Privacy Policy
1. Super Calendar - Privacy Policy
1.1 Information Collection
We collect minimal personal data to operate the service:
1.1.1 Identification: name, email, account identifiers, and organization or space identifiers when provided.
1.1.2 Technical metadata: IP address, request metadata, user agent, language header or browser-provided local language settings, requested format, diagnostics, and abuse-prevention signals when necessary.
1.1.3 Operational data: spaces, feeds, notes, bookings, support messages, preferences, integration settings, and content created by a user or authorized organization.
1.2 Use of Data
We use data for authentication, calendar generation, synchronization, support, security, abuse prevention, operational statistics, diagnostics, and reliability improvements.
1.3 Anonymous Language and Location
For anonymous visitors, Super Calendar should not infer country, identity, language, timezone, or precise location from IP address for personalization. Explicit user choices, authenticated preferences, local browser language preferences, or configured integrations should take priority.
1.4 Security
We apply access controls, audit records, key restrictions, space isolation, and security practices proportionate to the sensitivity and risk of the processed data.
1.5 Sharing
Data may be sent to providers necessary for hosting, authentication, email, observability, notifications, calendars, status, storage, and configured integrations. We do not sell personal data.
1.6 Retention
Data is kept for as long as necessary for operation, security, legal obligations, audit, and user or organization preferences. Sensitive technical data should have limited retention whenever possible.
1.7 Contact
For questions regarding your data, contact the administrator through the official repository or provided support channel.
1.8 Legal bases and principles
Personal data processing should follow purpose limitation, adequacy, necessity, transparency, security, prevention, accountability, and other applicable principles. When required, processing may rely on contract performance, legal obligation, consent, legitimate interest, fraud prevention, security, exercise of rights, or another applicable legal basis.
1.9 Feeds, links, and external clients
WebCal links, ICS files, widgets, and integrations may be accessed by calendar applications, browsers, bots, external clients, or systems configured by the user. When a link contains private data, access to that link may allow anyone who received it or any client authorized by the user to view that data.
1.10 Data subject rights
Where applicable, a data subject may request confirmation of processing, access, correction, portability, deletion, anonymization, blocking, information about sharing, withdrawal of consent, objection, and review of automated decisions. Responses depend on secure identification of the requester and applicable legal and operational obligations.
1.11 Security incidents
Incidents that may create relevant risk or harm must be assessed and handled under applicable law. When necessary, affected data subjects and competent authorities must be notified through channels proportional to the risk and available information.
1.12 Children, teenagers, and sensitive data
Super Calendar should not be used to intentionally collect children's data, teenagers' data, or sensitive data without an appropriate basis, required authorization, and proportional controls. Educational, family, religious, health, or corporate spaces should configure permissions and content with additional care.
1.13 Updates and notices
Material updates to this policy must state the publication date and effective date. When registered users exist, notices must be sent only to real recipients obtained from confirmed authentication/profile records or through in-product notice, without fixed emails, simulated lists, or fake fallback behavior.