CaliMob Privacy Policy — No Tracking, No Analytics

Last updated: May 2026

1. Overview

CaliMob ("the App") is committed to protecting your privacy. This policy explains what data the App collects, how it is used, and your rights.

2. Data We Do NOT Collect

CaliMob does not collect, store, or transmit:

  • Your reading habits (what you read, when, how long)
  • Personal information beyond what is needed for cloud sign-in
  • Location data
  • Device identifiers for tracking
  • Analytics or telemetry

3. Data Stored Locally

The following data is stored only on your device:

  • Library metadata (book titles, authors, covers, tags)
  • Reading progress and bookmarks
  • App preferences (theme, font, sync settings)
  • Downloaded book files

This data never leaves your device unless you explicitly connect to a cloud backend.

4. Cloud Backends — Data Use, Sharing, and Protection

CaliMob supports multiple cloud backends: Google Drive, Dropbox, WebDAV/Nextcloud, FTP/SFTP, OPDS catalogs, and Calibre Content Server. The following applies to all cloud backends equally.

How CaliMob uses your cloud data

  • CaliMob accesses only the folders you explicitly authorize. No other data on your cloud account is accessed.
  • Files are fetched directly from the cloud provider to your device over HTTPS/TLS. CaliMob has no backend server that receives, caches, logs, or processes your cloud data. The developer does not have access to, and cannot read, any of your cloud data.
  • File metadata (names, folder structure, modification dates) is cached locally on your device to build your library index. This cache can be cleared at any time from the App settings or by disconnecting the library.
  • Book content (EPUB, PDF, CBZ, audiobooks) is downloaded to your device for offline reading. These files remain on your device only.

Sharing, transfer, and disclosure

CaliMob does not share, transfer, sell, rent, or disclose any user data obtained from cloud backends to any third party, for any purpose, under any circumstance. Specifically:

  • No cloud data is sent to our servers or any third-party infrastructure (except when you opt in to CaliWeb Sync — see Section 5).
  • No cloud data is shared with analytics, advertising, or tracking services.
  • No cloud data is shared with other users or made publicly accessible.
  • No cloud data is used for purposes unrelated to providing the App’s core ebook reading functionality.

Data protection measures

  • Encryption in transit: all communication with cloud backends uses HTTPS/TLS encryption (FTPS/SFTP for FTP connections).
  • Encryption at rest: cached data is stored in the App’s private sandboxed storage on Android, protected by the operating system’s file-level encryption.
  • No server-side storage: CaliMob does not operate any server that stores or processes your cloud data. There is no server to breach.
  • Authentication credentials: OAuth tokens (Google, Dropbox) and login credentials (WebDAV, FTP) are stored securely in the App’s private storage on your device. They are never transmitted to any server.
  • Minimal data retention: no cloud data is retained beyond what is cached on your device. Uninstalling the App or clearing its data removes all cached data and credentials.

4a. Google Drive — Additional Disclosures

This section provides additional detail required by the Google API Services User Data Policy. All general cloud backend policies in Section 4 also apply to Google Drive.

OAuth scopes requested

  • drive.readonly — lists folders and downloads ebook files from the Google Drive folder you select as your Calibre library root. Required because a Calibre library consists of hundreds of files organized in nested author/title folders that must be traversed recursively.
  • drive.file — writes back to your chosen library folder on Drive: book cover images, new book formats added on device, and metadata updates during bidirectional sync.
  • email, profile — identifies your Google account for sign-in. Your email is stored locally on your device to manage the connection; it is never sent to our servers.

Google token security

Google OAuth access and refresh tokens are stored in the App’s private sandboxed storage. They are never transmitted to any server. You can revoke CaliMob’s access at any time via Google Account permissions.

5. CaliWeb Sync (Optional — Coming Soon)

CaliMob will offer an optional connection to CaliWeb, a companion web service for bidirectional backup and cross-device synchronization of your library. This feature is not yet available. When launched, it will be entirely opt-in — CaliMob works fully without it.

What data is synced

If you choose to enable CaliWeb sync, the following data is transmitted to our servers:

  • Library metadata (book titles, authors, covers, tags, series, reading progress)
  • Book files (EPUB, PDF, CBZ, audiobooks) for backup and cross-device access
  • Account information (email address used for registration)

How CaliWeb data is used

  • Your data is used solely to provide the sync and backup service. We do not read, analyze, or mine your library content.
  • Your data is not shared with, sold to, or disclosed to any third party.
  • Your data is not used for advertising, profiling, or analytics.
  • Book files are stored encrypted on our infrastructure and served only to your authenticated devices.

CaliWeb data protection

All protections described in Section 4 (encryption in transit, minimal retention) apply. Additionally:

  • Encryption at rest: book files are stored on encrypted cloud storage.
  • Access control: your data is accessible only to your authenticated account. No other user can see your library.
  • Data deletion: you can delete your CaliWeb account and all associated data at any time from the account settings. Deletion is permanent and irreversible.
  • Data portability: you can export your full library from CaliWeb at any time.

6. Demo Library

When you access the Demo Library, your device connects to our server to download book metadata and files. We do not log which books you browse or download from the demo. Server access logs (IP address, timestamp) are retained for up to 30 days for security purposes only.

7. Third-Party Services

CaliMob does not integrate any third-party analytics, advertising, or tracking services. No data is shared with third parties.

8. Children's Privacy

CaliMob does not knowingly collect data from children under 13. The App does not require registration or personal information.

9. Data Deletion

  • Local data: you can delete all locally cached data at any time by clearing the App’s data in your device settings, or by uninstalling the App.
  • Cloud backend data: disconnecting a cloud backend from CaliMob removes all cached data for that backend from your device. Your data on the cloud provider is not affected.
  • CaliWeb data: if you use CaliWeb sync, you can delete your account and all server-side data from the CaliWeb account settings. This is permanent.
  • Google data: you can revoke CaliMob’s access to your Google account at any time via Google Account permissions.

10. Changes

We may update this Privacy Policy. Changes will be posted on this page with an updated date. Continued use of the App constitutes acceptance.

11. Contact

For privacy questions, contact us at our contact page or email [email protected].

Last updated: June 30, 2026