Privacy Policy
Last updated: March 2025
CalGhost is a calendar sync tool that creates "Busy" blocks on your work calendar based on events from your personal calendar. Privacy isn't just a feature for us — it's the entire reason the product exists. Here's exactly what we collect, why, and what we do with it.
What we collect
CalGhost accesses the following data through your Google accounts:
- Your email addresses — to identify your personal and work Google accounts and link them together in our system.
- Calendar event times and durations — to know when to create "Busy" blocks on your work calendar.
- Calendar event titles — used only internally to match events to their corresponding "Busy" blocks for updates and deletions. Event titles are never written to your work calendar or shared with anyone.
That's it. We don't read your event descriptions, attendee lists, locations, or any other event metadata.
What we don't collect
- Event descriptions or notes
- Attendee names or email addresses
- Event locations
- Video call links (Google Meet, Zoom, etc.)
- Your contacts or address book
- Any data from your Gmail inbox
How we use your data
The data we collect is used for one purpose: syncing your personal calendar events to your work calendar as anonymous "Busy" blocks. Specifically:
- We read event times from your personal calendar to create or update "Busy" blocks on your work calendar.
- We store a mapping between your personal events and the corresponding "Busy" blocks we create, so we can update or delete them when your personal events change.
- We use your email address to authenticate you and associate your accounts with your CalGhost profile.
We do not use your data for advertising, analytics profiling, or any purpose other than providing the sync service.
We don't sell your data
We will never sell, rent, or trade your personal data to third parties. Ever. The business model is a subscription fee — not your data.
Data retention
We retain your account data (email addresses and event mappings) for as long as your account is active. When you delete your account, we delete all associated data from our systems within 30 days.
Sync logs (records of when syncs ran and whether they succeeded) are kept for 90 days for debugging purposes, then deleted.
Third-party services
CalGhost uses the Google Calendar API to read and write calendar data. Your use of CalGhost is also subject to Google's Privacy Policy.
We use standard infrastructure providers (hosting, databases) to operate the service. These providers process data on our behalf and are bound by data processing agreements.
How to delete your account and data
You can delete your account at any time from the dashboard. To request deletion of all your data, email us at privacy@calghost.com with the subject line "Delete my account." We'll confirm deletion within 7 days.
You can also revoke CalGhost's access to your Google accounts at any time via Google's account permissions page. This will stop syncing immediately.
Security
We store your Google OAuth tokens encrypted using AES-256-GCM. Access tokens are refreshed automatically and stored only as long as necessary for sync operations.
Contact
Questions about this policy? Email privacy@calghost.com.