Legal
Privacy Policy
Effective date: June 14, 2026 · Last updated: June 14, 2026
SynqSlot ("SynqSlot", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our scheduling service at synqslot.com and related applications (collectively, the "Service"). Please read this policy carefully. By using the Service you agree to the practices described here.
1. Information we collect
Account information
When you sign in via Google OAuth or Microsoft OAuth we receive your name, email address, and profile picture from the identity provider. We do not receive or store your Google or Microsoft account password.
Calendar access
To power the scheduling service, we request access to read and write calendar data via the Google Calendar API and Microsoft Graph API. Specifically, we:
- Read your calendar events to determine your busy times and prevent double-bookings.
- Create calendar events when an invitee books a meeting with you.
- Delete or update those events when a meeting is cancelled or rescheduled.
- Store OAuth access tokens and refresh tokens securely to maintain calendar sync.
We access only the calendar scopes necessary to provide the scheduling service. We do not read the content of existing calendar events beyond what is needed to determine availability (start/end times and busy/free status).
Booking data
We store data submitted by invitees when they book a meeting, including their name, email address, and any answers to intake questions you have configured. This data is stored in connection with your SynqSlot account.
Usage data
We collect standard server logs including IP addresses, browser type, pages visited, and timestamps. This data is used to maintain, secure, and improve the Service.
Payment information
Payments are processed by Stripe. We do not store your full card number, CVV, or bank account details — these are handled entirely by Stripe. We receive and store a Stripe customer ID and subscription status.
2. How we use your information
- To provide the scheduling service — syncing calendars, creating bookings, sending confirmations.
- To send transactional emails — booking confirmations, reminders, and follow-ups configured in your workflows.
- To send billing communications — receipts, renewal notices, and payment failure alerts.
- To improve the Service — analysing usage patterns to fix bugs and build better features.
- To comply with legal obligations — responding to lawful requests from authorities.
We do not use your calendar data to train machine learning models, serve advertisements, or for any purpose other than providing the scheduling service.
3. How we share your information
We do not sell your personal data. We share information only in these limited cases:
Service providers
- Google LLC — Calendar API OAuth to sync your Google Calendar.
- Microsoft Corporation — Microsoft Graph API to sync your Outlook/Office 365 calendar.
- Stripe, Inc. — Payment processing for paid plans.
- Resend — Transactional email delivery (confirmations, reminders, follow-ups).
- Vercel Inc. — Application hosting and serverless functions.
- Neon Technologies — PostgreSQL database hosting. Data is encrypted at rest.
Each provider is bound by their own privacy policies and data processing agreements and is permitted to use your data only to provide the services they supply to us.
Legal requirements
We may disclose information if required by law, subpoena, court order, or other governmental authority, or where we believe disclosure is necessary to protect the rights, property, or safety of SynqSlot, our users, or the public.
Business transfers
If SynqSlot is acquired or merges with another entity, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on the Service before that transfer occurs.
4. Data storage and security
Your data is stored in a PostgreSQL database hosted on Neon (AWS infrastructure, US East region). OAuth tokens are encrypted at rest using industry-standard AES-256 encryption before storage. Connections to the database use TLS.
We implement appropriate technical and organisational measures to protect your information. However, no method of transmission or storage is 100% secure. If you believe your account has been compromised, contact us immediately at hello@synqslot.com.
5. Your rights and choices
Access and correction
You can view and update your account information in the Settings section of your dashboard at any time.
Disconnecting calendars
You can disconnect any connected calendar from Settings → Calendars. When you disconnect a calendar, we revoke our OAuth token and delete it from our systems. We no longer have access to your calendar after disconnection.
Data deletion
To delete your SynqSlot account and all associated data, contact us at hello@synqslot.com with the subject line "Delete my account". We will process your request within 30 days. Note that we may retain certain information where required by law (e.g., billing records).
GDPR rights (EEA and UK users)
If you are located in the European Economic Area or the United Kingdom, you have the right to: access your personal data, rectify inaccurate data, erase your data, restrict processing, data portability, and to object to processing. To exercise these rights, contact us at hello@synqslot.com.
6. Google API data use disclosure
SynqSlot's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Information received from Google APIs is used only to provide and improve features visible to the user within SynqSlot. It is not transferred to third parties except as necessary to provide the Service (see "Service providers" above), or as required by law. It is not used for serving advertisements. It is not used for any purpose not explicitly described in this Privacy Policy.
7. Cookies
We use a session cookie to keep you signed in (managed by NextAuth.js). This cookie is essential for the Service to function and is deleted when you sign out or close your browser. We do not use third-party advertising cookies. If you connect analytics integrations (Google Analytics, Meta Pixel) on your booking page, those providers may set their own cookies — you are responsible for disclosing this to your invitees.
8. Children's privacy
The Service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, contact us at hello@synqslot.com.
9. Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a prominent notice on the Service at least 14 days before the change takes effect. Your continued use of the Service after the effective date constitutes your acceptance of the updated policy.
10. Contact
Questions, requests, or concerns about this Privacy Policy or our data practices:
Email: hello@synqslot.com
Service: SynqSlot (synqslot.com)