WhenToMeetWhenToMeet

Privacy Policy

1. Introduction

We are committed to protecting your privacy and handling your personal data in an open and transparent manner. This privacy policy explains how we collect, use, share, and protect your personal information.

2. Information We Collect

We collect and process the following personal information:

  • Account Information: Email address and name
  • Usage Data: Information about how you use our service, including:
    • Access times and dates
    • Features and pages visited
    • Service interaction patterns
    • Performance data

3. How We Use Your Information

We use your personal information for the following purposes:

  • To provide and maintain our service
  • To improve and optimize our service
  • To ensure the security of our platform
  • To communicate with you about service-related matters
  • To comply with legal obligations

4. Analytics

We use privacy-focused analytics services to analyze service usage patterns and improve our platform:

  • Plausible Analytics: Self-hosted instance located in Germany. Privacy-focused and cookieless by default.
  • PostHog Analytics: Hosted in the EU (Frankfurt, Germany). Privacy-focused with cookieless tracking by default. Accepting cookies enables persistent tracking features for improved analytics.

Both analytics solutions are EU-hosted and GDPR-compliant. The collected data is anonymized and used solely for improving our service. By default, both services track usage without cookies. If you accept cookies, PostHog will enable persistent tracking to better understand returning user patterns.

5. Data Sharing and Third-Party Services

We share your data only with selected third parties that are essential to providing our service:

  • Cloudflare: For content delivery and security services
  • Hetzner: For infrastructure and hosting services
  • Discord API: Our Discord bot interacts with the Discord API to provide scheduling features within Discord servers. Data shared with Discord is governed by Discord's Privacy Policy.
  • DiceBear API: Used by the Timezones app to generate avatar images based on participant names

These service providers are contractually bound to protect your data and use it only for the specified purposes.

6. Data Storage and Security

Your data is stored in secure facilities within the European Union. We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

7. Your Rights Under GDPR

As a user, you have the following rights:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

To exercise any of these rights, please contact us using the information provided in the Contact section.

8. Cookies and Tracking

We use the following types of cookies:

Essential Cookies

  • Authentication cookies: Required for user login and session management (NextAuth session tokens)
  • Preference storage: Local storage for user interface preferences and settings

Analytics Cookies (Optional)

  • Plausible Analytics: Self-hosted, privacy-focused analytics service located in Germany (cookieless)
  • PostHog Analytics: EU-hosted analytics service located in Frankfurt, Germany
    • Cookieless by default: Tracks usage without cookies using memory-only storage
    • Persistent tracking with consent: When you accept cookies, PostHog stores data persistently to track returning users and improve analytics accuracy
    • Anonymous data only: No personal information is collected or tracked regardless of consent level

You can manage your cookie preferences at any time through our cookie banner or by clearing your browser data. Essential cookies cannot be disabled as they are necessary for basic website functionality.

9. Children's Privacy

Our service is not directed to children under 13. We do not knowingly collect personal information from children under 13.

10. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last updated" date.

11. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us here.

12. Data Protection Authority

If you are located in the European Economic Area (EEA) and believe we are processing your personal data unlawfully, you have the right to file a complaint with your local data protection supervisory authority.

13. Google Calendar Webhooks

When you connect your Google Calendar to WhenToMeet, we use a secure webhook to keep your bookings in sync—even if you make changes directly in Google Calendar. If you delete or cancel a booking event in Google Calendar, Google notifies our webhook endpoint. We then:

  • Verify the request and match it to your account
  • Check which booking is affected
  • Update your booking status in WhenToMeet and send relevant notifications

Data Processed:

  • Only the minimum event metadata required to identify and manage your booking (such as event ID, status, and timing)
  • No additional calendar data is accessed or stored for webhook processing

Security & Privacy:

  • All webhook requests are validated
  • Only events related to your bookings are processed
  • All actions are logged for security and auditing
  • No data is shared with third parties for webhook processing

You can disconnect your Google Calendar at any time to stop webhook processing. For more information, see our Contact Page.

