Privacy Policy

Last updated: July 1, 2026

1. Introduction

Karlendar ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our scheduling platform and related services.

By using Karlendar, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name and email address
  • Username and profile photo (optional)
  • Timezone preference
  • Password (stored securely using bcrypt hashing)

2.2 Booking Information

When meetings are scheduled through Karlendar, we collect:

  • Invitee names and email addresses
  • Meeting times, durations, and notes
  • Responses to custom intake questions
  • Cancellation and rescheduling information

2.3 Calendar Data

When you connect external calendars (Google Calendar, Microsoft Outlook), we access your calendar events solely to check for scheduling conflicts. We do not read the content of your calendar events beyond what is necessary for availability checking.

2.4 Usage Data

We automatically collect:

  • IP addresses and browser/device information
  • Pages visited and features used
  • Booking page views and conversion metrics

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our scheduling services
  • Send booking confirmations, reminders, and notifications
  • Check calendar availability and prevent double-bookings
  • Process payments for paid events (via Stripe)
  • Generate analytics and insights about your scheduling activity
  • Respond to your requests and provide customer support
  • Detect and prevent fraud, abuse, and security threats
  • Comply with legal obligations

4. Data Sharing

We do not sell your personal data. We may share information with:

  • Service providers: Email delivery (AWS SES), payment processing (Stripe), video conferencing (Zoom, Google Meet, Microsoft Teams)
  • Calendar providers: Google and Microsoft, when you connect your calendar
  • Your invitees: Your name, event details, and meeting link are shared with people who book with you
  • Legal requirements: If required by law, regulation, or legal process

5. Data Security

We implement industry-standard security measures to protect your data:

  • All data is encrypted in transit using TLS/SSL
  • Passwords are hashed using bcrypt with a cost factor of 12
  • OAuth tokens are encrypted at rest
  • Sessions are managed with secure, time-limited JWT tokens
  • Multi-factor authentication (MFA) is available for all accounts
  • We conduct regular security reviews and updates

6. Data Retention

We retain your data for as long as your account is active. When you delete your account, we remove your personal data within 30 days, except where we are required to retain it for legal or legitimate business purposes.

Booking records may be retained for up to 12 months after account deletion for audit and compliance purposes, after which they are permanently deleted.

7. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Export your data in a portable format
  • Withdraw consent at any time

To exercise any of these rights, please contact us at privacy@karlendar.com.

8. Cookies

We use essential cookies to maintain your session and preferences. We do not use third-party tracking cookies. Analytics data is collected server-side without cookies where possible.

9. Third-Party Integrations

When you connect third-party services (Google, Microsoft, Zoom, Stripe, CRM systems), those services have their own privacy policies. We recommend reviewing their policies. We only request the minimum permissions necessary for our service to function.

10. Children's Privacy

Karlendar is not intended for use by children under 16 years of age. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of our service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: