Last updated 2026-06-22

Privacy Policy

This Privacy Policy describes how Yobu ("we", "us", "our") collects, uses, and shares information when you use our mobile app and related services. Yobu is operated by Innoventis Infotech, the data controller for the purposes of this policy. For privacy questions or to exercise your rights, contact support@innoventisinfotech.com (our registered business address is available on request).

What we collect

Account information — email address, display name, sign-in method (email/password, Google, or Apple), timezone, locale.
Your content — reminders, to-dos, habits, notes, memories, and chats you create or send to the app, including any text, attached files, voice clips, and images. Habits include the recurring routines you choose to track (which may relate to medication, vitamins, supplements, or skincare/wellness), their schedules, and your per-day completion and streak history.
Google Calendar data (optional, Pro) — if you connect your Google account, the events on the calendars you choose to sync: their titles, descriptions, locations, times, and recurrence. We access this only after you explicitly connect, and stop when you disconnect.
Usage analytics — events describing how you interact with the app (for example, sign-ins, reminders created, paywall views, subscription changes, notification opens), tied to your account identifier. In the EEA, the UK, and Switzerland this is off until you choose to turn it on; elsewhere it is on by default. You can change it any time in Settings → Data.
Device & session information — for each device you sign in on, we store a device name, platform, app version, a per-install device identifier, push token, and last-active time, to power the active-sessions list and per-device sign-out.
Subscription state — entitlement, tier, trial status, the price and currency charged, your country code, the store used, and product/transaction identifiers, processed via RevenueCat. We never receive your full payment card details.
Diagnostic data — crash reports, app-performance metrics (app start time, screen rendering, network-call latency), and product-analytics events to maintain and improve reliability. In the EEA, the UK, and Switzerland this is off until you choose to turn it on (opt-in); elsewhere it is on by default and you can opt out in Settings → Data.

Health information

Yobu lets you create reminders, habits, and notes that may include health information — for example, medications, vitamins, supplements, skincare routines, or appointments. We do not require this and we do not ask for it. We do not use it to infer health conditions, and we do not use it for any purpose other than storing it and reminding you of what you wrote.

Where this content qualifies as health data under laws such as the GDPR (special-category data), we process it only with your explicit consent — which you provide by choosing to enter it — and solely to deliver the reminder, habit, or note service you requested. You can delete any such content at any time, and deleting it removes it from our systems as described under "Your rights".

Where your data lives

Google Firebase (Authentication, Firestore, Cloud Storage, Cloud Functions, Cloud Messaging, App Check, Crashlytics, Performance Monitoring) — our primary backend.
Google Firebase Analytics — usage and engagement events (e.g. sign-ins, reminders created, paywall views, subscription changes, notification opens) attributed to your account identifier, to understand feature usage.
Google Gemini API — your message text, attached file content, and voice recordings are sent to power AI features, and your note and memory text is sent to Google's embedding model to enable semantic search across your memories. When you attach a file (PDF, Word document, text file, or image), its full contents are extracted and sent to Google so the AI can act on it; voice messages are transmitted as raw audio for transcription. On Google's paid API, this content is not used to train Google's models. Google does log this content for a limited period to detect abuse and keep the service secure, and a limited amount of API content may be reviewed by trained human reviewers (disconnected from your account) for safety and quality. See Google's Gemini API terms.
Google Cloud Text-to-Speech — text you ask the app to read aloud.
Google Sign-In and Sign in with Apple — if you choose social sign-in, your authentication request is processed by Google or Apple, which return your email and name to create your account, under their own privacy policies.
Google Calendar API — when you connect Google Calendar (an optional Pro feature), we read the events on the calendars you select and write the changes you make, and store a synced copy in your Firebase data so they display across your devices. See the dedicated "Google Calendar" section below.
RevenueCat — processes your subscription state, the price/currency/country and store/transaction identifiers described above.
Resend — sends transactional and account emails (verification, password reset, subscription confirmations, account deletion/restore notices), including any attachments those emails contain. Resend receives your email address and the message content.
Expo (EAS) — delivers over-the-air app updates and push infrastructure; receives basic device and app-version information when your app checks for updates.
Apple (APNs) and Google (FCM) — deliver push notifications, which may include the title of the reminder or habit being notified.

Sharing with other users

Yobu lets you share reminders with other people. When you invite someone, that person can see the shared reminder's content and that you are a member, and we disclose your display name (or, if you have not set one, your email) and the reminder title to them. To invite someone you enter their email; if they have a Yobu account we confirm a match so the invite reaches them, and return that user's name to you. Members you add can view and update the shared reminder until they are removed or leave.

Google Calendar

Yobu offers an optional Google Calendar connection (a Pro feature). If you choose to connect, you authorize access to the Google Calendar account you select, and we:

Access the events on the calendars you pick — their titles, descriptions, locations, times, and recurrence — and, when you create or edit an event in Yobu, write those changes back to Google.
Store a synced copy of those events in your Firebase data so they display quickly and across all your devices. Your Google authorization token is held securely on our backend and is never exposed to the app or to other users.
Use this data solely to show and let you manage your calendar inside Yobu. We do not use Google Calendar data for advertising, profiling, or to train AI models, and we do not sell or share it.
Stop and delete when you disconnect: Settings → Calendar → Disconnect removes the synced copy and revokes our access. You can also revoke access any time at myaccount.google.com/permissions.

