Return to app

AvailCal Privacy Policy

Last updated: December 3, 2025

1. Who we are

AvailCal is a calendar and availability tool operated by Wayfinding Software Solutions LLC ("Wayfinding", "we", "us", or "our"). This Privacy Policy explains how we collect, use, and share information about you when you use our web application at https://use.availcal.app and any related services (the "Service").

If you have questions about this Policy or your data, contact us at brett@wayfinding.software.

2. What this Policy covers

This Policy covers information we collect when you use the Service, when you connect third-party services, and when you communicate with us. It also covers limited information we receive from third-party calendar providers you choose to connect. This Policy does not cover the privacy practices of third parties. Their own policies apply to their services.

3. Information you provide to us

We collect information that you provide directly, including:

  1. Account details such as your name, email address, password or authentication method, and your organization name if applicable.
  2. Preferences such as your time zone, theme, and display options.
  3. Communications with us, including support requests and feedback.
  4. Billing information if you subscribe to a paid plan (processed securely by our payment processor).
  5. Contacts that you add or that are created when you interact with events. Contacts include the name and email address of participants, stored so we can auto-populate fields and track usage counts. This information is restricted to your account and not visible to other users.
  6. Location strings you enter when creating or editing events. These are stored exactly as provided so they can be auto-populated in the future. They are also restricted solely to your account.

4. Information from connected calendars and third-party apps

To provide the Service, we allow you to connect calendars and external applications through OAuth or similar authorization systems. When you connect a provider such as Google, Microsoft, or Calendly, you authorize us to access information from that provider on your behalf.

Depending on the provider and the permissions you grant, we may receive:

  1. Calendar metadata such as calendar IDs, names, and time zones.
  2. Event metadata such as event IDs, start and end times, recurrence rules, and free or busy status.
  3. Minimal additional details required to compute and display your availability accurately.

Our goal is to focus on availability and free/busy computation. We generally store OAuth tokens and minimal metadata needed for syncing and performance. Some event information may be processed temporarily in memory or stored in encrypted caches that we cannot read without deliberate code changes.

You may disconnect any connected app at any time using AvailCal or the provider's own security settings. Disconnecting may limit or disable parts of the Service.

5. Information we collect automatically

When you use the Service, we automatically collect technical information such as your IP address, browser type, device and operating system, language preferences, pages you visit, the time and date of your requests, and how you interact with different parts of the Service. This information is collected through server logs, cookies, local storage, and similar mechanisms. For more details, see our Cookie Policy.

6. Analytics, session replay, and support tools

We use analytics and monitoring tools to understand how people use AvailCal and to diagnose problems. These tools may collect information such as which pages you visit, what parts of the interface you interact with, how long you stay on certain views, and your device and browser details.

Today, we use tools such as FullStory (session replay), Intercom (support and product messaging), Umami (analytics), and log and infrastructure providers. These tools are configured to avoid capturing the content of your calendar events unless explicitly allowed. Some session replay tools may still capture high-level time blocks to help us understand layout and usability. You can use AvailCal even if your browser blocks these tools. We use them only to improve the Service and never sell your data.

7. How we use your information

We use the information we collect for purposes such as:

  1. Providing and operating the Service, including computing and displaying your availability and helping you create and edit events.
  2. Connecting to and syncing with your calendars and other connected apps.
  3. Maintaining the security and reliability of the Service, including monitoring for abuse, debugging, and performance analysis.
  4. Communicating with you about the Service, including sending important notices and responding to support requests.
  5. Improving the Service, including analyzing how people use features and deciding what to build next.
  6. Meeting our legal, accounting, and compliance obligations.

8. Legal bases for processing (EU and UK users)

If you are in the European Economic Area or the United Kingdom, we process your personal data only when we have a valid legal basis. Depending on the context, this may include:

  1. Contract, when processing is necessary to provide the Service you requested.
  2. Legitimate interests, such as improving and protecting the Service, where those interests are not overridden by your rights.
  3. Consent, for example when you connect a calendar provider or enable analytics features.
  4. Legal obligation, when we need to comply with laws or respond to lawful requests.

9. Google API Services

When you connect Google services, our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. This means we use Google data only to provide or improve user-facing features in AvailCal and do not sell or share Google data for unrelated purposes.

10. When we share your information

We share your information only when necessary, such as:

  1. With service providers that help us operate the Service, including hosting, analytics, logging, session replay, and payments.
  2. With connected providers and recipients you choose, such as when you share availability or create events that include invitees.
  3. If we are involved in a merger, acquisition, or business transfer.
  4. When required by law or to protect our rights or the safety of others.

We do not sell your personal information and do not share it with third parties for their own advertising purposes.

11. How we store and protect your information

Your information is stored using secure hosting providers with encryption in transit and at rest. OAuth tokens and other secrets are stored securely. Contacts and location strings that you create are stored in plaintext for functionality, but are protected by our database security, encryption at rest, and strict access controls. Cached calendar data is stored in encrypted form and cannot be read without making deliberate code changes.

No system can be perfectly secure, but we use reasonable and appropriate measures to protect your information. If we learn of a security incident that affects your data, we will notify you where required by law.

12. How long we keep your information

We keep information only as long as necessary for the purposes described in this Policy:

  1. Account information is kept while your account is active and for a reasonable period afterward for backup, audit, and compliance purposes.
  2. Calendar metadata, contacts, and locations are kept while your account is active so that your views and event creation experience remain consistent. You may request deletion of account data at any time.
  3. Logs and analytics data may be retained for extended periods to maintain security, diagnose issues, enforce policies, and reconstruct important events such as consent or account access.

When data is no longer needed, we delete it or anonymize it.

13. Your choices and rights

You have choices regarding your information:

  1. You can access, update, or delete certain account information directly in the Service.
  2. You can disconnect connected apps at any time.
  3. You can block cookies or analytics scripts in your browser; the Service will still function.
  4. You can unsubscribe from non-essential emails.
  5. Depending on where you live, you may have additional rights such as requesting a copy of your data or asking us to delete or correct it. Contact us to exercise these rights.

14. International transfers

We are based in the United States and use service providers in multiple countries. Your information may be transferred to and processed in countries with different data protection laws. When required, we use appropriate safeguards such as contractual commitments.

15. Children

The Service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with information, contact us so we can delete it.

16. Changes to this Policy

We may update this Privacy Policy from time to time. When we do, we update the "Last updated" date. If changes are material, we will provide reasonable notice. Your continued use of the Service after updates means you accept the changes.

17. Contact

If you have questions or requests about this Privacy Policy, contact us at brett@wayfinding.software.