Privacy Policy

Introduction

At calendar.dev, we are committed to maintaining the highest standards of data privacy and security, especially given our focus on serving security-conscious organizations. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you use our secure transcription and summarization services.

We've designed our services with privacy-first principles, incorporating on-premises deployment options, cryptographic proofs, immutable audit trails, and Bring Your Own Key (BYOK) encryption to ensure your sensitive meeting content remains protected and compliant with industry regulations.

Information We Collect

Depending on how you use our services, we may collect the following types of information:

• Account Information: When you register for calendar.dev, we collect basic information such as your name, email address, organization name, and password (stored in encrypted form).
• Meeting Audio and Transcripts: Our core service processes audio recordings of meetings to generate transcriptions and summaries. With our on-premises deployment option, this data can remain entirely within your organization's infrastructure.
• Usage Information: We collect anonymized metrics about how our services are used, including feature usage patterns and performance data to improve our product.
• Technical Information: We collect information about the devices and networks used to access our services, including IP addresses, browser types, and operating systems to ensure security and service optimization.

How We Use Your Information

We use the information we collect for the following purposes:

• Providing and maintaining our secure transcription and summarization services
• Generating cryptographic proofs and audit trails for content verification
• Improving and personalizing your experience with our platform
• Communicating with you about your account, updates, or customer support
• Ensuring the security and integrity of our services
• Complying with legal obligations and enforcing our terms of service

Our Security Approach

Security is at the core of calendar.dev's design. We implement the following measures to protect your data:

• On-Premises Deployment: Enterprise clients can deploy our solution entirely within their own infrastructure, ensuring sensitive data never leaves your environment.
• Cryptographic Proofs: We use advanced cryptography to create verifiable proofs of transcript accuracy and authenticity, integrated with Chainlink for validation.
• Immutable Audit Trails: All actions and access to your data are logged in tamper-evident audit trails.
• BYOK Encryption: You can use your own encryption keys to ensure only authorized personnel within your organization can access your data.
• SOC 2 Type II Compliance: Our infrastructure and practices adhere to rigorous security, availability, and confidentiality standards.

Data Sharing and Disclosure

We limit sharing of your information to the following circumstances:

• With Your Consent: We will share information when you explicitly authorize us to do so.
• Service Providers: We may engage trusted third parties to help deliver our services, all of whom are bound by strict confidentiality and data protection agreements.
• Legal Requirements: We may disclose information if required to do so by law or in response to valid legal processes.
• Business Transfers: If calendar.dev is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

We never sell your data to third parties for marketing or advertising purposes.

Your Data Rights

Depending on your location, you may have certain rights regarding your personal information:

• Accessing and obtaining a copy of your data
• Rectifying inaccurate information
• Requesting deletion of your data
• Restricting or objecting to certain processing activities
• Data portability (receiving your data in a structured, machine-readable format)
• Withdrawing consent where processing is based on consent

To exercise these rights, please contact us at privacy@calendar.dev.

Data Retention

For cloud-based deployments, we retain your account information for as long as your account remains active or as needed to provide you with our services. Meeting data is retained according to your organization's configured retention policies.

For on-premises deployments, data retention is entirely under your control and governed by your organization's policies.

We may retain certain information as required by law or for legitimate business purposes. When we no longer have a legitimate business need to process your personal information, we will delete or anonymize it.

International Data Transfers

calendar.dev is headquartered in the United States, and your information may be processed in countries where we operate or where our service providers are located. These countries may have different data protection laws than your country of residence.

When transferring data across borders, we implement appropriate safeguards to ensure your information receives adequate protection. For clients requiring data localization, our on-premises deployment option ensures your data remains within your designated geographic boundaries.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

privacy@calendar.dev
Calendar.dev, Inc.
122 E. 42nd Street,
Suite 4300
New York, NY 10168
United States