Ilmo - Privacy Policy
Last updated: March 10, 2026
FEYY PROJE MUHENDISLIK LIMITED SIRKETI ("we", "us", or "our") operates the Ilmo mobile application ("the App"). This Privacy Policy explains how we collect, use, and protect your personal information.
1. Information We Collect
1.1 Account Information
- Name and email address (via Apple Sign-In or Google Sign-In)
- Language and communication preferences
- Occupation and daily schedule preferences
- Profile photo (if you choose to add one)
1.2 Gmail Data (Optional)
If you choose to connect your Gmail account, we access:
- Read-only access to view your email messages and settings
- Send access to send emails on your behalf when you explicitly request it
We do not modify, delete, or archive your emails. We do not store the full content of your emails on our servers. Email data is processed in real-time to provide AI-powered summaries and suggestions.
1.3 Calendar & Reminders (Optional)
If you grant permission, we access your device's calendar and reminders to:
- View and create calendar events
- View and create reminders
- Provide scheduling suggestions
1.4 Health Data (Optional)
If you grant HealthKit permission, we may access:
- Read: Step count, calories, distance, exercise time, stand time, heart rate, sleep data
- Write: Water intake, sleep logs, weight
Health data is used solely to provide personalized health insights within the App. We do not share health data with third parties or use it for advertising.
1.5 Location Data (Optional)
If you grant location permission, we use your location to provide:
- Weather information
- Traffic updates
- Location-based reminders
Real-time GPS coordinates are used transiently and are not permanently stored. However, if you choose to save locations (such as home or work addresses), these are stored on our servers to provide location-based features and can be deleted at any time from the App.
1.6 Voice & Conversation Data
When you use voice or text chat features:
- Conversations are processed by AI to provide responses
- Conversation transcripts and summaries are stored to improve the assistant's context and provide continuity
- Audio is streamed in real-time for speech-to-text processing and is not permanently stored as audio files
- The AI may learn facts, routines, and preferences from your conversations (e.g., "prefers morning meetings", "has a dog named Max") and store these as structured data to personalize future interactions. You can request deletion of this learned context at any time
1.7 Camera & Photo Library (Optional)
- Camera: Used to take profile photos or add images to notes
- Photo Library: Used to select profile photos or save images from the App
Photos are not analyzed, shared, or used for any purpose other than what you explicitly request.
1.8 Microphone & Speech Recognition (Required for Voice Features)
The microphone is used for voice conversations with the AI assistant. Audio is streamed in real-time to our speech-to-text service (Deepgram) and is not recorded or stored. The App also uses iOS Speech Recognition for on-device voice processing in certain features.
1.9 Device Information
- Device identifier: A unique device ID is generated and stored securely in the device Keychain and iCloud for subscription management and device recognition
- Push notification tokens: Used to deliver scheduled AI call notifications and system messages
- Biometric authentication: If available, Face ID may be used for secure app access. Biometric data is processed entirely on your device by iOS and is never sent to our servers
1.10 Anonymous Account
When you complete the onboarding process, an anonymous account may be created automatically to enable app functionality. This account can later be linked to your Apple or Google account when you choose to sign in.
2. How We Use Your Information
- To provide AI-powered personal assistant services
- To manage your calendar, reminders, notes, and emails
- To provide personalized health and productivity insights
- To deliver scheduled AI voice calls at your preferred times
- To improve the App's features and user experience
- To process subscription purchases
- To measure app performance and usage patterns (anonymized analytics)
- To measure advertising campaign effectiveness (with your consent)
3. Third-Party Services
We do not sell your personal data. We use the following third-party services:
3.1 AI & Voice Processing
| Service | Purpose | Data Shared |
| OpenAI | AI language processing & text-to-speech | Conversation text, user context |
| Deepgram | Real-time speech-to-text | Audio stream during voice calls |
We ask for your explicit, in-app consent before any data is sent to these AI providers, and you can review or withdraw it at any time in Settings → Privacy & Data. If you decline, AI features are disabled but the rest of the app remains available. These providers act as data processors under their own data-processing agreements and provide protection equal to that described in this policy. We have opted out of Deepgram's Model Improvement Program, and OpenAI does not use API data to train its models, so your voice and messages are not used to train these providers' models. OpenAI retains API data for up to 30 days for abuse monitoring, then deletes it (subject to legal requirements).
