Privacy Policy

Effective Date: May 1, 2025  |  Last Updated: May 30, 2026

TeamSchedulerPro ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our scheduling platform at teamschedulerpro.com ("Service"). To check availability and create meetings, the Service integrates with Google Calendar, Microsoft Outlook/Teams, and Zoom. Please read this policy carefully.

1. Information We Collect

a. Account Information
When you register as an administrator or team member, we collect your name, email address, and hashed password. Organization names and branding assets you upload (such as logos) are also stored.

b. Booking Information
When a guest books a meeting through a TeamSchedulerPro booking page, we collect:

• Guest name and email address
• Selected meeting date and time
• Any optional notes or custom intake answers (for example, a phone number) the guest provides
• The team member assigned to the meeting

c. Calendar & Video Integration Data
When you connect Google Calendar, Microsoft Outlook Calendar, or Zoom, we collect and store the OAuth access and refresh tokens that allow us to act on your behalf. A team member may connect more than one calendar account; we also store each connected account's email address and the identifier of the calendar where booked events are written. For calendar providers, we read only the free/busy time blocks necessary to prevent double-booking — we do not read, store, or transmit the titles, descriptions, attendees, locations, or any other content of your calendar events. All OAuth tokens are encrypted at rest (see Section 7).

d. Usage and Log Data
We may collect server-side logs that include IP addresses, request timestamps, and HTTP status codes for security monitoring and troubleshooting. This data is not linked to individual user identities for analytics purposes.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Service
• Check calendar availability across your connected calendars to prevent scheduling conflicts
• Create calendar events and video-conference links (Zoom, Google Meet, or Microsoft Teams)
• Send booking confirmation, reminder, and cancellation emails to guests and team members
• Authenticate users and secure accounts
• Respond to support requests
• Detect and prevent fraud, abuse, or security incidents
• Comply with legal obligations

We do not sell, rent, or share your personal information with third parties for marketing or advertising purposes.

3. Google Calendar Integration - Limited Use Disclosure

Specifically, regarding data obtained through Google Calendar API access:

• We only read free/busy data to determine when a calendar user is available for scheduling. We do not access event titles, descriptions, attendees, locations, or any other event content.
• We do not transfer Google user data to third parties except as necessary to provide the scheduling service, and only with your authorization.
• We do not use Google user data for advertising, user profiling, or any purpose other than enabling the scheduling features you requested.
• We do not allow humans to read Google user data unless you explicitly request support that requires it, you have provided consent, or we are required to do so by law.
• OAuth tokens are stored encrypted at rest and are used only to make API calls on your behalf while the integration is active.

You can revoke TeamSchedulerPro's access to your Google Calendar at any time by visiting Google Account Permissions or from within the TeamSchedulerPro admin panel under Settings > Calendar Integration.

4. Microsoft Calendar Integration

Similarly, when you connect Microsoft Outlook / Office 365 Calendar, we access only free/busy availability information via the Microsoft Graph API. We do not store, read, or share the content of your Outlook calendar events. You may revoke access at any time from your Microsoft account settings or from the TeamSchedulerPro admin panel.

5. Zoom Integration

When you connect a Zoom account, TeamSchedulerPro requests a single, least-privilege permission scope, meeting:write, used solely to create a Zoom meeting on the assigned host's account when a booking is made. Specifically:

• We create meetings only. We do not read or store meeting content, recordings, transcripts, participant lists, chat, or any other Zoom data.
• Tokens are encrypted at rest (see Section 7) and are used only to create meetings on your behalf while the integration is active.
• You stay in control. You may disconnect Zoom at any time from the TeamSchedulerPro admin panel, which deletes the stored Zoom tokens, or by removing the app from the Zoom App Marketplace (Manage > Installed Apps).

6. Data Sharing and Disclosure

We do not sell your data. We may share information in the following limited circumstances:

• Service Providers (Sub-Processors): We use Google (calendar), Microsoft (calendar/Teams), and Zoom (meeting creation) to deliver the integrations you enable, and a transactional email provider (Resend) to deliver booking confirmation, reminder, and cancellation emails. With your consent (see Section 11), we also use Google Analytics and, where enabled, Meta for analytics and advertising measurement. Each provider receives only the data necessary for its function.
• Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction. We will notify you of any such change.
• Protection of Rights: We may disclose information to protect the rights, property, or safety of TeamSchedulerPro, our users, or the public.

7. Data Security

We implement industry-standard security measures to protect your information:

• All data is transmitted over HTTPS using TLS 1.2 or higher
• OAuth tokens (Google, Microsoft, and Zoom) are encrypted at rest using AES-256-GCM
• Passwords are hashed using bcrypt with a cost factor of 12; we never store plaintext passwords
• JWT authentication tokens expire and are validated on every request, with per-tenant data isolation and ownership checks on every resource
• HTTP security headers (HSTS, CSP, X-Frame-Options, etc.) via Helmet, a CORS allow-list, rate limiting, CAPTCHA on public booking endpoints, parameterized database queries, and output escaping
• Secrets are held in environment variables, are never committed to source control, and OAuth tokens are never returned to the browser

No method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

8. Data Retention

We retain booking records and account information for as long as your account is active or as needed to provide services. OAuth tokens are retained until you disconnect the integration or delete your account, after which they are removed. Guest booking data is retained for a reasonable period following the meeting date for record-keeping purposes. You may request deletion of your personal data or booking records by emailing support@teamschedulerpro.com.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal data
• Portability: Request your data in a portable format
• Objection / Restriction: Object to or request restriction of certain processing

To exercise any of these rights, contact us at support@teamschedulerpro.com. We will respond within 30 days.

10. Children's Privacy

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it.

11. Cookies, Analytics & Consent

We use browser localStorage or session storage to keep you logged in and to remember your cookie-consent choice. These are essential to the Service and are always active; they are not advertising cookies.

With your consent, we use analytics and advertising technologies to understand site traffic and booking activity:

• Google Analytics 4 (GA4) — measures page views and a "booking completed" conversion event.
• Meta Pixel — where enabled, measures booking conversions for advertising measurement.

These technologies load only after you click "Accept" on our cookie-consent banner. If you click "Decline," no analytics or advertising cookies are set. You can change your choice at any time by clearing your browser's site data for this site, and you can block or delete cookies through your browser settings.

Booking pages operated by our customers: a business that uses TeamSchedulerPro may connect its own Google Analytics or Meta Pixel to its booking page so it can measure its own bookings. In that case the business is the data controller for the analytics collected on its page, and the same consent banner applies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify account holders of material changes by email or by posting a notice on the Service. The "Last Updated" date at the top of this page indicates when the policy was last revised. Continued use of the Service after changes are posted constitutes your acceptance of the revised policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

TeamSchedulerPro
Email: support@teamschedulerpro.com
Website: teamschedulerpro.com