Privacy Policy

• —Account Information: Name, email address, and profile picture
• —Calendar Connections: OAuth authorization to access your calendar accounts (Google Calendar, Microsoft Outlook, Zoom)
• —User Preferences: Working hours, timezone, default conference provider, privacy settings, and group privacy settings
• —Billing Information: Subscription plan tier, billing status, and payment history (processed by Polar/Stripe; we do not store full payment card details)
• —Group Invite Information: Email addresses you enter when inviting others to groups

When you connect a calendar provider, we access and process:

• —Calendar Events: Event titles, descriptions, start/end times, locations, attendees, recurrence rules, reminders, and conference details
• —Calendar Metadata: Calendar names, colors, and sync tokens
• —Account Information: Calendar account email addresses and display names

• —Usage Data: API requests, sync timestamps, and error logs for troubleshooting
• —Device Information: IP address, browser type, and operating system (collected via standard server logs)
• —Session Data: A persistent session indicator cookie (calplanner_session, 30-day lifetime) for server-level route access control; authentication tokens and user preferences stored in browser localStorage
• —Real-Time Sync Notifications: We maintain a Server-Sent Events (SSE) connection to /sync/events to deliver real-time calendar sync notifications, including calendar_changed events (provider, timestamp, reason) and account_needs_reauth events (account ID, email, provider, reason)

When you create or join a group, we collect and share the following with other group members:

• —Your Profile in the Group: Name, email address, avatar URL, role (admin or member), assigned color, and join date
• —Your Calendar Events in the Group: Subject to your individual privacy settings, this may include event start/end times, timezone, all-day status, and either full event details (title, description, location) or anonymized "Busy" blocks only
• —Group Events: Events created within a group include member attendee lists
• —Group Metadata: Group name, member count, and creation date

When you send a group invite (via email or shareable link), we process:

• —Email Invites: The recipient's email address, the inviting group ID, and invite status (active, accepted, declined, expired, revoked)
• —Link Invites: Invite code, usage count, and expiration information

During account registration, we check whether your email address is already associated with a linked calendar on another Calplanner account. This allows us to warn you that your new account will not have access to that calendar. We do not share this information with other users.

• —Calendar Synchronization: Reading events from your connected calendars and creating synchronized copies on your linked calendars
• —Event Propagation: When you enable calendar linking, we create propagated event copies with privacy settings you configure (blocked or full visibility)
• —Event Updates: Using webhook notifications and SSE from calendar providers to synchronize your events (note: synchronization may be delayed and is not guaranteed to be instantaneous; see our Terms of Service for important limitations)
• —Unified View: Displaying all your calendar events from connected accounts in a single interface
• —Group Collaboration: Enabling group members to view shared availability, schedule group events, and manage group memberships
• —Account Re-authentication: Notifying you when a connected calendar account requires re-authorization and guiding you through the reconnection flow

• —Performance Monitoring: Analyzing sync success rates and response times to improve reliability
• —Error Diagnosis: Using logs to troubleshoot synchronization issues and API failures
• —Feature Development: Understanding usage patterns to prioritize new features

• —Service Notifications: Sync errors, authentication failures, important service updates, and billing notifications
• —Support Responses: Answering your questions and resolving technical issues
• —Group Invite Emails: Sending transactional invitation emails when you invite someone to a group

• —Subscription Processing: Managing your Free or Pro subscription tier through Polar
• —Payment Handling: Processing payments and managing billing cycles via Polar/Stripe
• —Entitlement Enforcement: Enforcing calendar connection limits and feature access based on your subscription tier

• —We only access the minimum Google Calendar data necessary for our core synchronization functionality
• —We do not use Google user data for serving advertisements
• —We do not transfer Google user data to third parties except as necessary to provide our service, comply with applicable law, or as part of a merger/acquisition with your explicit prior consent
• —We do not use or transfer Google user data for purposes unrelated to calendar synchronization

We request the following Google Calendar API scopes:

• —calendar.events.owned - Read events from calendars you own and create, update, and delete events on those calendars for bidirectional synchronization
• —userinfo.email - Identify your Google account for calendar association
• —userinfo.profile - Display your name and profile picture in the application

• —We only access and write to calendars you own and never modify events on shared calendars you don't control
• —This scope provides the minimum permissions necessary for our core synchronization feature

