CalRoute

Privacy Policy

Last updated: May 31, 2026

1. Overview

CalRoute ("we", "us", or "our") operates calroute.me. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information. By using CalRoute, you agree to this policy.

2. Information we collect

Account information: When you sign in with Google, we receive your name, email address, and profile photo from Google.

Google Calendar data: With your explicit permission, CalRoute accesses your Google Calendar free/busy information to determine your availability. We do not read, store, or process the titles, descriptions, or attendees of your calendar events — only whether a time slot is free or busy.

Booking information: When a customer books a meeting through CalRoute, we collect their name, email address, and any optional notes they provide. For phone call meetings, we also collect their phone number to facilitate the call.

3. How we use your information

  • To display your availability to people booking meetings with you
  • To create Google Calendar events when a booking is confirmed
  • To send confirmation emails to you and your customers
  • To route bookings to the correct team member based on availability

4. Google API data

CalRoute's use of Google Calendar data is limited to what is necessary to provide the scheduling service. Specifically:

  • We use read-only access to determine free/busy times
  • We use write access only to create calendar events for confirmed bookings
  • We do not share your Google data with any third parties
  • We do not use your Google data for advertising or marketing
  • Your Google OAuth tokens are stored securely and used solely to access your calendar on your behalf

CalRoute's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5. Data storage and security

Your data is stored in Google Firebase (Firestore), which is hosted in secure Google data centers. We use industry-standard encryption in transit (HTTPS) and at rest. OAuth tokens are stored encrypted and are used only to make calendar API requests on your behalf.

6. Data retention

We retain your account data for as long as your account is active. Booking records are retained for 3 months. You may request deletion of your data at any time by contacting us.

7. Third-party services

  • Google Calendar API — for reading availability and creating events
  • Firebase / Firestore — for authentication and data storage
  • Resend — for sending confirmation emails
  • Vercel — for hosting the application

8. Your rights

You may disconnect your Google Calendar at any time from the Settings page. You may also request access to, correction of, or deletion of your personal data by contacting us at the email below.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email. Continued use of CalRoute after changes constitutes acceptance of the updated policy.

10. Terms of Service

This Privacy Policy is complementary to our Terms of Service, which govern your use of CalRoute. Please review both documents to understand your rights and obligations.

11. Contact

For privacy-related questions or data requests, contact us at: info@calroute.me