Privacy Policy

Last updated: April 1, 2026

1. Overview

CalGlue ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your information when you use our calendar synchronization service.

2. Data We Collect

We collect and process the following types of data:

Account Information

• Your name and email address from your Google or Microsoft account.
• OAuth 2.0 tokens used to access your calendar data on your behalf.

Calendar Data

• Calendar event details (subject, time, location, description, attendees) are read during synchronization.
• The level of detail synced depends on your chosen privacy setting: "Busy only," "Title only," or "Full details."
• We do not permanently store your calendar event data. Events are read from the source and written to the target in real time during sync operations.

Sync Metadata

• Connection configurations (source/target calendars, sync frequency, detail level).
• Sync history logs (timestamps, event counts, error messages — not event content).

3. How We Use Your Data

Your data is used exclusively to:

• Authenticate your Google and Microsoft accounts via OAuth 2.0.
• Read events from your source calendar and create/update corresponding events in your target calendar.
• Display your sync history and connection status within the application.
• Diagnose and resolve sync errors.

4. Data We Do NOT Collect

• We do not sell, share, or monetize your data in any way.
• We do not use your data for advertising or marketing purposes.
• We do not train AI models on your calendar data.
• We do not share your data with third parties.
• We do not store your Google or Microsoft passwords — we use OAuth 2.0 tokens exclusively.

5. Data Storage & Security

• OAuth tokens and account metadata are stored in an encrypted database.
• All data in transit is encrypted via TLS/HTTPS.
• Access to production systems is restricted to authorized personnel only.
• We use industry-standard security practices to protect your information.

6. Data Retention

• OAuth tokens are stored as long as your account is active and the provider account is linked.
• Sync history logs are retained for 90 days, then automatically deleted.
• If you delete your account, all associated data is permanently removed within 30 days.

7. Your Rights

You have the right to:

• Disconnect accounts at any time, which revokes our access to your calendar data.
• Delete your account and all associated data.
• Export your data — contact us and we will provide a copy of the data we store about you.
• Revoke access directly through your Google or Microsoft account security settings at any time.

8. Third-Party Services

CalGlue integrates with the following third-party services solely for the purpose of calendar synchronization:

• Google Calendar API — governed by Google's Privacy Policy.
• Microsoft Graph API — governed by Microsoft's Privacy Statement.

9. Cookies

CalGlue uses essential cookies only for authentication and session management. We do not use tracking cookies, analytics cookies, or third-party advertising cookies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes via email or through the Service. The "Last updated" date at the top of this page indicates when the policy was most recently revised.

11. Contact

If you have questions about this Privacy Policy or how we handle your data, please contact us.