TimeOps
LoginGet Started Free

Privacy Policy

Last updated: February 26, 2026

1. Introduction

TimeOps ("we", "our", or "us") is a calendar aggregation service that pulls events from multiple calendar sources and pushes them to destination calendars. This Privacy Policy explains how we collect, use, and protect your information when you use our service.

2. Information We Collect

We collect the following types of information:

  • Account Information: Your email address and password when you create an account, or your Google account information if you sign in with Google.
  • Calendar Data: When you connect calendar sources (Google Calendar, Outlook, CalDAV, iCloud, Fastmail, or iCal/ICS feeds), we access and store calendar event data (event titles, times, locations, and metadata) to provide the synchronization service.
  • OAuth Tokens: We securely store OAuth access and refresh tokens to maintain your calendar connections. These tokens are encrypted at rest.
  • Usage Data: With your consent, we collect anonymized analytics data using a privacy-focused, EU-hosted analytics platform (PostHog) to improve the service.

3. How We Use Your Information

  • To provide calendar synchronization between your connected sources and destinations
  • To authenticate your identity and maintain your session
  • To send transactional emails related to your account (e.g., password resets, verification)
  • To improve and maintain the service (with anonymized analytics, when consented)

4. Calendar Integration Disclosure

TimeOps connects to calendar providers such as Google Calendar, Outlook, CalDAV, iCloud, and ICS feeds. Specifically, we request access to:

  • Calendar Events: To read events from your source calendars and write events to your destination calendars.
  • Calendar List: To display your available calendars so you can choose which ones to sync.
  • Account Identity: To identify your account and link your calendars to your TimeOps profile.

TimeOps handles all provider data in accordance with each provider's usage policies. For Google Calendar, our use and transfer of information adheres to the Google API Services User Data Policy, including the Limited Use requirements. For Microsoft Outlook, we comply with the Microsoft API Terms of Use. CalDAV, iCloud, and ICS credentials are encrypted at rest and used solely for synchronization.

5. Google API Services

TimeOps's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only request the calendar scopes necessary to read events from your Google Calendar (source) and write events to your Google Calendar (destination). We do not use your Google data for advertising or share it with third parties.

6. Data Storage and Security

  • Your data is stored in a PostgreSQL database with encrypted credentials
  • OAuth tokens and CalDAV credentials are encrypted at rest using AES-256 encryption
  • All connections to the service use HTTPS/TLS encryption in transit
  • We use one private, first-party session cookie for authentication

7. Third-Party Services

We use the following third-party services:

  • Google Calendar API: To read and write calendar events when you connect Google Calendar as a source or destination.
  • Microsoft Graph API: To read and write calendar events when you connect Outlook Calendar as a source or destination.
  • PostHog (EU-hosted): For privacy-focused product analytics, only with your explicit consent.
  • Resend: For transactional email delivery (account verification, password resets).

8. Data Retention and Deletion

We retain your data for as long as your account is active. You can delete your account and all associated data at any time through the settings page. When you disconnect a calendar source or destination, we delete the associated tokens and synced event data. Upon account deletion, all your data is permanently removed from our systems.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data and account
  • Disconnect any calendar source or destination at any time
  • Withdraw consent for analytics at any time
  • Revoke TimeOps's access to your Google or Microsoft account through their respective security settings

10. Cookies

We use a single, private first-party cookie for session authentication. We do not use third-party tracking cookies. Analytics cookies are only set with your explicit consent.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page with an updated date.

12. Contact

If you have any questions about this Privacy Policy, please contact us at privacy@timeops.cc.

Built by Kalu
Privacy·Terms·Changelog·Support