Privacy Policy

At Time Insights, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our calendar analytics service.

1. Information We Collect

1.1 Information You Provide

• Account Information: When you sign up through Google OAuth, we collect your name, email address, and profile picture from your Google account.
• Payment Information: When you subscribe to our Basic tier, payment information is processed by Stripe. We do not store your credit card details on our servers.

1.2 Calendar Data

• Google Calendar Access: With your explicit permission, we access your Google Calendar data including event titles, times, attendees, locations, and descriptions.
• Data Processing: Calendar analysis is performed client-side in your browser. Your raw calendar event data is never permanently stored on our servers.
• OAuth Tokens: We securely store encrypted Google OAuth tokens to enable automatic calendar syncing.

1.3 Automatically Collected Information

• Usage Data: We collect information about how you interact with our service, including features used and pages viewed.
• Session Information: Login times, session duration, IP addresses, and browser information.
• Cookies: We use essential cookies for authentication and session management.

2. How We Use Your Information

We use your information to:

• Provide, maintain, and improve our calendar analytics service
• Process your subscription payments and manage billing
• Sync and analyze your calendar data to generate insights
• Communicate with you about your account, updates, and support
• Detect and prevent fraud or unauthorized access
• Comply with legal obligations
• Improve our service through aggregated, anonymized analytics

3. Data Storage and Security

3.1 Storage Location

• Your account information and OAuth tokens are stored in our secure database
• Calendar event data is processed in your browser and not permanently stored
• We may temporarily cache calendar data to improve performance, but this is regularly cleared

3.2 Security Measures

• All data transmission uses HTTPS encryption
• OAuth tokens are encrypted at rest
• Database connections use SSL/TLS encryption
• Access to user data is restricted to authorized personnel only
• Regular security audits and updates

3.3 Data Retention

• Account data is retained while your account is active
• After account deletion, your data is permanently removed within 30 days
• Backup copies may persist for up to 90 days for disaster recovery purposes
• Billing records are retained for 7 years to comply with tax regulations

4. Sharing Your Information

We do not sell, rent, or trade your personal information. We only share your data in the following limited circumstances:

4.1 Third-Party Service Providers

• Google: We use Google OAuth for authentication and access your calendar data with your permission
• Stripe: Payment processing for subscriptions (Stripe's privacy policy applies to payment data)
• Hosting Providers: Our infrastructure partners who help us deliver the service

4.2 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or to protect our rights, property, or safety.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner with advance notice to you.

5. Your Rights and Choices

5.1 Access and Control

• Access: You can view your account information in your Account Settings
• Update: You can update your profile information at any time
• Export: Basic tier users can export their calendar analysis data as CSV
• Delete: You can delete your account at any time from Account Settings

5.2 Google Calendar Access

• You can disconnect your Google Calendar at any time from Account Settings
• You can revoke Time Insights' access through your Google Account settings
• Disconnecting will delete all cached calendar data from our servers

5.3 Marketing Communications

• We may send you service updates and account notifications
• You can opt out of promotional emails at any time
• Essential service emails (e.g., billing, security) cannot be disabled

6. Children's Privacy

Our service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will delete it immediately.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our service, you consent to such transfers.

8. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information (we do not sell your data)
• Right to request deletion of personal information
• Right to non-discrimination for exercising your rights

9. European Privacy Rights (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation:

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent at any time

10. Cookies and Tracking Technologies

We use the following types of cookies:

• Essential Cookies: Required for authentication and session management
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how you use our service (if implemented)

You can control cookies through your browser settings, but disabling essential cookies may limit functionality.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Posting a notice on our website
• Sending an email to your registered address
• Updating the "Last Updated" date at the top of this policy

Continued use of our service after changes indicates acceptance of the updated policy.

12. Data Protection Officer

For privacy-related inquiries, you can contact our Data Protection Officer using the contact information below.