Overview

MailToCal is an email-to-calendar automation service that helps you convert email invitations and scheduling requests into calendar events. This Privacy Policy explains how we collect, use, protect, and share your personal information when you use our service.

By using MailToCal, you agree to the practices described in this Privacy Policy. We are committed to protecting your privacy and maintaining the security of your personal information.

Information We Collect

Account Information

  • Email address: Used for account creation and communication
  • Display name: Optional display name for your account
  • Time zone: To properly schedule calendar events
  • Notification preferences: Your communication preferences

Google Account Integration

  • Google OAuth tokens: Secure tokens to access your Google Calendar
  • Calendar permissions: Scopes you've granted for calendar access
  • Calendar IDs: Identifiers for your Google Calendars

Email Processing Data

  • Email content: Emails forwarded for calendar event creation
  • Email metadata: Subject lines, sender information, timestamps
  • Processing logs: Records of email processing attempts and results

Usage Information

  • Service usage: How you interact with our platform
  • Error logs: Technical information to improve service reliability
  • Performance metrics: Anonymous usage statistics

How We Use Your Information

Core Service Functions

  • Parse emails to extract calendar event information
  • Create calendar events in your Google Calendar
  • Manage your account and preferences
  • Provide customer support

Service Improvement

  • Analyze usage patterns to improve our AI parsing accuracy
  • Identify and fix technical issues
  • Develop new features and enhancements

Communication

  • Send service-related notifications
  • Provide customer support responses
  • Share important updates about our service

Information Sharing

We do not sell, trade, or rent your personal information to third parties. We only share your information in the following limited circumstances:

Service Providers

  • Google Calendar API: To create and manage calendar events
  • Anthropic (Claude AI): To parse email content for event extraction
  • Supabase: For secure database hosting and authentication
  • Netlify: For application hosting and serverless functions

Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to protect our rights, property, or safety.

Data Security

We implement industry-standard security measures to protect your personal information:

Technical Safeguards

  • Encryption: All data is encrypted in transit and at rest
  • Access Controls: Row-level security policies restrict data access
  • Authentication: Secure OAuth 2.0 authentication flows
  • Token Management: Secure storage and automatic refresh of access tokens

Operational Security

  • Regular security audits and vulnerability assessments
  • Minimal data collection principle
  • Secure development practices
  • Regular backup and disaster recovery procedures

Google Calendar Integration

MailToCal integrates with Google Calendar to provide automated email-to-calendar functionality. This integration is essential for our core service of converting appointment emails into calendar events.

Data We Access

When you connect your Google account, MailToCal accesses:

  • Your Google Calendar events: To detect scheduling conflicts before creating new appointments
  • Calendar metadata: Including calendar names, time zones, and availability information
  • Event creation permissions: To add new calendar entries based on your email requests

How We Use This Data

Your Google Calendar data is used exclusively for:

  • Conflict Detection: Checking for overlapping appointments before creating new events
  • Event Creation: Adding new calendar entries from validated email appointment requests
  • Scheduling Intelligence: Ensuring appointments don't conflict with existing commitments
  • Time Zone Management: Properly scheduling events in your preferred time zone

Data Storage and Retention

  • Event IDs: We temporarily store Google Calendar event IDs for conflict resolution and tracking
  • No Event Content: We do not permanently store your calendar event details, descriptions, or attendee information
  • Processing Only: Calendar data is accessed only during email processing and conflict detection
  • Automatic Cleanup: Temporary data is automatically purged after processing completion

Data Protection

  • Secure Access: All Google Calendar API access uses OAuth 2.0 with encrypted connections
  • Limited Scope: We request only the minimum calendar permissions necessary for functionality
  • No Third-Party Sharing: Your calendar data is never shared with third parties or used for advertising
  • User Control: You maintain full control over your calendar data and can revoke access at any time

AI Processing of Google Calendar Data

MailToCal uses Anthropic's Claude AI to process email content for calendar event extraction. When you forward emails to MailToCal:

  1. Email content is sent to Claude AI for parsing appointment details
  2. Your Google Calendar data is accessed to check for scheduling conflicts
  3. No Google Calendar data is sent to AI services, only email content is processed by AI
  4. Calendar data remains within Google's ecosystem and is only used for conflict detection
  5. AI processing is limited to email parsing only calendar data stays secure within Google

This processing complies with Google API Services User Data Policy and Limited Use requirements.

