Aletto logo Aletto · Tandavaworks Global LLP

Privacy Policy

How we collect, use, and protect your information.

Last updated: July 13, 2026

What's new in this version. Aletto is a connected alerting service. It offers paid subscription plans and one-time credit purchases (via the Apple App Store / Google Play, managed through RevenueCat); public handles and an "Allow others to find me" setting; multiple devices and email addresses; location alerts that trigger when you arrive at or leave a place you save (using device location and background geofencing); adding other users as connections and alert recipients; access grants & permissions; email magic links; blocking and reporting of users with content moderation; in-app data export ("Export My Data"); an in-app Help & FAQ and support channels; accessibility support; sharing the app via your device share sheet; and in-app advertising via Google AdMob with a consent prompt at startup (and Apple App Tracking Transparency on iOS) for applicable regions. It explains your rights under India's DPDP Act, the EU/UK GDPR, and US laws such as the CCPA/CPRA. We are the Data Fiduciary / Controller for your data.

01 Interpretation and Definitions

02 Collecting and Using Your Personal Data

Types of data collected

Voice Data. Voice commands used to set note alerts or location alerts are processed locally or sent securely solely to transcribe them into text. We do not permanently store raw audio. Never used for advertising or profiling.
Location Permission & Background Access. Location alerts rely on device location. We request permission the first time you add a Saved Location or create a location alert. Because an alert must be able to fire when the app is closed, we ask for background ("Allow all the time") access; if you grant only "While using the app," alerts may not trigger in the background and we tell you so. You can change or revoke location access at any time in your device settings, and you can remove Saved Locations in Settings → My Locations — doing so stops the related location alerts from firing. On Android this uses fine/coarse, background, and foreground-service location; on iOS it uses When In Use and Always location.

Purposes of processing

To: create and secure your Account; operate your profile/handle and (where enabled) let others find you; register and route alerts across your devices; verify email addresses and operate magic links; deliver and route alerts to you and your Recipients; create and manage Saved Locations and trigger location alerts when you arrive at or leave them; manage Connections, access grants, and permission requests; operate blocking, reporting, and content moderation; provide and manage Subscriptions and Credits and prevent fraud; display and measure advertising subject to your consent; provide an in-app Help & FAQ and support; enable you to export a copy of your data; maintain security and accessibility; and comply with law.

Discoverability and Visibility Controls

When you enable "Allow others to find me," your handle, display name, and profile photo may appear in other users' search results so they can send you a connection or alert request. Turn it off any time in settings; this stops new users from discovering you by search, while existing connections are unaffected.

03 Advertising and Your Consent

The Service displays ads through Google AdMob. Ads may be personalized or non-personalized depending on your region and consent.

04 Third-Party Services

05 Sharing Your Information

We do not sell your Personal Data for money. We share it only:

When you use "Share Aletto" to recommend the app, your device's share sheet sends only a link to our store listing — we do not collect who you share with.

06 Blocking, Reporting and Moderation

To keep the Service safe, you can block and report other users, and we apply content moderation to messages and alerts.

07 Notifications and Your Devices

Alerts and notifications are delivered to your registered devices via Firebase Cloud Messaging and shown using your device's notification system.

08 Platform-Specific Information (Android / iOS)

Android (Google Play)

Purchases use Google Play Billing; advertising uses the Google Advertising ID; our practices are also summarized in the Play Data safety section. You can reset/delete the Advertising ID in Android settings. If you use location alerts, Aletto requests foreground and background location access (fine/coarse location, background location, and a foreground location service) solely to detect arrivals/departures at your Saved Locations; you can manage or revoke this in Android's location settings.

iOS (Apple App Store)

Purchases use the Apple App Store / StoreKit; cross-app tracking for personalized ads is gated by App Tracking Transparency; and our practices appear in Apple's App Privacy ("nutrition label") on the App Store. Apple is not responsible for the Service or its data practices. If you use location alerts, Aletto requests "When In Use" and then "Always" location access so alerts can trigger in the background; you can adjust or revoke this in iOS location settings.

