Can NimbleCal read my event titles and notes?
For normal calendar sync: no.
NimbleCal encrypts your calendar content on your device before syncing/storing it (end-to-end encryption). Your devices hold the keys needed to read event content.
Email invites are different: when you send an invite email, NimbleCal stores and sends a plaintext invite summary with the event title, start/end time, timezone, organizer name/email, and any event location or description.
Keep the full invite link private, because anyone with it can view the invite details.
See:
Does Quick Add send my text to an AI API?
No.
Quick Add parsing runs 100% on-device. The text you type is not sent to NimbleCal servers and is not shared with third-party AI APIs.
See: Quick Add with natural language
What data is not encrypted?
A calendar app still needs some non-content data to function (even with end-to-end encryption).
Examples can include:
- Account data (like your email address)
- Billing/subscription status
- Limited sync metadata (for example, timestamps used for conflict resolution)
- Reminder scheduling timestamps, which NimbleCal stores outside encrypted event blobs so reminders can be delivered
For the detailed, canonical explanation, see: Privacy guide
What happens if I forget my password?
Because NimbleCal uses end-to-end encryption, password resets have extra safety steps.
See: Passwords and key recovery
Are invites encrypted end-to-end?
Invites are different from normal calendar sync.
When you invite participants, NimbleCal needs to store and send a plaintext invite summary with the event title, start/end time, timezone, organizer name/email, and any event location or description. Anyone with the full invite link can access the invite details, so keep it private.
See: Invite participants
How do I report a security issue?
Email: security@nimblecal.com
If you can, include:
- A short description of the issue
- Steps to reproduce
- Screenshots (with private event data redacted)