Transparency Report
Building trust through clear reporting, privacy-first operations, and accountable AI practices.
Government Requests
No valid requests received
User Data Requests
Target response: under 14 days
Security Incidents
No breaches or incidents to date
EU Data Residency
Available on Pro plan
Our Commitment to Transparency
Calmo was built on a simple belief: trust is earned through transparency. As a company handling personal email workflows, we hold ourselves to high standards of privacy, accountability, and operational discipline.
This Transparency Report gives users clear insight into how we handle legal requests, protect data, select subprocessors, and improve our security and responsible AI practices.
This is our inaugural report.
This report covers the period from public launch through May 10, 2026. Future reports are expected to be published quarterly.
Government and Law Enforcement Requests
We take all government and law enforcement requests seriously. Our policy is:
- We only comply with valid, lawful requests supported by proper legal process.
- We notify affected users whenever legally permitted.
- We publish aggregate data in this report for public accountability.
During this reporting period, Calmo received zero valid legal requests from government agencies or law enforcement authorities.
User Data Subject Requests
We give users control over their personal data. Users can exercise privacy rights through product controls where available or by emailing our Privacy Team.
| Request Type | Received | Completed | Avg. Response Time |
|---|---|---|---|
| Data Access / Right to Know | 0 | 0 | - |
| Data Deletion / Right to be Forgotten | 0 | 0 | - |
| Data Portability | 0 | 0 | - |
| Do Not Sell / Share My Info (CCPA) | 0 | 0 | - |
| Total User Requests | 0 | 0 | Under 14 days |
We aim to respond to all valid requests within 14 days, ahead of the 30-day GDPR and 45-day CCPA response windows.
Security Incidents and Data Protection
The security of email data is a core product requirement. Our technical and organizational measures include:
Responsible AI and Data Usage
Calmo is purpose-built for email prioritization, summarization, drafting assistance, and inbox cleanup. We design these AI features with privacy and control as default requirements.
Our AI subprocessors are contractually restricted from using your email content for model training or improvement.
Email content sent to AI models is processed for the requested feature and is not retained as raw email bodies for AI purposes.
Users can disable AI features, reset personalization, revoke OAuth access, or request deletion of processed data.
Subprocessors and Data Transfers
We work with a small group of vetted subprocessors. Subprocessors are expected to operate under appropriate data processing terms and transfer safeguards where applicable. A full list can be maintained on our Subprocessors page.
AI-related subprocessors are expected to delete customer data after processing and are prohibited from using customer email content to train models.
Policy Updates
There were no material changes to our Privacy Policy, Terms of Use, or data processing practices during this reporting period. We will notify users before significant changes take effect.
Next scheduled review: August 2026
Questions or requests?
Our Privacy Team can help with privacy requests, security questions, and report clarifications.