Privacy Policy

1. Introduction

SwiftCal ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our scheduling platform at swift-cal.com (the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account via Google OAuth, we collect:

• Your name and email address
• Profile picture (from your Google account)
• Timezone and scheduling preferences you configure

2.2 Booking Information

When bookings are made through the Service, we collect:

• Guest name and email address
• Booking date, time, and timezone
• Meeting notes and answers to custom questions
• Cancellation and rescheduling activity

2.3 Calendar Data

If you connect your Google Calendar, we access your calendar events solely to check availability and prevent double-bookings. We do not store the content of your existing calendar events.

2.4 Payment Information

Payment processing is handled entirely by Stripe. We do not store credit card numbers or bank account details. We retain Stripe customer and subscription identifiers to manage your account.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Service
• Process bookings and send confirmation emails
• Create and manage calendar events on your behalf
• Process subscription payments and host payouts
• Send transactional emails (booking confirmations, cancellations, reminders)
• Respond to support requests
• Detect and prevent fraud or abuse

We do not sell your personal information. We do not send marketing emails unless you explicitly opt in.

4. Third-Party Services

We use the following third-party services to operate SwiftCal:

• Google OAuth & Google Calendar API — Authentication and calendar integration
• Stripe — Payment processing for subscriptions and booking payments
• Resend — Transactional email delivery
• Supabase — Database hosting

Each third-party service has its own privacy policy governing their use of your data.

5. Data Retention

We retain your account data for as long as your account is active. Booking records are retained for the duration of your account to provide booking history. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or financial compliance purposes.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

• Encryption in transit (TLS/HTTPS)
• Encrypted database connections
• Secure authentication via OAuth 2.0
• Regular security reviews

However, no method of electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access — Request a copy of the personal data we hold about you
• Correction — Request correction of inaccurate data
• Deletion — Request deletion of your personal data
• Portability — Request your data in a portable format
• Objection — Object to certain processing of your data

To exercise any of these rights, please contact us.

8. Cookies

We use essential cookies only, required for authentication and session management. We do not use tracking cookies, analytics cookies, or advertising cookies.

9. Children's Privacy

The Service is not intended for use by anyone under the age of 16. We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us.