Privacy Policy
Last updated: June 2026
1. Introduction
At Schedulr ("we," "our," or "us"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data, calendar data, and other information when you use our website, web application, mobile applications, and services (collectively, the "Services").
By accessing or using our Services, you consent to the collection, transfer, storage, disclosure, and use of your information as described in this Privacy Policy. If you do not agree with any terms of this policy, please do not use our Services.
2. Information We Collect
We collect information about you in three ways: directly from your input, from third-party integrations (such as calendar providers), and automatically through your use of the Services.
2.1 Personal Information You Provide:
- Account Registration Data: When you register a host account, we collect your name, email address, password, timezone, profile image, and scheduling preferences.
- Billing Information: If you sign up for a paid subscription or collect payments on bookings, our third-party billing processors (Stripe/Paystack) collect your credit card number, billing address, and transaction details. Schedulr does not store raw credit card credentials on our servers.
- Support Communications: When you contact our customer support, we collect your email address, message contents, and attachments.
2.2 Information from Calendar and Conferencing Integrations:
To provide core scheduling capabilities, you can choose to connect Schedulr to your third-party calendar providers (Google Calendar, Microsoft Outlook). If you do, we collect and store:
- Authentication Credentials: Secure OAuth access and refresh tokens used to authenticate and connect Schedulr with your provider.
- Calendar Metadata: The names and IDs of your calendars to allow you to configure which calendars Schedulr should read or write to.
- Calendar Event Data: Event start times, end times, event status (busy/free), summary, description, and attendee emails. We read this data solely to detect schedule conflicts and to block off booked slots.
2.3 Information Collected Automatically:
When you navigate our website or app, we automatically collect certain technical information:
- Log and Usage Data: IP address, browser type, device type, operating system, pages visited, time spent, referring URL, and generic usage patterns.
- Cookies and Tracking Technologies: We use essential cookies to maintain user sessions and authorize account settings. You can control the use of cookies via your individual browser settings.
3. Google API Scopes and Limited Use Disclosure
Schedulr's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
We specifically use Google Calendar scopes (`https://www.googleapis.com/auth/calendar` or `https://www.googleapis.com/auth/calendar.events`) to allow hosts to sync Schedulr events with Google Calendar. We do not transfer this data to third parties for marketing, advertising, or profiling purposes.
4. How We Use Your Information
We use your information for the following business and commercial purposes:
- To Provide the Services: Processing and booking appointments, checking calendar conflicts in real-time, syncing meetings, and sending booking confirmations.
- To Send Transactional Notifications: Automating confirmation emails, calendar `.ics` invites, and scheduled reminders (24 hours and 1 hour before meeting slots) to both hosts and attendees.
- To Enable Video Conferencing: Interfacing with Google Meet, Microsoft Teams, and Zoom APIs to dynamically generate conferencing links on booking confirmation.
- To Process Payments: Enabling paid booking links and managing recurring SaaS subscriptions via Stripe and Paystack.
- To Secure and Improve Services: Monitoring app performance, detecting fraudulent/abusive actions, troubleshooting technical errors, and improving overall UI/UX.
No Advertising Use: We do not use, sell, rent, or lease your calendar events, emails, or personal contacts to third-party advertisers or data brokers under any circumstances.
5. Data Sharing and Disclosure
We may share your information under the following limited circumstances:
- Between Hosts and Attendees: Scheduling inherently requires sharing details. When an attendee books an event, their name, email, timezone, and answers to custom questions are shared with the host. Similarly, the host’s schedule details and meeting links are shared with the attendee.
- With Third-Party Service Providers: We employ trusted third-party companies to perform support functions (e.g., cloud hosting via AWS/Heroku, transactional email delivery via Resend/Postmark, and payment processors like Stripe). These providers have access to your data only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose.
- For Legal Requirements: We may disclose information if required to do so by law, court order, or subpoena, or if we believe in good faith that such action is necessary to protect the rights, property, or safety of Schedulr, our users, or the public.
- Business Transfers: If Schedulr is involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as a business asset. We will provide notice before your personal data is transferred and becomes subject to a different Privacy Policy.
6. Data Security and Encryption
The security of your data is of paramount importance to Schedulr. We employ industry-standard administrative, physical, and technical measures to protect your personal and calendar data:
- Encryption at Rest: All database data and highly sensitive credentials (such as OAuth refresh and access tokens) are stored using AES-256 encryption.
- Encryption in Transit: All data transmitted between your browser and our servers is secured using SSL/TLS (HTTPS) encryption protocols.
- Access Controls: Access to database systems is strictly limited to authorized Schedulr engineers on a need-to-know basis, monitored by access logs.
Please note that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
7. Your Data Rights and Choices (GDPR & CCPA Compliant)
Depending on your location, you may have certain statutory rights regarding your personal data. These rights include:
- The Right of Access: You can request a copy of the personal data we hold about you.
- The Right to Rectification: You can edit your account settings and profile details directly from your dashboard to correct inaccurate information.
- The Right to Erasure (Deletion): You can request that we delete your account and all associated personal data. Upon receiving a valid deletion request, we will permanently purge your database records and disconnect/revoke all calendar OAuth tokens.
- The Right to Object/Restrict Processing: You can revoke authorization for our application to access your Google or Microsoft accounts at any time through Schedulr's integration dashboard or via your Google Account/Microsoft Security settings.
To exercise any of these rights, please contact our privacy compliance officer at [email protected]. We will respond to your request within thirty (30) days.
8. Retention of Information
We retain your personal and calendar data only for as long as your Schedulr account is active or as needed to provide you with the Services. If you wish to close your account, you can request account deletion, and Schedulr will delete or anonymize your data within 30 days, except for data we are required to retain under applicable laws (such as billing invoice history for taxation compliance).
9. Children's Privacy
Our Services are not designed for or directed at children under the age of 13 (or under 16 in the European Economic Area). We do not knowingly collect personal data from children. If you believe we have accidentally collected personal data from a child, please contact us immediately so we can take steps to remove that information from our servers.
10. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top.
If we make material changes to how we collect, store, or use your information, we will notify you by sending an email to our registered hosts or by posting a prominent alert inside your Schedulr user dashboard prior to the change becoming effective.
11. Contact Us
If you have any questions, comments, or complaints about this Privacy Policy, or if you wish to submit a data request, please reach out to us:
Schedulr Privacy Team
Email: [email protected]