Privacy Policy

Who we are

Gnomik is a small soft­ware service that helps solo profes­sionals organise their sched­ule, reminders and simple book­keep­ing. Gnomik is oper­ated by Gnomik LLC, registered in Argentina. You can contact us at [email protected].

What Gnomik does

Gnomik connects your existing tools — Tele­gram and Google Calen­dar — to help you manage appoint­ments and payment remind­ers. Gnomik itself is inten­tion­ally "zero-­storage": it doesn't keep its own copy of your data and uses your Google account as the long-­term data store.

Roles under data-protection law

  • If you use Gnomik in your own prac­tice, you are the data controller for inform­a­tion about your clients.
  • For that data, Gnomik acts as your data processor: we process it only on your instruc­tions and only to provide the service.
  • Gnomik is a data controller for data about you as a customer (billing, account manage­ment, support).

Data we process

Depending on how you use the service, we may process:

  • Ac­count data: display name (a name you choose to present to your clients — this need not be your legal name), Tele­gram user ID, Google account ID, language, time zone.
  • Scheduling data: appoint­ment time and dura­tion, a display name provided by your client when booking (which may not be their legal name), internal client iden­ti­fi­ers, basic appoint­ment metadata read from your Google Calen­dar. When a client books via Gnomik, their Tele­gram user­name or display name is added to the corres­ponding event in your Google Calendar so you can identify and contact them; this data is written to your own Google account and governed by Google's privacy policy.
  • Pay­ment config­ur­a­tion data: if you use Gnomik's invoicing feature, we store the payment details you expli­citly provide so Gnomik can include them in invoices sent to your clients. Depending on your chosen payment method this may include a payment link URL, a phone number for bank trans­fers (e.g. SBP), bank account holder name, IBAN, SWIFT/BIC, routing number, or a crypto­cur­rency wallet address. This data is stored only at your explicit request and is treated as your busi­ness config­ur­a­tion. It is never logged or shared with third parties beyond deliv­ering invoices to your clients.
  • Mes­saging data: tech­nical details of Tele­gram messages sent to and from the Gnomik bot (chat IDs, timestamps, message IDs). We do not store copies of message contents in our data­base; they remain in Tele­gram.
  • Tech­nical data: server logs with anonymised iden­ti­fi­ers: request IDs, error codes, IP address in security logs.

Google API data and Limited Use

Gnomik accesses your Google account through OAuth 2.0 author­isa­tion that you expli­citly grant. The specific data accessed includes:

  • Cal­endar list — to let you select which calendar Gnomik should use for your appoint­ments.
  • Cal­endar events (read and write) — to display your sched­ule, create booking events, set reminder metadata, and remove cancelled appoint­ments.
  • Free/busy inform­a­tion — to identify avail­able time slots for client book­ings.

This data is used ex­clus­ively to provide the schedul­ing, book­ing, and reminder features visible in the service. In partic­u­lar:

  • We do not use any Google user data to serve you advert­ise­ments or for any advertising-­related purpose.
  • We do not allow any human to read your Google account data, except where required by applic­able law, where strictly neces­sary for security or fraud-­prevention (and only to the minimum extent required), or where you have given explicit written consent.
  • We do not sell, trans­fer, or disclose Google user data for any purpose other than those expli­citly described in this Privacy Policy.
  • We do not use Google user data for any purpose unre­lated to providing and improving Gnomik's user-­facing features.

Gnomik's use of inform­a­tion received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Where your data lives

  • Google Calen­dar: most long-­term data about your clients and appoint­ments lives in your own Google account and is governed by Google's privacy policy.
  • Tele­gram: messages between you, your clients and the Gnomik bot live in Tele­gram and are governed by Tele­gram’s privacy policy.
  • Gnomik infra­struc­ture: we operate servers on reput­able hosting providers, where we store only what is needed to run the service: OAuth tokens, internal iden­ti­fiers and tech­nical logs.

Why we process your data

We use your data to:

  • provide and main­tain the service (legal basis: perform­ance of a contract);
  • secure and troubleshoot the service (legal basis: our legit­imate interest in keeping the service reli­able and secure);
  • commu­nicate with you about your subscrip­tion, updates and changes (legal basis: perform­ance of a contract / legit­imate interest);
  • comply with legal oblig­a­tions (for example, accounting and tax rules).

How long we keep data

Account-­level data is kept for as long as your account is active and for a reas­on­able period after­wards where required by law (e.g. invoicing records).

Tech­nical logs are kept for short, fixed periods (90 days maximum) for security and debug­ging, then perman­ently deleted.

We do not keep our own copy of any of your and your clients' records; those remain under your control in your Google and Tele­gram accounts.

Sharing and subprocessors

We do not sell your data. We use the following service providers to operate Gnomik. Where required by law we sign data-­processing agree­ments with them.

Provider Country Purpose
Beget LLC Russia Cloud infra­struc­ture — the servers and in-­memory data­base (Valkey) that store your account data, OAuth tokens, and oper­a­tional state
Sentry (Functional Soft­ware, Inc.) United States Error monit­or­ing — anonymised crash reports and stack traces used to diagnose bugs. May include tech­nical iden­ti­fiers (e.g. Tele­gram user ID, request path) attached to error events
Google LLC (Gemini API) United States AI-­assisted schedule import — used only when you photo­graph a paper schedule and ask Gnomik to extract appoint­ments from it. Only the photo is sent; no calendar data or personal details are included
OpenAI, L. L.C. United States AI-­assisted schedule import (fallback) — same feature; used only if Google Gemini is unavail­able

Google LLC is also our primary integ­ra­tion partner for Google Calen­dar; that rela­tion­ship is described under Where your data lives and Google API data and Limited Use above.

International transfers

Gnomik's infra­struc­ture is hosted in Russia (Beget LLC), and our error-­monitoring and AI providers are based in the United States. If you are located in the EEA or UK, your data is there­fore trans­ferred to coun­tries that may not provide a level of data protec­tion equi­valent to EU law. We rely on appro­priate safe­guards — such as the EU Standard Contrac­tual Clauses — to protect your data during these trans­fers. You may request details of the applic­able safe­guards by contacting us at [email protected].

Your rights

You have the right to:

  • access, correct or delete your personal data;
  • restrict or object to certain processing;
  • receive a copy of your data in a port­able format;
  • complain to your local data-­protection author­ity.

For most requests about your clients’ data (for example, a client who wants their Google Calendar entry removed), you remain the controller and handle those requests your­self through your own Google and Tele­gram accounts. We will support you where reas­on­ably possible.

Contact

For privacy ques­tions or requests, email us at [email protected]