3.2 Infrastructure & Authentication
| Service | Purpose | Data Shared |
| Google Firebase | Authentication, database, cloud storage, analytics | Account data, app data, usage events |
| Google Cloud Run | Backend hosting | API requests |
| Google Gmail API | Email access (when connected) | OAuth tokens |
| Google Analytics (Firebase) | App performance & crash reporting | Anonymized usage data |
3.3 Analytics & Attribution
| Service | Purpose | Data Shared |
| Amplitude | Usage analytics & feature engagement | Anonymized event data, device ID |
| Adjust | Install attribution & campaign measurement | Device ID, install events (only with ATT consent) |
| Meta (Facebook) SDK | Campaign analytics & conversion tracking | Purchase events, registration events (only with ATT consent) |
Important: Adjust and Meta tracking is only enabled if you grant permission via Apple's App Tracking Transparency (ATT) prompt. If you decline, no data is shared with these services for tracking purposes.
3.4 Subscription Management
| Service | Purpose | Data Shared |
| RevenueCat | In-app subscription & purchase management | Device ID, purchase transactions, entitlement status |
Each third-party service processes data according to their own privacy policies.
4. Google API Services - Limited Use Disclosure
Ilmo's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically, we:
- Only use Gmail data to provide the email features you explicitly request (reading, sending, and summarizing emails)
- Do not use Gmail data for advertising or marketing purposes
- Do not sell, lease, or sublicense Gmail data to third parties
- Do not use Gmail data to build user profiles for advertising
- Do not allow humans to read your email content, except where required by law, for security purposes, or with your explicit consent
- Do not use Gmail data for purposes unrelated to the App's core AI assistant functionality
- Only transfer Gmail data to our AI service provider (OpenAI) as necessary to provide email summarization and reply generation features you request — these providers are bound by their own data processing terms
5. Data Storage & Security
- Account and app data is stored securely on Google Firebase (Firestore) with user-scoped access rules, hosted in the United States (us-central1)
- Authentication tokens are stored in the device's secure Keychain
- Device identity is backed up to iCloud Documents for recovery after reinstallation
- All data transmission uses HTTPS/TLS encryption
- We use Firebase Authentication for secure user management
- Each user can only access their own data — enforced by server-side security rules
6. Notifications
- Push notifications: Used for system messages and updates
- VoIP push notifications: Used to deliver scheduled AI voice calls at your preferred times, presented via the native iOS call interface (CallKit)
You can disable notifications at any time from your device settings or within the App.
7. Data Retention & Deletion
- You can disconnect Gmail at any time from App settings — this revokes our access and deletes stored Gmail tokens from both your device and our servers
- You can revoke Calendar, Health, Location, and other permissions at any time from your device settings
- You can delete your account from App settings — this removes all your data from our servers
- Conversation history is retained to provide context for the AI assistant and can be deleted upon request
- Analytics data is retained according to each third-party service's retention policy
8. App Tracking Transparency
We respect Apple's App Tracking Transparency (ATT) framework. When you first use the App, you will be asked whether to allow tracking. If you decline:
- No data is shared with Adjust or Meta for advertising attribution
- Advertising identifier (IDFA) collection is disabled
- Core app functionality is not affected
You can change your tracking preference at any time in your device's Settings → Privacy → Tracking.
9. Children's Privacy
The App is not intended for children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.
10. Your Rights
You have the right to:
- Access your personal data stored in the App
- Request deletion of your account and all associated data
- Revoke any permission (Gmail, Calendar, Health, Location, Microphone, Camera) at any time
- Opt out of analytics tracking via ATT
- Export your data upon request
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes through the App or via email. Continued use of the App after changes constitutes acceptance of the updated policy.
12. Contact Us