating the connection, syncing calendars and events, and delivering the calendar features you enable
- For security purposes, such as investigating abuse, preventing fraud, or fixing integration failures
- To comply with applicable law, regulation, legal process, or enforceable governmental request
- As part of a merger, acquisition, or asset sale, subject to applicable legal requirements
We do not sell Google user data or transfer it to third parties for advertising, marketing, or data broker purposes.
6.4 Legal Requirements
We may disclose your information if required by law or in response to valid requests by public authorities (court orders or government agencies).
7. Your Rights and Choices
7.1 Access and Portability
Your notes are stored as plain markdown files on your device — you have full access at all times.
7.2 Correction and Deletion
You may request account deletion at any time by contacting us at hello@anarlog.so. Your locally stored data remains on your device and is not affected by account deletion.
7.3 Data Retention
If you connect Google Calendar, synced calendar and event data is retained locally on your device until you delete it, disconnect the account, or remove local Anarlog data. On our systems, we retain limited connection metadata while the integration is active and for up to 30 days after disconnection or account deletion, except where a longer period is required by law. If you delete your account, we will delete your cloud-stored data within 30 days, except where required to retain it for legal purposes.
7.4 Analytics and Telemetry Controls
- Desktop app setting: You can disable desktop usage analytics in Settings (
Share usage data). - Global Privacy Control: We honor Global Privacy Control (GPC) for non-essential website tracking.
7.5 Connected Account Controls
You can disconnect Google Calendar in your account integrations settings. Disconnecting stops future syncs. Calendar and event data already synced locally to your device remains until you remove it or delete local app data.
8. International Data Transfers
Your information may be transferred to and maintained on computers located outside of your jurisdiction where data protection laws may differ. By using the Service, you consent to such transfers.
9. Children's Privacy
Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the date above.
11. Contact Us
If you have any questions about this Privacy Policy, please contact us at:
Fastrepl, Inc. Email: hello@anarlog.so