Google API Compliance

MailToCal's use and transfer of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited use of user data requirements and Limited use of user data requirement of the Photos API User Data and Developer Policy.

Your Rights and Control

  • Access Revocation: You can revoke MailToCal's calendar access anytime via your Google Account settings at https://myaccount.google.com/permissions
  • Data Deletion: Revoking access immediately stops calendar data processing and removes stored event IDs
  • Service Impact: Removing calendar access will disable MailToCal's email-to-calendar automation features
  • Granular Control: You can choose which calendars MailToCal can access during the initial authorization

Compliance and Standards

This Google Calendar integration complies with:

  • Google's User Data Policy: Following all requirements for calendar data handling
  • OAuth 2.0 Standards: Using industry-standard secure authorization protocols
  • Data Minimization: Accessing only data necessary for declared functionality
  • Transparency: Clear disclosure of all data access and usage practices

Contact for Calendar Data Questions

For specific questions about how MailToCal handles your Google Calendar data:

  • Email: privacy@mailtocal.com
  • Support: support@mailtocal.com
  • Response Time: Within 48 hours for privacy-related inquiries

Email Processing

Our email processing is designed to be secure and privacy-focused:

Email Handling

  • Emails are processed only to extract calendar event information
  • Email content is sent to Claude AI for parsing but not stored permanently
  • We maintain processing logs for debugging and service improvement
  • Original email content is deleted after successful processing

AI Processing

  • Email content is processed by Anthropic's Claude AI service
  • Anthropic's privacy policy applies to this processing
  • No personal data is used to train AI models

Data Retention

We retain your information only as long as necessary to provide our services:

Retention Periods

  • Account data: Retained while your account is active
  • Processing logs: Retained for 90 days for debugging purposes
  • Calendar events: Event metadata retained to prevent duplicates
  • Error logs: Retained for 30 days for technical support

Data Deletion

When you delete your account, we remove all personal data within 30 days, except where required by law or for legitimate business purposes.

Your Rights

You have the following rights regarding your personal information:

Access and Control

  • Access: View and download your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal data
  • Portability: Export your data in a machine-readable format

Privacy Controls

  • Modify your notification preferences
  • Revoke Google Calendar permissions
  • Pause or disable email processing
  • Delete your account and all associated data

Cookies & Tracking

We use minimal cookies and tracking technologies:

Essential Cookies

  • Authentication cookies to maintain your login session
  • Security cookies to prevent cross-site request forgery
  • Preference cookies to remember your settings

Analytics

We may use privacy-focused analytics to understand how our service is used, but we do not track individual users or create detailed user profiles.

Third-Party Services

We integrate with the following third-party services:

Google Calendar

For calendar event creation and management

Google Privacy Policy

Anthropic Claude

For AI-powered email parsing

Anthropic Privacy Policy

Supabase

For secure data storage and authentication

Supabase Privacy Policy

Netlify

For application hosting and delivery

Netlify Privacy Policy

Policy Updates

We may update this Privacy Policy from time to time. When we make material changes, we will:

  • Update the "Last updated" date at the top of this policy
  • Notify you via email if you have an active account
  • Provide prominent notice on our website
  • For significant changes, request your consent where required by law

Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Email

privacy@mailtocal.com

Data Protection

For data protection inquiries and requests to exercise your privacy rights

Response Time

We will respond to privacy inquiries within 30 days