Privacy Policy

At Chronos, your privacy is important to us. This Privacy Policy outlines how we collect, use, and protect your information when you use our application.

How We Access, Use, Store, and Share Google User Data

When you sign in with Google or connect your Google Calendar, we access and use Google user data only as described below. Our use of this data is limited to the practices in this Privacy Policy and conforms to Google's API Services User Data Policy and Limited Use requirements.

  • Access: We access your Google account email, profile (name and picture), and calendar events via Google OAuth and the Google Calendar API (read access; if we add calendar write access in the future, we will disclose it here and in our OAuth consent screen).
  • Use: We use this data only to provide Chronos: to display and sync your calendar in our app, power the AI scheduling assistant, manage your account, and enable team features. We do not use Google user data for advertising, and we never sell it.
  • Storage: We store your email, name, profile picture, and a copy of calendar event data (synced from Google) on our secure servers for as long as your account is active, and as set out in the Data Retention section below.
  • Sharing: We do not sell or share Google user data with third parties for their marketing. We share only what is necessary: (1) with OpenAI we send calendar event summaries and your commands to provide the AI assistant; (2) with Resend we send your email address to deliver transactional emails; (3) with Stripe we share billing-related data if you subscribe. We do not allow humans to read your Google content except for security, legal compliance, or with your consent (e.g. support).

You can revoke our access to your Google data at any time via your Google Account settings. For more detail, see the sections below.

1. Information We Collect

When you use Chronos, we collect and access the following types of information:

Google Calendar Data

We access your Google Calendar to:

  • Read your calendar events to display them in the Chronos interface
  • Create, update, and delete calendar events based on your actions and AI assistant commands
  • Synchronize events between your Google Calendar and Chronos
  • Detect scheduling conflicts and suggest optimal meeting times

Email Address

We collect your email address from your Google account to:

  • Create and manage your Chronos account
  • Send you important notifications about your calendar and account
  • Send team invitations and collaboration updates
  • Provide customer support and respond to your inquiries
  • Send billing and subscription-related communications (if applicable)

Profile Information

We collect your profile information from your Google account, including:

  • Your name (for personalization and team collaboration)
  • Your profile picture (for display in team features and chat)
  • Account preferences and settings

Usage Data

We may collect information about how you interact with Chronos, including: features used, AI assistant interactions, and performance metrics. This data helps us improve the service and fix issues.

2. Why We Access This Data

We access your data solely to provide and improve Chronos' core functionality:

  • Calendar Management: To display, create, update, and synchronize your calendar events
  • AI-Powered Scheduling: To enable our AI assistant to understand your schedule, suggest optimal meeting times, detect conflicts, and provide intelligent scheduling recommendations
  • Team Coordination: To facilitate team calendar sharing, find common availability, and coordinate schedules between team members
  • Account Management: To create and maintain your account, authenticate you, and provide personalized experiences
  • Service Improvement: To analyze usage patterns, identify bugs, and enhance the overall user experience
  • Communication: To send you important notifications, team updates, and support communications

Important: We never sell your personal data. We only use your information to provide Chronos' services and improve your scheduling experience.

3. Third-Party Services and Data Sharing

Chronos integrates with the following third-party services to provide core functionality:

Google (OAuth & Calendar API)

We use Google's OAuth service for authentication and the Google Calendar API to access and manage your calendar events. Google's use of your information is governed by their Privacy Policy.

Data shared with Google (OAuth): We use Google OAuth; Google receives authentication requests and the scopes we request (e.g. email, profile, calendar read access). We do not send your data to Google for purposes other than authentication and calendar API access.

Stripe (Payment Processing)

If you subscribe to a paid plan, we use Stripe to process payments securely. Stripe handles all payment information and does not share your full payment details with us.

Data shared: Email address, subscription plan, billing address (for invoicing)

OpenAI (AI Assistant)

Our AI assistant uses OpenAI's API to process natural language commands and generate intelligent scheduling suggestions. We send your calendar context and commands to OpenAI, but we do not send your full calendar data.

Data shared: Calendar event summaries, user commands, scheduling context

Note: OpenAI's use of data is governed by their Privacy Policy. We do not use your data to train OpenAI's models.

Resend (Email Delivery)

We use Resend to send transactional emails (team invitations, notifications, etc.).

Data shared: Email addresses, email content

All third-party services are required to maintain appropriate security measures and comply with applicable privacy laws. We only share the minimum amount of data necessary for each service to function.

4. Data Retention Periods

We retain your data for the following periods:

  • Active Accounts: We retain all data while your account is active and in use
  • Deleted Accounts: Upon account deletion request, we permanently delete your data within 30 days
  • Inactive Accounts: If your account is inactive for 2 years, we may delete your data after sending a notification
  • Team Events: Team calendar events may remain in the database after your account deletion if you were a team member (not owner), as they belong to the team
  • Legal Requirements: We may retain certain data longer if required by law or for legitimate business purposes (e.g., billing records)
  • Backup Data: Deleted data may persist in backups for up to 90 days before being permanently removed

5. How to Request Data Deletion

You have the right to request deletion of your personal data at any time. Here's how:

Option 1: Self-Service Deletion (Recommended)

You can delete your account and all associated data directly through our API:

  1. Visit your account settings page
  2. Navigate to the Privacy section
  3. Click "Delete My Account" or use the API endpoint: POST /api/privacy/delete
  4. Confirm the deletion request

Note: If you own any teams, you must transfer ownership or delete the teams before you can delete your account.

Option 2: Email Request

Send an email to support@chronoscalendar.com with:

  • Subject line: "Account Deletion Request"
  • Your account email address
  • Confirmation that you want to permanently delete your account

We will process your request within 30 days and confirm deletion via email.

What Gets Deleted

  • Your user account and profile information
  • All personal calendar events
  • Your settings and preferences
  • Reminders and saved locations
  • Team memberships (you will be removed from teams)
  • Chat messages you sent
  • Usage statistics
  • Google Calendar connection (OAuth tokens revoked)

What Gets Preserved (Legal Requirements)

For legal and compliance purposes, we are required to retain certain financial records:

  • Billing and transaction records (Stripe customer ID, subscription history)
  • Payment receipts and invoices (stored in Stripe)
  • These records are anonymized and retained for tax and legal compliance

6. Security Measures

We take reasonable measures to protect your data:

  • Encryption: All data is encrypted in transit (HTTPS/TLS) and at rest (database encryption)
  • Authentication: Secure OAuth 2.0 authentication through Google
  • Access Controls: Limited access to your data on a need-to-know basis
  • Regular Security Audits: We regularly review and update our security practices
  • Secure Infrastructure: Our servers are hosted on secure, compliant cloud infrastructure

7. Your Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of all your personal data via /api/privacy/export
  • Deletion: Request complete deletion of your data via /api/privacy/delete
  • Correction: Update your profile information through your account settings
  • Revoke Access: Revoke Google Calendar access through your Google Account settings
  • Data Portability: Export your data in JSON format at any time

8. Contact Us

For privacy-related questions or concerns, please contact us at:

Email: support@chronoscalendar.com

This policy may be updated from time to time. Last updated: 2/3/2026.