Privacy Policy

1. What We Collect

When you register and connect a calendar with Evvolve Cal, we collect:

• Your full name, email address, company name, and domain
• Your role designation (investor, client, or Evvolve team member)
• Google Calendar or Microsoft Calendar free/busy information (read access)
• OAuth access and refresh tokens required to access your calendar data and to create meeting events on your behalf
• Meeting metadata you provide when confirming a booking (title, agenda, participants, duration)

2. How We Use Your Data

We use your data exclusively to:

• Display your free/busy availability to authorized Evvolve team members
• Help coordinate meetings between investors, clients, and Evvolve team members
• Create new calendar events on your calendar when you (or an authorized team member acting on your behalf) confirm a booking
• Maintain your calendar connection for ongoing availability checks and event creation

Scope of access: We read only free/busy information from your calendar — we do not read event titles, descriptions, attendees, or any other details of existing events. We create new meeting events on your calendar only when a booking is explicitly confirmed. We do not modify or delete existing events on your calendar.

3. Data Storage & Security

• All data is stored in a secure Supabase Postgres database
• OAuth access and refresh tokens are encrypted at rest using AES-256-GCM encryption
• Free/busy data is fetched on-demand and is not permanently stored
• Access to the dashboard is restricted to authorized Evvolve team members

4. Data Sharing

We do not sell, trade, or share your personal data with third parties. Your availability information is only visible to authorized members of the Evvolve team for the purpose of scheduling meetings. Meeting events created on your calendar are visible to attendees you (or an Evvolve team member acting with your authorization) include in the event.

5. Data Retention

We retain your account data and calendar connection for as long as your account is active. You may request deletion of your data at any time by contacting us. You may also revoke Evvolve Cal's access to your Google or Microsoft calendar at any time through your calendar provider's account security settings.

6. Your Rights

You have the right to:

• Request access to the data we hold about you
• Request correction of inaccurate data
• Request deletion of your data and calendar connections
• Revoke calendar access at any time through your Google or Microsoft account settings

7. Google API Disclosure

Evvolve Cal uses Google Calendar API services. Our use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements. We use Google Calendar data only to provide user-facing features (free/busy availability display and meeting event creation) and do not use this data for advertising, serving ads, or transferring it to data brokers or for any purpose unrelated to providing the Evvolve Cal service.

8. Contact

For any privacy-related questions or data deletion requests, please contact us at renato@evvolve.io