• —Encryption in Transit: All data transmitted between your device and our servers uses TLS 1.2+ encryption
• —Encryption at Rest: OAuth access and refresh tokens are encrypted using AES-256-GCM encryption before storage
• —Database Security: Calendar data is stored in MongoDB with access restricted to authorized personnel only
• —Authentication Security: User authentication is managed by Supabase with industry-standard security practices
• —Access Controls: Strict role-based access controls limit employee access to user data
• —Account Deletion Security: Our account deletion feature includes multiple verification steps (password verification and confirmation text) to prevent unauthorized or accidental account deletion, protecting your data from malicious actors or unintended actions

• —Active Accounts: Your data is retained while your account remains active
• —Account Deletion: You can delete your account at any time through your account settings. When you initiate account deletion:
• —You will be guided through a secure three-step verification process to confirm your identity and intent
• —All personal information, calendar connections, and synced event data will be permanently deleted within 30 days
• —OAuth access tokens for connected calendar providers will be immediately revoked
• —Backup copies in our systems will be purged within the 30-day period
• —This action is irreversible and cannot be undone
• —Billing Data: Subscription and billing records may be retained for a longer period as required for tax, accounting, or legal obligations, even after account deletion
• —Sync Tokens: Calendar sync tokens are refreshed periodically and expire after approximately 30 days per provider specifications
• —Logs: Error logs and diagnostic data are retained for 90 days for troubleshooting purposes, then permanently deleted
• —Invite Data: Group invite records are retained as long as the group exists or until the invite is explicitly revoked or expires

• —Calendar Providers: Google, Microsoft, and Zoom receive API requests necessary to synchronize your calendar events
• —Authentication Service: Supabase processes authentication requests and stores user credentials
• —Database Hosting: MongoDB Atlas (if used) stores encrypted calendar data in secure data centers
• —Infrastructure Providers: Cloud hosting providers (AWS, Google Cloud, etc.) host our application infrastructure
• —Billing and Subscription Management: Polar manages subscription tiers, billing cycles, and entitlements. Stripe may be used by Polar as an underlying payment processor
• —Email Delivery: Resend is used to send transactional emails, including group invitation emails

All third-party service providers are contractually obligated to protect your data and use it only for purposes we specify.

We may disclose your information if required by law, court order, or to:

• —Comply with legal processes or government requests
• —Enforce our Terms of Service
• —Protect our rights, property, or safety, or that of our users or the public
• —Detect, prevent, or address fraud, security, or technical issues

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you via email and provide an opportunity to delete your account before any transfer.

• —Access: Request a copy of your personal data we store
• —Correction: Update or correct inaccurate information through your account settings
• —Deletion: Delete your account and all associated data at any time through the "Delete Account" feature in your account settings. The deletion process includes:
• —A clear warning about what data will be permanently removed
• —Password verification to confirm your identity
• —Final confirmation to prevent accidental deletion
• —Immediate revocation of all calendar access tokens
• —Permanent deletion of all data within 30 days
• —Revoke Access: Disconnect calendar providers and revoke OAuth permissions through your account settings or directly via each provider's account permissions page
• —Manage Group Privacy: Control which calendars are visible in full detail versus busy-only within each group through your group settings

If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):

• —Right to Restriction: Restrict how we process your data
• —Right to Object: Object to data processing for specific purposes
• —Right to Lodge a Complaint: File a complaint with your local data protection authority
• —Legal Basis: We process your data based on your consent (for calendar connections and group participation) and contract necessity (to provide our service)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), effective January 1, 2026:

• —Right to Know: Request disclosure of the categories and specific pieces of personal information we collect
• —Right to Delete: Request deletion of your personal information. You can exercise this right immediately through the "Delete Account" feature in your settings, or by emailing admin@calplanner.com
• —Right to Opt-Out: Opt out of the "sale" or "sharing" of personal information (Note: We do not sell or share personal information for advertising purposes)
• —Right to Correction: Request correction of inaccurate personal information
• —Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information beyond what is necessary to provide our services
• —Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
• —Authorized Agent: You may designate an authorized agent to make requests on your behalf

CCPA Data Categories We Collect:

• —Identifiers (email, name)
• —Internet or network activity (usage logs, SSE connections)
• —Calendar and scheduling information
• —Commercial information (subscription tier, billing status)
• —Inferences drawn from the above

How to Exercise CCPA Rights: You can delete your account directly through the "Delete Account" feature in your settings. For other requests, email admin@calplanner.com and we will respond within 45 days.

Residents of Colorado, Connecticut, Montana, Oregon, Texas, Utah, and Virginia have similar rights under their respective state privacy laws. Contact us to exercise these rights.