09 Storage, Transfers and Retention

Data is stored securely on private servers. Some processors (e.g., Google, RevenueCat) may store/process data outside India, including in the US and EU; international transfers rely on appropriate safeguards such as the EU Standard Contractual Clauses. We retain data only as long as necessary for the stated purposes or as required by legal, tax, and accounting obligations.

10 Security

We use commercially acceptable safeguards, including HTTPS encryption and secure UUID mappings, and delegate card/payment handling to the app stores so sensitive payment credentials never reach our servers. Sensitive actions, such as deleting your account or exporting your data, may require re-authentication. No method is 100% secure, and we cannot guarantee absolute security.

11 Accessibility

We aim to make Aletto usable by everyone. The app is designed to work with platform accessibility features such as screen readers (TalkBack / VoiceOver), dynamic text sizing, sufficient color contrast, and reduced-motion preferences. Accessibility settings you choose are applied on your device and are not used to identify or profile you. If you encounter an accessibility barrier, contact us (§19) and we will try to help.

12 Help, FAQ and Support

The app includes an in-app Help & FAQ (opened from Settings → Support & Feedback) and Contact Support / Send Feedback options. When you contact us by email we receive your message, your email address, and any details you include (such as your handle) to respond to and resolve your request.

13 Your Rights (General & India DPDP Act)

Subject to applicable law, you may access and export a copy of your data; correct, complete, update, or erase it; withdraw consent any time (as easily as you gave it — see §15); nominate another person to act for you; and seek grievance redressal with us (§19) and, if unresolved, with the Data Protection Board of India. Withdrawing consent may limit or end your use of the Service.

14 Regional Privacy Rights (EU/UK & US)

EEA & UK (GDPR)

Our legal bases are: contract (to provide the Service), consent (e.g., personalized ads and optional features), legitimate interests (security, reliability, fraud prevention, moderation), and legal obligation. You have rights of access, rectification, erasure, restriction, portability, and objection, and to withdraw consent. Transfers rely on Standard Contractual Clauses or equivalent. You may complain to your local supervisory authority.

United States (CCPA/CPRA & similar)

We do not sell personal information for money. We may "share" limited identifiers for cross-context behavioral advertising only where permitted; California and certain other state residents may opt out of such sharing and of personalized advertising, and we honor recognized opt-out signals (e.g., Global Privacy Control) where required. You also have rights to know, access, correct, delete, and to non-discrimination. Use in-app controls, the consent prompt, or our Data Request Form (which also serves as a "Do Not Sell or Share" request).

15 Export and Delete Your Data

Account deletion permanently removes your alert history, connections, credit balances, and profile metadata. It does not cancel an active store subscription — also cancel it in your Apple App Store or Google Play settings. Records we must keep by law (e.g., proof of purchase) may be retained for the legally required period.

16 Children's Privacy

The Service is for general audiences and is not directed to children under 13. We do not knowingly collect data from children under 13. Where local law sets a higher age (e.g., India's DPDP Act treats under-18 as children; the EU GDPR sets 13–16 by country), users below that age need verifiable parental/guardian consent, and we do not track, behaviourally monitor, or target ads to them. Purchases require legal capacity to contract (generally 18+). We delete any child data collected without required consent.

17 Changes to this Privacy Policy

We may update this policy. We will post the new version here, update the "Last updated" date, and give in-app notice of material changes where required. Continued use after changes take effect constitutes acceptance.

18 Governing Law

This policy and your use of the Service are governed by the laws of India, including the DPDP Act, 2023 and the IT Act, 2000, without prejudice to mandatory rights under the GDPR or applicable US state laws.

19 Contact Us & Grievance Officer

We aim to acknowledge and respond to verifiable requests within the timelines required by applicable law.