Back to Home

Privacy Policy

Last updated: August 04, 2025

1. Introduction

Tymeslot is an open-source meeting scheduling platform operated as a cloud-based SaaS service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service, in compliance with the EU General Data Protection Regulation (GDPR) and applicable data protection laws.

2. Information We Collect

Personal Information

When you create an account or book a meeting, we collect:

  • Your name and contact information
  • Email address
  • Profile information and preferences
  • Meeting details and notes
  • Timezone and scheduling preferences
  • Integration credentials (encrypted)

Technical Information

We automatically collect:

  • IP address
  • Browser type and version
  • Device information
  • Usage data and analytics

3. Legal Basis and How We Use Your Information

Under GDPR, we process your personal data based on the following legal bases:

  • Contract performance: To provide scheduling services and manage your account
  • Legitimate interest: To improve our service, ensure security, and prevent fraud
  • Consent: For optional features like marketing communications
  • Legal obligation: To comply with applicable laws and regulations

We use your information to:

  • Provide the core scheduling and calendar integration services
  • Send transactional emails (confirmations, reminders, updates)
  • Enable multi-provider video conferencing
  • Maintain service security and prevent abuse
  • Improve our open-source platform

4. Data Sharing and Disclosure

We share your information only with:

  • Meeting Participants: Your name and contact details with other meeting attendees
  • Service Providers: Email services, video conferencing providers, calendar integrations
  • Legal Requirements: When required by law or to protect our rights

We never sell your personal information to third parties.

5. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encrypted data transmission (HTTPS)
  • Secure database storage
  • Regular security updates
  • Access controls and authentication
  • Rate limiting to prevent abuse

6. Data Retention

We retain your personal information for:

  • Active meetings: Until 30 days after the meeting date
  • Cancelled meetings: 7 days after cancellation
  • Email logs: 90 days
  • Technical logs: 30 days

7. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

  • Right of access: Request copies of your personal data
  • Right to rectification: Correct inaccurate information
  • Right to erasure: Request deletion of your data
  • Right to restrict processing: Limit how we use your data
  • Right to data portability: Transfer your data to another service
  • Right to object: Object to certain types of processing
  • Right to withdraw consent: For consent-based processing

To exercise these rights, please contact us using the information below.

8. Cookies and Tracking

We use essential cookies to:

  • Maintain session state
  • Remember your timezone preference
  • Ensure security (CSRF protection)

We do not use tracking cookies or third-party analytics that compromise your privacy.

9. International Data Transfers

Our service is primarily operated within the European Union. When data transfers outside the EU are necessary, we ensure adequate safeguards are in place, including Standard Contractual Clauses or adequacy decisions by the European Commission.

10. Children's Privacy

Our service is not intended for children under 16 years of age (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

11. Open Source Transparency

Tymeslot is an open-source project. You can review our code, security practices, and data handling procedures in our public repository. This transparency allows for community auditing and contributes to the security and trustworthiness of our platform.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page, updating the "Last updated" date, and where appropriate, notifying you via email.

13. Contact Us

If you have questions about this Privacy Policy, need to exercise your rights, or have concerns about your data, please contact us:

Contact Form

For GDPR compliance questions or to file a complaint with a supervisory authority, you may contact your local data protection authority.