Yobu's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

How we use your data

Provide the reminder, to-do, habit, note, memory, and chat functionality you signed up for, and maintain your habit completion history and streaks.
Use automated AI processing to read what you write and create or change reminders, notes, dates, and other fields on your behalf, and to transcribe voice messages and power semantic search.
Deliver push notifications at the times you've scheduled.
If you connect Google Calendar, display and let you manage your Google Calendar events inside the app and keep them in sync.
Maintain and improve service reliability and understand feature usage (crash reports and product analytics).
Communicate transactional and account emails (verification, password reset, subscription confirmations, account deletion/restore notices).

Legal basis & international transfers (GDPR)

If you are in the EEA or UK, we rely on the following lawful bases under the GDPR:

Contract (Art. 6(1)(b)) — to provide the core service you requested.
Legitimate interests (Art. 6(1)(f)) — for security, abuse prevention, and basic diagnostics.
Consent (Art. 6(1)(a), and Art. 9(2)(a) for any health-related content) — for product analytics/crash reporting where required, and for processing any health information you choose to enter. You can withdraw consent at any time.

International transfers.Your data is processed by Google and other providers in the United States and other countries. Where required, these transfers are made under the European Commission's Standard Contractual Clauses or an equivalent safeguard.

Retention.Your account content is retained until you delete it. When you delete your account there is a 30-day grace period, after which your data is permanently erased and removed from backups within a further 30 days. Support messages are retained while needed to handle your request and are deleted or anonymised when your account is purged. Abuse/security logs and AI-provider logs are retained for limited periods governed by us and by Google's Gemini API terms.

EEA/UK users have the right to lodge a complaint with their local data protection supervisory authority.

Your rights

Access & export — Settings → Data → Export my data. Returns a JSON archive of your reminders, to-dos, habits (and their completion history), notes, memories, chats, and uploaded files.
Delete — Settings → Account → Delete account. Or visit /delete-account. 30-day soft-delete window, then permanent erasure.
Correct — edit your display name, email, and content directly in the app.
Withdraw consent — disable analytics in Settings → Data, or delete your account at any time.
Contact us — support@innoventisinfotech.com

California privacy rights (CCPA/CPRA)

If you are a California resident, the categories of personal information we collect are: identifiers (e.g. email, account ID, device identifiers), customer records (name), internet/app activity (usage analytics), audio (voice clips), and content you create which may include sensitive personal information such as health information. We collect these for the purposes described above.

We do not sell or share your personal information, including for cross-context behavioral advertising, and have not in the preceding 12 months. You have the right to know, delete, and correct your personal information, and to limit the use of sensitive personal information — we only use any sensitive information to provide the service you requested. This policy is reachable any time from Settings.

Children

Yobu is not directed at children under 13, and we do not knowingly collect personal data from them. In some countries (including parts of the EU/EEA) the minimum age to consent to online services without parental permission is higher than 13 (up to 16). If you are under the digital-consent age in your country, you may use Yobu only with the consent of a parent or guardian. If you believe a child has signed up, contact us and we will delete the account.

Device permissions

Yobu may request access to your camera, photo library, and microphone so you can attach images and record voice messages, and can receive text, images, audio, and documents you share into it from other apps. These are used only to create the content you choose to add.

AI content

Yobu uses generative AI (Google Gemini) to extract reminders, edit notes, transcribe voice, and answer questions. This is automated processing of what you write: the AI reads your input and creates or changes reminders, notes, dates, and other fields on your behalf. It may be inaccurate — you can review, edit, or delete anything the AI sets, and these reminders have no legal or similarly significant effect on you. The AI does not make eligibility, financial, or health-diagnosis decisions about you. If you see AI output that is offensive, harmful, or otherwise inappropriate, tap the Report button on the message — reports are reviewed by our team. Safety filters block the most likely-harmful output categories at generation time.

Voice recordings are used only to transcribe what you said into text for reminders and notes. We do not use voice for voiceprinting, speaker identification, or any biometric purpose.

Medical disclaimer

Yobu is a productivity reminder tool — not a medical device. Medication, appointment, habit, and health reminders are best-effort scheduling, not life-safety alerts, and habit tracking is not medical record-keeping.

Do not rely on Yobu for time-critical medication (e.g. insulin, anticonvulsants), emergency alerts, or any situation where a missed reminder could endanger you.
Notifications can be delayed or dropped by your device, your operating system's battery saver, or by Yobu itself.
The AI extraction features can misread dates, doses, and instructions. Always verify what the AI sets before relying on it.
Yobu does not provide medical, legal, or financial advice. AI-generated content should not be treated as professional guidance.

If your health depends on accurate timing, use a purpose-built medical reminder device or talk to your provider.

Security

Data is encrypted in transit (TLS) and at rest on Google Cloud. We use Firebase App Check to attest mobile clients on supported builds. Push notifications are delivered through Apple and Google and may show the title of a reminder or habit on your lock screen — avoid putting sensitive details in titles you would not want shown there. No system is perfectly secure — report concerns to support@innoventisinfotech.com.

Changes

We may update this policy from time to time. Material changes will trigger an in-app re-acceptance prompt the next time you open Yobu. The "Last updated" date at the top of this page reflects the latest version.

Contact

Privacy questions: support@innoventisinfotech.com
Support: support@innoventisinfotech.com