Privacy Policy

📋

1. Introduction

Tymeslot is an enterprise-grade meeting scheduling platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service, in compliance with the EU General Data Protection Regulation (GDPR) and applicable data protection laws.

📊

2. Information We Collect

👤

Personal Information

When you create an account or book a meeting, we collect:

Your name and contact information
Email address
Profile information and preferences
Meeting details and notes
Timezone and scheduling preferences
Integration credentials (encrypted at rest)

💻

Technical Information

We automatically collect:

IP address
Browser type and version
Device information
Usage data and analytics

💳

3. Payment and Billing Information

3.1 Payment Processing

When you subscribe to Tymeslot Pro, payment processing is handled by Stripe, Inc. We do not directly process or store your credit card information.

3.2 Information Stripe Collects

Stripe collects and processes:

Credit card information
Billing address
Email address
Transaction history

For details on how Stripe handles your data, see the Stripe Privacy Policy.

3.3 Information We Receive from Stripe

We receive limited information from Stripe necessary to manage your subscription:

Subscription status (active, canceled, past_due)
Subscription plan and billing period
Last 4 digits of your credit card
Billing email address
Customer ID (used to link your account to Stripe)

3.4 Tax Information

If you provide tax identification information (VAT number, tax ID), we store this information to comply with EU VAT regulations and tax reporting requirements.

⚖️

4. Legal Basis and How We Use Your Information

Under GDPR, we process your personal data based on the following legal bases:

📄

Contract performance: To provide scheduling services and manage your account

🎯

Legitimate interest: To improve our service, ensure security, and prevent fraud

✓

Consent: For optional features like marketing communications

⚖️

Legal obligation: To comply with applicable laws and regulations

We use your information to:

Provide the core scheduling and calendar integration services
Send transactional emails (confirmations, reminders, updates)
Enable multi-provider video conferencing
Maintain service security and prevent abuse
Improve our platform

🤝

5. Data Sharing and Disclosure

👥

Meeting Participants:

Your name and contact details with other meeting attendees

🔧

Service Providers:

Email services, video conferencing providers, calendar integrations

⚖️

Legal Requirements:

When required by law or to protect our rights

We never sell your personal information to third parties.

🔗

6. Third-Party Services

We use the following third-party services, each with their own privacy policies:

Stripe (Payment Processing)

• Purpose: Process subscription payments
• Data shared: Email, billing address, subscription plan
• Privacy Policy: https://stripe.com/privacy

🔒

7. Data Security

We implement industry-standard technical and organizational measures to protect your data:

🔐

Encrypted data transmission (HTTPS)

💾

Secure database storage with AES encryption for sensitive keys

🔄

Regular security updates and audits

🚪

Strict access controls and multi-factor authentication

⚡

Advanced rate limiting and DDoS protection

⏱️

8. Data Retention

We retain your personal information for:

📅 Active meetings:

Until 30 days after the meeting date

💎 Subscriptions:

Duration of subscription + 7 years (tax/legal)

❌ Cancelled meetings:

7 days after cancellation

📧 Email logs:

90 days

💳 Billing history:

7 years from cancellation date

📊 Technical logs:

30 days

✊

9. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

👁️

Right of access:

Request copies of your personal data

✏️

Right to rectification:

Correct inaccurate information

🗑️

Right to erasure:

Request deletion of your data

⏸️

Right to restrict processing:

Limit how we use your data

📦

Right to data portability:

Transfer your data to another service

🚫

Right to object:

Object to certain types of processing

↩️

Right to withdraw consent:

For consent-based processing

9.5 Payment Data Rights

You can view your subscription and billing history in your dashboard
You can update your payment method through your subscription settings
You can request deletion of payment data after subscription cancellation (subject to legal retention requirements)
For payment data managed by Stripe, you must contact Stripe directly

To exercise these rights, please contact us using the information below.

🍪

10. Cookies and Tracking

We use essential cookies to:

Maintain session state and authentication
Remember your timezone preference
Ensure security (CSRF protection)

We use privacy-first, cookie-less analytics that respect your anonymity. Your data stays within our ecosystem and is never sold or used for advertising.

🌐

11. International Data Transfers

Our service is primarily operated within the European Union. When data transfers outside the EU are necessary, we ensure adequate safeguards are in place, including Standard Contractual Clauses or adequacy decisions by the European Commission.

👶

12. Children's Privacy

Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

🔓

13. Open Source Transparency

Tymeslot is an open-source project. You can review our code and security practices in our public repository. This transparency allows for community auditing and contributes to the long-term security of our platform.

🔄

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

💬

15. Contact Us

If you have questions about this Privacy Policy or need to exercise your rights, please contact us:

Contact Us