Privacy Policy

Last updated: February 27, 2026

Connected is operated by Koral Ventures LLC ("Koral Ventures", "we", "us", or "our"), a company registered in the United States. This Privacy Policy explains how we collect, use, store, and protect your information when you use the Connected application and website (the "Service").

By creating an account or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, please do not use the Service.

1. Information We Collect

1.1 Information You Provide

• Account information — your email address, name, and authentication credentials when you register for an account.
• Contact data — names, phone numbers, email addresses, birthdays, notes, interaction dates, reminders, labels, and other details you choose to store about your personal contacts.
• Payment information — if you subscribe to a paid plan, your payment is processed by a third-party payment processor (such as Apple App Store, Google Play, or Stripe). We do not store your credit card number or bank account details.
• Support communications — any messages you send to us for customer support or feedback.

1.2 Information Collected Automatically

• Usage data — feature usage patterns, screens visited, and interaction events to help us improve the app.
• Device information — device type, operating system version, app version, and unique device identifiers.
• Error and performance data — crash reports and performance metrics to diagnose and fix issues.

1.3 Information We Do NOT Collect

• We do not automatically access or upload your device's phone contacts, address book, or call history. You manually enter and manage all contact data in Connected.
• We do not collect precise geolocation data.
• We do not use cookies or tracking technologies for advertising purposes.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Provide the Service — to operate, maintain, and deliver the features of Connected, including syncing your data across devices.
• Send notifications — to deliver reminders and alerts you have configured.
• Improve the Service — to analyze usage patterns, fix bugs, and develop new features.
• Communicate with you — to respond to support requests, send essential service announcements, and notify you of changes to our policies.
• Ensure security — to detect and prevent fraud, abuse, or unauthorized access.

3. What We Do NOT Do With Your Data

• We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes.
• We do not use your contact data to build advertising or marketing profiles.
• We do not use your data to train artificial intelligence or machine learning models.
• We do not share your contacts or personal information with other users of the Service.
• We do not scrape social media accounts or harvest data from external sources.

4. Legal Bases for Processing (EEA/UK Users)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data on the following legal bases under the General Data Protection Regulation (GDPR):

• Contract performance — processing necessary to provide the Service you signed up for (Article 6(1)(b)).
• Legitimate interests — processing necessary for our legitimate interests, such as improving the Service, ensuring security, and communicating with you, where these interests are not overridden by your rights (Article 6(1)(f)).
• Consent — where you have given explicit consent, such as opting in to optional analytics or marketing communications (Article 6(1)(a)). You may withdraw consent at any time.
• Legal obligation — processing necessary to comply with applicable laws (Article 6(1)(c)).

5. Data Sharing and Third-Party Services

We share your data only in the following limited circumstances:

• Infrastructure providers — we use cloud hosting services to store and process your data securely.
• Error monitoring and analytics — we use third-party services to collect crash reports and anonymized usage analytics. These services receive only the minimum data necessary to function.
• Payment processors — subscription payments are handled by Apple App Store, Google Play, or Stripe. We do not have access to your full payment details.
• Legal requirements — we may disclose your information if required by law, regulation, legal process, or governmental request.
• Business transfers — if Koral Ventures LLC is involved in a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you of any such change.

We do not share your data with any other third parties. All third-party service providers we use are contractually bound to protect your data and may only use it for the specific purposes we have engaged them for.

6. International Data Transfers

Your data may be transferred to and processed in the United States or other countries where our service providers operate. If you are located in the EEA, UK, or other regions with data transfer restrictions, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, to protect your data in accordance with this Privacy Policy.

7. Data Retention

• Active accounts — we retain your data for as long as your account is active and as needed to provide the Service.
• Account deletion — if you delete your account, all associated personal data will be permanently removed from our production servers within 30 days. Encrypted backups containing your data may persist for up to 90 days before being overwritten.
• Legal retention — we may retain certain information for longer periods if required by law or to protect our legitimate interests (such as resolving disputes or enforcing agreements).

8. Data Security

We take the security of your data seriously and implement industry-standard measures to protect it, including:

• Encryption of data in transit (TLS/SSL) and at rest.
• Secure authentication mechanisms.
• Regular security reviews and updates.
• Access controls limiting employee access to personal data on a need-to-know basis.

While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you.
• Correction — request that we correct inaccurate or incomplete data.
• Deletion — request deletion of your personal data (right to erasure / right to be forgotten).
• Data portability — request your data in a structured, commonly used, machine-readable format.
• Restriction — request that we restrict the processing of your data in certain circumstances.
• Objection — object to the processing of your data based on legitimate interests or for direct marketing.
• Withdraw consent — where processing is based on consent, withdraw that consent at any time.

To exercise any of these rights, contact us at [email protected]. We will respond to your request within 30 days (or sooner if required by applicable law).

If you are in the EEA or UK and believe your rights have been violated, you have the right to lodge a complaint with your local data protection authority.

10. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, and disclose about you.
• Request deletion of your personal information.
• Opt out of the sale of your personal information. Note: we do not sell personal information.
• Not be discriminated against for exercising your privacy rights.

To exercise these rights, contact us at [email protected].

11. Children's Privacy

Connected is not intended for use by children under the age of 13 (or under 16 in the EEA/UK). We do not knowingly collect personal information from children under these ages. If we learn that we have collected data from a child below the applicable age threshold, we will delete that information promptly. If you believe a child has provided us with their personal data, please contact us at [email protected].

12. Contact Data You Store

Connected allows you to store personal information about other people (such as names, birthdays, and notes). You are responsible for ensuring that you have an appropriate basis to store this information and that your use of the Service complies with applicable data protection laws. We process this data solely on your behalf and at your direction.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you via email or an in-app notice. We encourage you to review this policy periodically. Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: [email protected]
• Operator: Koral Ventures LLC
• Website: connectedapp.io