Last updated: March 22, 2026
Calendarizer (“we”, “our”, “us”) is a booking management calendar application. This Privacy Policy explains how we collect, use, and protect information when you use our service.
Account Information: When your organization owner creates your account, we store your username, name, email address (optional), phone number (optional), and a hashed version of your password. We never store passwords in plain text.
Organization Data: We store organization names, unit (location) names, calendar configurations, and membership roles to manage access control.
Google Account Linking: When you link your Google account, we store your Google OAuth access token, refresh token, and token expiry to access Google Sheets on your behalf. We request the Google Sheets scope to read and write booking data in spreadsheets you have access to. We also store the email address associated with your Google account.
Google Sheets Data: We read booking information (guest names, phone numbers, party sizes, table assignments, notes, and times) from Google Sheets that you configure as calendars. We also write booking status updates (arrived, deleted) back to those sheets. Access is performed using your own Google OAuth credentials — we can only access sheets you have permission to view.
Usage Data: We collect standard server logs including IP addresses, browser type, and access times for security and operational purposes.
Your account and organization data is stored in a PostgreSQL database hosted on Google Cloud SQL with encryption at rest and in transit. Google OAuth tokens are stored in the database and used solely to access Google Sheets on your behalf. All connections use TLS/HTTPS.
Booking data remains in your Google Sheets — we do not copy or permanently store booking content in our database. We use a short-lived in-memory cache (30 seconds) to reduce API calls to Google Sheets.
You can unlink your Google account at any time from the Settings page, which removes your stored OAuth tokens.
Calendarizer's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only access Google Sheets data that you explicitly configure as calendars, and we do not use this data for any purpose other than displaying and managing bookings within the application.
We do not sell, rent, or share your personal information with third parties. Your data is only accessible to members within your organization. We use the following third-party services to operate:
Account data is retained for as long as your account is active. When an organization owner removes a member, we delete that member's association with the organization. Google OAuth tokens are removed when you unlink your Google account or when your account is deleted. Booking data is managed entirely within your Google Sheets and is subject to your own retention policies.
You have the right to:
Contact your organization owner to exercise these rights, or reach out to us directly.
We use a session cookie for authentication (JWT token). We use browser localStorage to remember your selected unit and calendar preferences per device. We do not use tracking cookies or third-party analytics.
We may update this Privacy Policy from time to time. We will notify users of significant changes through the application. The “Last updated” date at the top reflects the most recent revision.
If you have questions about this Privacy Policy, please contact us at [email protected].
© 2026 Calendarizer. All rights reserved.