Privacy Policy

This Privacy Policy applies to Calendar Society ("Service"), which is currently operating in BETA. The Service is provided by Silicon Box Inc, a 501(c)3 non-profit organization. By using this Service, you acknowledge that you are using a beta version that may contain errors, bugs, or other issues, and you assume all risks associated with the use of this Service.

1. Information We Collect

1.1 Information You Provide Directly

• Account Information: When you create an account, we collect your name, email address, and any other information you provide during registration.
• Calendar Data: When you connect your calendar (including Google Calendar), we access and store calendar events, availability information, and related metadata to provide the Service's core functionality.
• Event Information: Information about events you create, share, or participate in, including event details, dates, times, locations, and participant information.
• Friend Connections: Email addresses and information about users you connect with through the Service.
• Interests: Information about your interests and preferences that you choose to share.
• Payment Information: When you make payments through our Service, payment information is processed by third-party payment processors (Stripe). We do not store your full payment card details.

1.2 Automatically Collected Information

• Usage Data: Information about how you interact with the Service, including pages visited, features used, and time spent on the Service.
• Device Information: Information about your device, including IP address, browser type, operating system, and device identifiers.
• Cookies and Tracking Technologies: We use cookies and similar technologies to enhance your experience, analyze usage patterns, and provide personalized content.

1.3 Information from Third-Party Services

• Google Calendar: When you connect your Google Calendar, we access calendar data as authorized by you through Google OAuth.
• Authentication Providers: We use Clerk for authentication, which may collect and process authentication-related information.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process transactions and manage subscriptions
• Send you notifications, updates, and communications related to the Service
• Facilitate connections between users and manage friend relationships
• Sync calendar data to show availability and suggest meeting times
• Personalize your experience
• Detect, prevent, and address technical issues, fraud, or security threats
• Comply with legal obligations

3. Information Sharing and Disclosure

3.1 With Other Users

• Friend Connections: Your name, email, and availability information may be shared with users you connect with as friends.
• Events: Event information you create or accept will be shared with invited participants.

3.2 With Third-Party Service Providers

• Payment Processing: Stripe processes payment transactions.
• Authentication: Clerk handles user authentication and account management.
• Cloud Services: We use cloud service providers (including Neon PostgreSQL, Vercel, and AWS) to host and operate the Service.
• Email Services: AWS SES is used to send email invitations and notifications.

3.3 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, property, or safety, or that of others.

3.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Data Security

Given that this is a beta service, security measures may be incomplete or subject to change. You are solely responsible for ensuring the security of your account credentials and for any actions taken through your account.

5. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy. We may retain certain information for longer periods as required by law or for legitimate business purposes, including dispute resolution and enforcement of agreements.

You may request deletion of your account and associated data, subject to our retention obligations and technical limitations. HOWEVER, GIVEN THE BETA NATURE OF THE SERVICE, WE MAKE NO GUARANTEES REGARDING DATA RETENTION OR DELETION.

6. Your Rights and Choices

6.1 Access and Correction

You may access and update certain account information through your account settings.

6.2 Data Portability

You may request a copy of your data in a portable format, subject to reasonable limitations.

6.3 Deletion

You may request deletion of your account and data, subject to legal and technical limitations.

6.4 Opt-Out

You may opt out of certain communications by following the instructions in those communications or adjusting your account settings.

7. Third-Party Links and Services

The Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

8. Children's Privacy

The Service is not intended for children under the age of 13 (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

9. International Data Transfers

10. GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have certain rights under the General Data Protection Regulation (GDPR) regarding your personal data. Silicon Box Inc is the data controller for personal data processed through the Service.

10.1 Legal Basis for Processing

We process your personal data based on the following legal bases:

• Consent: When you provide explicit consent (e.g., connecting your Google Calendar, opting into communications)
• Contract Performance: To provide the Service you have requested and to fulfill our contractual obligations
• Legitimate Interests: To improve the Service, ensure security, prevent fraud, and for business operations
• Legal Obligations: To comply with applicable laws and regulations

10.2 Your GDPR Rights

In addition to the rights described in Section 6, if you are in the EEA, UK, or Switzerland, you have the right to:

• Access: Request access to your personal data and information about how it is processed
• Rectification: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your personal data (right to be forgotten)
• Restriction: Request restriction of processing in certain circumstances
• Data Portability: Receive your data in a structured, commonly used format
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us using the information provided in Section 14.

10.3 Right to Lodge a Complaint

11. California Privacy Rights

If you are a California resident, you may have certain additional rights under the California Consumer Privacy Act (CCPA), including:

• The right to know what personal information we collect
• The right to delete personal information
• The right to opt-out of the sale of personal information (we do not sell personal information)
• The right to non-discrimination

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. Your continued use of the Service after such changes constitutes acceptance of the updated Privacy Policy.

13. Future Fee-Based Services

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, or to exercise your rights under GDPR or other privacy laws, please contact us at: