← tempoapp.app

Privacy Notice

Last updated: April 2026

Short version: Tempo keeps your data on your Mac. We don't run a cloud for it. Nothing about what you monitor, schedule, or automate leaves your device because of us.

What Tempo stores locally

Every event Tempo ingests — calendar entries, reminders, webhook alerts, HomeKit signals, script results, whatever you connect — is stored in a local SQLite database under ~/Library/Application Support/Tempo/. Attachments, configuration, tokens, scores, and logs live in the same directory. This data never leaves your Mac through Tempo.

If you back up your Mac (Time Machine, Kopia, Arq, etc.) or keep that folder on an external/cloud-synced drive, backups and sync follow whatever service you chose. That is your decision and your trust relationship with that service, not ours.

What Tempo sends to the network

Tempo is designed to sit on your LAN. The app itself makes these outbound network calls, and no others:

• Update checks (Sparkle) — Tempo asks downloads.tempoapp.app whether a newer version exists. This request carries your current Tempo version and your IP address (unavoidable for any HTTPS request). We don't correlate it with an identity, we don't store it beyond Cloudflare's standard access logs, and no other data is sent.
• Opt-in telemetry — off by default. If you enable it in Settings, Tempo may send anonymized usage counters (e.g. "Kopia source used", "app started"). No event contents, no identifiers, no IP beyond what the transport requires. You can turn it off at any time; turning it off stops new data immediately.

That's the full list. Tempo does not ship with third-party analytics, crash reporting SDKs, ad networks, or tracking pixels.

What Tempo does not collect

• Event contents (what your calendars, reminders, scripts, or webhooks say)
• The list of sources you have connected
• Your Mac's name, serial number, or device identifiers
• Contacts, files, or other system data beyond what you explicitly grant via macOS permission dialogs (EventKit, HomeKit, Health, etc.)
• Any form of behavioural profiling

macOS permissions

On first use of certain features, macOS will ask for permission: Calendar and Reminders (EventKit), HomeKit, Focus, Health, and so on. Tempo reads only the data you grant. You can revoke any permission in System Settings → Privacy & Security at any time; Tempo handles revocation gracefully and stops reading from that source.

Third parties that touch your data

Only two, and only indirectly:

• Cloudflare serves tempoapp.app (this site), downloads.tempoapp.app (app downloads and update feed), and any related subdomains. When your browser or Tempo connects to these, Cloudflare sees the request — the same way it sees any of the millions of sites it serves. Standard access logs, no custom logging we add. Cloudflare may process these access logs in non-EU jurisdictions; such transfers occur under Standard Contractual Clauses (SCCs) approved by the European Commission.
• Your chosen third-party sources. If you connect Tempo to a Google Calendar, a Home Assistant webhook, or any other external service, Tempo talks to that service on your behalf. Whatever those services collect is between you and them.

Your rights under GDPR and similar laws

Because Tempo stores data exclusively on your Mac, the usual rights (access, rectification, erasure, portability, restriction) are satisfied directly by you: the database is a file you own. To erase everything, delete the ~/Library/Application Support/Tempo/ directory and uninstall the app. We have nothing stored on our side to delete.

If you enabled opt-in telemetry, the counters we received are non-identifiable by design. If you still want them removed, contact us at privacy@tempoapp.app and we'll purge matching rows from the telemetry store.

EU/EEA residents have the right to lodge a complaint with their national data protection authority if they believe their personal data is being handled improperly. The Italian authority is the Garante per la Protezione dei Dati Personali.

Who is the data controller

The data controller for tempoapp.app and the Tempo application is Caereforge, an independent software publisher based in Italy, reachable at privacy@tempoapp.app.

Security

Tempo stores authentication tokens for external services (per-provider ingestion tokens, OAuth tokens for calendar providers if added, etc.) in the macOS Keychain — not in the app's preferences or database. If you move your Tempo folder to another Mac, tokens do not travel with it; you reconfigure them on the new machine.

Children

Tempo is a general-purpose macOS utility intended for adults. It does not knowingly collect information from or target minors.

Changes to this notice

If this Privacy Notice changes in any substantive way, the updated date at the top will change, and we'll note the change in the release notes of the Tempo version that introduced the reason for the update.

Contact

privacy@tempoapp.app