cadence

Privacy Policy — cadence.

Privacy Policy

Last updated: April 4, 2026  ·  Effective: May 1, 2026

Contents

  1. Who we are
  2. What data we collect
  3. Health data — your privacy guarantee
  4. How we use your data
  5. Third-party services
  6. Data retention
  7. Your rights
  8. Children’s privacy
  9. Changes to this policy
  10. Contact us

1. Who we are

cadence. is an AI-powered daily scheduling app for iOS, developed and operated by CIOCA ENTERPRISES SRL, a company registered in Romania, European Union.

For the purposes of the General Data Protection Regulation (GDPR) and applicable data protection laws, we are the data controller of your personal data.

Our services include the cadence. iOS application and the cadence-productivity.com website.

2. What data we collect

We collect only what is necessary to provide the service. Here is a complete overview:

Data Why we collect it Where it is stored
Account information
Name, email address		 To create and manage your account Supabase (EU — Frankfurt)
Tasks and schedule blocks
Titles, times, completion status		 To generate and sync your daily schedule across devices Supabase (EU — Frankfurt)
App preferences
Theme, time format, wake/sleep times, notification settings		 To personalise your experience Supabase (EU — Frankfurt)
AI chat messages
Messages you send to the cadence AI		 To process your request and generate a response Transmitted to Anthropic — not stored permanently by cadence.
Subscription status
Whether you are on Free or Pro		 To unlock the correct features RevenueCat (US) + Supabase (EU)
Crash reports and error logs
Anonymous technical data		 To identify and fix bugs Sentry (EU region)
Waitlist signups
Name and email from our website		 To notify you before launch Supabase (EU — Frankfurt)

We do not collect: precise location, browsing history, contacts, microphone or camera data, advertising identifiers, or any data not listed above.

3. Health data — your privacy guarantee

🔒 Your health data never leaves your device. cadence reads sleep, HRV, heart rate, steps and workout data from Apple Health solely to generate your daily schedule. This data is processed on your iPhone only and is never transmitted to our servers, never stored in our database, and never shared with any third party.

cadence. is a read-only consumer of Apple HealthKit data. We do not write any data back to Apple Health. Apple Health data is excluded from all backups and cloud syncs performed by cadence.

You can revoke cadence’s access to Apple Health at any time via Settings → Privacy & Security → Health → cadence on your iPhone. Revoking access does not delete your account or schedule data.

4. How we use your data

We use the data we collect for the following purposes:

  • Providing the service — generating your daily schedule, syncing across devices, managing your tasks and blocks
  • AI features — processing your chat messages to generate scheduling suggestions and coaching insights via the Anthropic API
  • Account management — authentication, subscription management, and customer support
  • Service improvement — analysing anonymous crash reports and error logs to fix bugs and improve performance
  • Communications — sending transactional emails (account confirmation, launch announcements) via Brevo

We do not use your data for advertising, profiling, or sale to third parties. Ever.

Our legal basis under GDPR is:

  • Contract performance (Art. 6(1)(b)) — processing necessary to provide the app service
  • Legitimate interests (Art. 6(1)(f)) — anonymous crash reporting to maintain service quality
  • Consent (Art. 6(1)(a)) — Apple Health access, marketing emails (you can withdraw at any time)

5. Third-party services

cadence. uses the following sub-processors. Each is bound by a Data Processing Agreement and complies with GDPR or equivalent frameworks:

Service Purpose Data shared Location
Supabase Database, authentication, backend Account data, tasks, schedule, preferences EU (Frankfurt) GDPR
Anthropic AI language model (Claude) AI chat messages + schedule context US (SCCs apply)
RevenueCat Subscription management Subscription status, purchase history US (SCCs apply)
Apple App Store App distribution and in-app purchases Governed by Apple’s privacy policy Global
Brevo Transactional email Name, email address EU GDPR
Sentry Crash reporting Anonymous error logs EU GDPR

SCCs = Standard Contractual Clauses approved by the European Commission for transfers outside the EU.

We do not use Google Analytics, Facebook Pixel, or any advertising SDKs.

6. Data retention

We keep your data for as long as your account is active. Specifically:

  • Account and schedule data — retained until you delete your account
  • AI chat messages — not stored by cadence. after processing. Anthropic retains data per their own policy (30-day abuse monitoring window)
  • Crash logs — automatically deleted after 90 days
  • Waitlist data — retained until you unsubscribe or request deletion
  • Subscription records — retained for 7 years as required by Romanian tax law

When you delete your account, all personal data is permanently deleted within 30 days. Anonymised, aggregated analytics may be retained indefinitely.

7. Your rights

Under GDPR (EU/EEA), UK GDPR, CCPA (California), and similar laws, you have the following rights:

  • Right of access — request a copy of all data we hold about you
  • Right to rectification — correct inaccurate or incomplete data
  • Right to erasure — request deletion of your personal data (“right to be forgotten”)
  • Right to restriction — ask us to limit how we process your data
  • Right to portability — receive your data in a structured, machine-readable format
  • Right to object — object to processing based on legitimate interests
  • Right to withdraw consent — withdraw Apple Health permission or marketing email consent at any time

For California residents (CCPA): you have the right to know what personal information is collected, to opt out of the sale of personal information (we do not sell data), and to non-discrimination for exercising your rights.

To exercise any right, email us at [email protected]. We will respond within 30 days.

You also have the right to lodge a complaint with your national data protection authority. In Romania this is ANSPDCP (anspdcp.ro). In the EU, you may contact your local supervisory authority.

8. Children’s privacy

cadence. is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us at [email protected] and we will delete it promptly.

For users between 13 and 16 in the EU, we require verifiable parental consent before processing personal data.

9. Changes to this policy

We may update this privacy policy from time to time. When we do, we will update the “Last updated” date at the top and notify you via email if the changes are material.

Continued use of cadence. after changes are posted constitutes acceptance of the updated policy. If you disagree with any changes, you may delete your account at any time.

10. Contact us

For any privacy-related questions, requests, or concerns:

CIOCA ENTERPRISES SRL
Sibiu, Romania, European Union
Email: [email protected]
Response time: within 30 days