Privacy Policy

When you use chosencal, we store:

• Account identifiers — your name and email address from the OAuth provider you sign in with (Google or Microsoft).
• OAuth tokens — access and refresh tokens for each calendar account you connect, stored encrypted at rest in our database.
• Calendar metadata — event titles, times, attendees, and recurrence rules from connected calendars, cached locally to power the sync engine.
• Sync configuration — your chosen sync directions, calendar mappings, and scheduling preferences.

• Sell, rent, or share your data with third parties.
• Use your calendar data for advertising or profiling.
• Train AI models on your personal information.
• Access calendars you haven't explicitly connected.
• Retain your data after you delete your account.

chosencal polls your connected calendar providers every 20 seconds using the OAuth tokens you granted. Event data is cached in our database to detect changes and propagate them across your calendars. We only read and write events — we never modify calendar settings, contacts, or any data outside the calendar scope.

All data is stored in an SQLite database on infrastructure we control. OAuth tokens are stored alongside your account record. The database volume is persistent and backed up as part of normal server operations. If you self-host chosencal, your data never leaves your own machine.

We integrate with:

• Google Calendar API — to read and write events on your Google calendars. Subject to Google's Privacy Policy.
• Microsoft Graph API — to read and write events on your Outlook/Microsoft 365 calendars. Subject to Microsoft's Privacy Statement.
• CalDAV servers — direct protocol connections to Fastmail, Titan, Apple, or any CalDAV-compatible server you configure.

We use a single session cookie to keep you signed in. We do not use analytics trackers, advertising pixels, or fingerprinting. There is no cookie banner because there is nothing to consent to beyond the session cookie required for the app to function.

You can disconnect any calendar at any time from the Calendars page. To delete your account entirely, contact us at hello@chosencal.app. We will delete all your data — OAuth tokens, cached events, sync configuration — within 48 hours.

If we change this policy, we'll update the date at the top. For material changes, we'll notify you via the email on your account. The current version always lives at chosencal.app/privacy.

Questions? Email hello@chosencal.app.