This Privacy Policy explains how Vũ Đăng Công (“Ember”, “we”, “us”) collects, uses, and protects your information when you use the Ember mobile app (iOS and Android) and this website.
Ember is a personal CRM that helps you remember the people who matter — their details, important dates, and the notes you keep about them. Your relationships are private, and we built Ember to keep them that way.
Who we are
- Vũ Đăng Công — an independent developer based in Vietnam.
- Operator: Vũ Đăng Công · hi@keepember.com.
- Owner of Ember, a personal CRM (the “Service”).
What data we collect
- Account: your name and email, received when you sign in with Apple, Google, or email and password. We request only the sign-in scopes listed below.
- Content you create: the people you add (name, relationship, birthday and other dates, notes, tags) and the groups you organize them into.
- Reminders and interactions: dates, recurrence rules, and notes you add about calls, meetings, and messages.
- Voice input: when you use voice notes or voice reminders, your speech is converted to text to create the note or reminder.
- Keeper AI conversations: the questions you ask Keeper and the related context from your own notes, used to generate answers.
- Device data: a push-notification token (only if you enable reminders), app version, OS version, and anonymous crash reports.
- Usage: aggregated feature and Ember Points counts, not tied to the content of your notes.
- Payments: handled by Apple In-App Purchase or Google Play Billing. We never see your card details.
- Location is used only for opt-in features — a contact’s city weather, address autocomplete/geocoding, and optional birth-chart coordinates. Address text you type is sent to our geocoding providers, and coordinates are sent to our weather service; we never track your location in the background or sell it. Device contacts are read only when you actively import them.
How we use your data
- To provide the Service — storing your contacts, sending reminders, and answering Keeper questions.
- To authenticate you and keep your account secure.
- To sync your data across your devices, when you enable cloud sync.
- To power AI features: when you spend an Ember Point, the relevant context is sent to our AI provider for inference.
- To send service emails (account, security, billing) and any emails you opted into. No marketing without your consent.
- We never use your contact data or notes for advertising, and we never sell your data.
Sign-in services
- Google Sign-in: we receive your email, name, and profile picture. We do not access Gmail, Drive, Calendar, or any other Google service. You can revoke access anytime at myaccount.google.com/permissions.
- Apple Sign-in: we receive your email (real or Apple’s private relay) and name. We honor Apple’s relay for users who choose to hide their address.
- Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We request only the minimum scopes needed to sign you in.
Third-party services (sub-processors)
- Supabase — database, authentication, and cloud storage. Hosted in Singapore (ap-southeast-1).
- AI providers (OpenAI, Google Gemini, DeepSeek, and Anthropic Claude) — power Keeper’s AI features, such as answering your questions and transcribing voice notes. Only the context needed to fulfil your request is sent; depending on the request it may be routed to one or more of these providers (some via OpenRouter). Each processes it under its own terms, and — where the provider supports it — requests are sent with a no-training / zero-retention data policy. DeepSeek is based in China and may use the inputs it receives under its own policies.
- Resend — sends transactional emails.
- Apple App Store + In-App Purchase — iOS billing.
- Google Play + Google Play Billing — Android billing.
- RevenueCat — manages your subscription status and purchases across the App Store and Google Play. Receives purchase and subscription history, an app user identifier, and device/platform information; it does not receive your card details (those stay with Apple or Google).
- Vercel Analytics — aggregate, anonymous website statistics (no cross-site tracking).
- Google Analytics (Google LLC, United States) — aggregate, anonymous usage statistics for this website.
- Firebase Analytics (Google LLC, United States) — aggregate, pseudonymous in-app product-usage events (screen views with record ids stripped, feature counts); not linked to your account identity.
- WeatherAPI — returns weather for a contact’s city coordinates when you enable weather.
- Geoapify and Photon / OpenStreetMap (Nominatim) — address autocomplete and geocoding for the address text you type.
- Sentry — anonymous crash and error reporting (no account identifiers attached); data processed in the United States.
- No Mixpanel or Segment. No ad networks and no data brokers.
Data retention
- Active account: retained while your account is active.
- Account deletion: your synced data is deleted within 30 days of your request.
- Backups: removed within 30 days after deletion.
- Aggregated, anonymous metrics: retained indefinitely.
Your rights
- Access and portability: export your full data as JSON from the app Settings.
- Rectify: edit any field at any time.
- Delete: Settings → Data → Delete account removes your synced data from our cloud.
- Object or restrict: email us at the address below.
- Withdraw consent: revoke OAuth access anytime from your Google or Apple account.
- Complain: you may file a complaint with your local data-protection authority.
Security
- TLS encryption in transit (HTTPS).
- Encryption at rest, managed by Supabase.
- Row-Level Security in the database from day one, so you can only access your own data.
- Credentials are kept in the device’s secure storage.
- No staff access to your content — only aggregated metrics. The one exception is the AI assistant: when you ask Keeper a question, the plaintext snippets needed to answer that request are sent to the AI provider.
Children’s privacy
Ember is not directed to children under 13 (or the minimum age in your country), and we do not knowingly collect their data. Accounts we identify as belonging to a child are deleted.
International transfers
- Your cloud data is hosted in Singapore (Supabase, ap-southeast-1).
- For users in the EU, the UK, the US, and elsewhere, cross-border transfers are governed by Standard Contractual Clauses or other appropriate safeguards.
Changes to this policy
- Material changes: 30 days’ notice via email and an in-app banner.
- Minor updates: logged on this page, with the “Last updated” date refreshed.
Contact
Questions about this policy or a data request? Email hi@keepember.com.
This policy is drafted on GDPR + CCPA principles and is consistent with the Google API Services User Data Policy and the Apple App Store Review Guidelines (section 5).