byendofday.com
Privacy Policy
Effective Date: August 25, 2025
Last Updated: August 25, 2025
This Privacy Policy describes how byendofday.com ("we," "us," or "our") collects, uses, and protects your information when you use our calendar analytics service available at byendofday.com.
1. Information We Collect
1.1 Google Calendar Data
When you authorize byendofday.com to access your Google Calendar, we collect the following information:
- Calendar Events: Event titles, descriptions, start/end times, locations, and attendee information
- Calendar Metadata: Calendar names, colors, and sharing settings
- Recurring Event Patterns: Information about recurring events and their schedules
- Event Status: Whether events are confirmed, tentative, or cancelled
1.2 Account Information
- Email address (from Google OAuth)
- Name and profile information (from Google OAuth)
- Account preferences and settings
- Subscription and billing information
1.3 Usage Information
- Log data including IP addresses, device information, and browser details
- Feature usage patterns and analytics interactions
- Performance metrics and error reports
2. How We Use Your Information
2.1 Primary Services
We use your calendar data exclusively to provide our analytics services:
- Generate meeting pattern analyses and productivity insights
- Create time allocation reports and scheduling recommendations
- Provide team collaboration analytics and optimization suggestions
- Generate custom reports on calendar utilization
2.2 Service Improvement
- Improve our analytics algorithms and reporting accuracy
- Enhance user experience and platform performance
- Develop new features based on aggregated usage patterns
Important: We never use your calendar data for advertising, marketing to third parties, or any purpose unrelated to providing calendar analytics services.
3. Google API Compliance
byendofday.com's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
3.1 Minimal Access
- We request only the minimum Google Calendar API scopes necessary for our service
- We use read-only access (calendar.readonly scope) and do not modify your calendar data
- We do not request access to other Google services beyond Calendar API
3.2 Secure Handling
- All API access tokens are encrypted and stored securely
- We implement proper OAuth 2.0 flows with secure token refresh mechanisms
- All data transmission occurs over HTTPS connections
4. Data Storage and Security
Privacy-First Architecture: The majority of your calendar data is processed and stored locally in your browser and never transmitted to or stored on our servers. This ensures maximum privacy and security of your sensitive calendar information.
4.1 Local Browser Storage
- Client-Side Processing: Most analytics calculations are performed directly in your browser
- Local Data Storage: Calendar events and analytical data are stored in your browser's secure local storage
- No Server Transmission: Raw calendar data typically remains on your device and is not sent to our servers
- User Control: You maintain complete control over your data, stored locally on your device
4.2 Minimal Server Data
We only store the following minimal information on our servers:
- User account information (email, name, preferences)
- OAuth tokens (encrypted and securely stored)
- Subscription and billing information
- Aggregated, anonymized usage statistics (no personal calendar data)
4.3 Security Measures
- Browser Security: All local data uses browser security mechanisms and encryption
- Encrypted Transmission: Any data transmission occurs over HTTPS connections with TLS 1.3
- Access Controls: Strict role-based access controls for any server-stored data
- Infrastructure: Enterprise-grade cloud infrastructure with regular security audits
- Authentication: Multi-factor authentication required for all administrative access
4.4 Data Retention
- Local browser data persists until you clear your browser storage or uninstall the application
- Server-stored account data is retained only as long as necessary to provide our services
- Account data is automatically deleted within 30 days after account termination
- You can clear all local data immediately at any time through your browser or our application
5. Data Sharing and Third Parties
5.1 No Data Selling
We never sell, rent, or trade your personal information or calendar data to third parties.
5.2 Service Providers
We may share data with trusted service providers who assist in operating our service:
- Cloud hosting providers (with data processing agreements)
- Payment processors (for billing information only)
- Customer support tools (with limited access to necessary information)
5.3 Legal Requirements
We may disclose information when required by law, court order, or to protect the rights, property, or safety of our users or others.
6. Your Rights and Controls
6.1 Access and Portability
- Request a copy of all personal data we hold about you
- Export your analytics reports and processed data
- Access your data usage and sharing history
6.2 Correction and Deletion
- Correct inaccuracies in your account information
- Request deletion of your account and all associated data
- Withdraw consent for data processing at any time
6.3 OAuth Revocation
You can revoke byendofday.com's access to your Google Calendar at any time through:
- Your byendofday.com account settings
- Google Account permissions at myaccount.google.com
7. International Data Transfers
Your data may be processed in countries other than your own. When we transfer data internationally, we ensure adequate protection through:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions for countries with equivalent data protection laws
- Binding Corporate Rules for internal data transfers
8. GDPR Compliance (EU Residents)
8.1 Legal Basis for Processing
- Contract Performance: Processing necessary to provide our analytics services
- Consent: Your explicit consent for Google Calendar data access
- Legitimate Interests: Service improvement and security (with appropriate balancing)
8.2 Additional GDPR Rights
- Right to object to processing
- Right to restrict processing
- Right to data portability
- Right not to be subject to automated decision-making
9. CCPA Compliance (California Residents)
9.1 Categories of Information Collected
- Identifiers (email, name)
- Calendar and scheduling information
- Usage and interaction data
- Commercial information (subscription details)
9.2 California Consumer Rights
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of the sale of personal information (we don't sell data)
- Right to non-discrimination for exercising CCPA rights
10. Cookies and Tracking
10.1 Essential Cookies
We use cookies necessary for service functionality:
- Authentication and session management
- Security and fraud prevention
- User preferences and settings
10.2 Analytics Cookies
We use privacy-focused analytics to understand service usage and improve user experience. You can opt out of analytics tracking in your account settings.
11. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will:
- Notify you via email for material changes
- Update the "Last Updated" date at the top of this policy
- Provide at least 30 days notice before changes take effect
12. Contact Information
Privacy Questions or Requests
Email: privacy@byendofday.com
Support: support@byendofday.com
Mailing Address:
byendofday.com - End of Day
Attn: Privacy Officer
[Your Business Address]
13. Data Protection Officer
For EU residents, you can contact our Data Protection Officer regarding privacy matters:
Email: dpo@byendofday.com
14. Supervisory Authority
EU residents have the right to lodge a complaint with their local supervisory authority if they believe our processing of their personal data violates the GDPR.
This Privacy Policy was last updated on August 25, 2025
Previous versions available upon request