14. Calendar Credential Storage (iCal & CalDAV)

When you connect a private iCal or CalDAV calendar that requires authentication, we securely store your calendar credentials to maintain ongoing access to your calendar data.

What We Store:

  • Calendar subscription URL or server address
  • Username or account identifier (stored in plaintext for authentication)
  • Password or access token (encrypted using AES-256-GCM encryption)

Security Measures:

  • Strong Encryption: Passwords are encrypted using AES-256-GCM authenticated encryption with unique salt and initialization vector per credential
  • Secure Key Derivation: Encryption keys are derived using scrypt, a memory-hard key derivation function
  • Server-Side Only: Credentials are never sent to your browser or client device
  • HTTPS Required: All calendar data is fetched over secure HTTPS connections
  • Access Control: Only you can access your calendar connections through our platform
  • Automatic Deletion: Credentials are permanently deleted when you disconnect a calendar or delete your account

How Credentials Are Used:

Your stored credentials are only used to:

  • Fetch calendar events to display your availability
  • Synchronize your calendar data with WhenToMeet
  • Update calendar connections when needed

Your Control:

  • You can disconnect any calendar connection at any time from your settings
  • Disconnecting a calendar immediately deletes all associated stored credentials
  • You can view all connected calendars in your account settings
  • We recommend periodically reviewing and rotating your calendar credentials

Data Retention:

Calendar credentials are retained only as long as the calendar connection is active. When you disconnect a calendar or delete your account, all associated credentials are immediately and permanently deleted from our systems.

Important Notes:

  • We never share your calendar credentials with third parties
  • We use basic authentication (username/password) as provided by the calendar server - we recommend using app-specific passwords where supported
  • For maximum security, consider using calendar services that support token-based authentication instead of password-based authentication

If you have concerns about storing calendar credentials, please contact us to discuss alternative options.

15. Discord Bot

Our Discord bot bridges Discord and WhenToMeet, enabling scheduling features directly within Discord servers.

Data Collected:

  • Discord User ID and Username: Used to identify you within Discord and associate votes with your Discord identity
  • Guild (Server) and Channel IDs: Used to deliver bot responses to the correct Discord channels
  • Account Linking Tokens: Temporary tokens generated when linking your Discord account to your WhenToMeet account. These tokens expire after 15 minutes and are automatically cleaned up
  • Poll Data: Poll titles, time slot options, and votes (associated with your Discord username) created through the bot
  • Event Sharing: When you share a WhenToMeet event in Discord, the bot links the Discord message to the corresponding WhenToMeet event

Analytics:

The Discord bot uses the same analytics services as the main WhenToMeet application (PostHog, Plausible, and Sentry) as described in Section 4. Analytics tracking is optional and follows the same privacy-focused principles.

Data Retention:

  • Account linking tokens are automatically deleted after 15 minutes or upon consumption, whichever comes first
  • Poll and vote data is retained as long as the associated WhenToMeet event exists
  • When a WhenToMeet event is deleted, all associated Discord poll and vote data is also removed

Your Control:

  • You can unlink your Discord account from WhenToMeet at any time
  • Votes submitted through the Discord bot are tied to your Discord username
  • You can request deletion of your data by contacting us

16. Timezones App (timezones.whentomeet.io)

The Timezones app is a client-side timezone comparison tool that requires no authentication and stores no user data on our servers.

Client-Side Storage:

  • localStorage: Used to store your theme preference and work hours settings. This data never leaves your browser.

URL-Based Sharing:

  • Participant names and timezones are encoded directly in the URL when you create a shareable link. Anyone with the URL can see the participant names and timezones contained in it.

Analytics:

  • Plausible Analytics only: The Timezones app uses our self-hosted Plausible Analytics instance (located in Germany). Plausible is cookieless by default and does not collect personal information.

Third-Party Services:

  • Google Fonts: Used to load fonts for the application interface
  • DiceBear API: Used to generate avatar images based on participant name seeds. The participant names you enter are sent to the DiceBear API to generate corresponding avatars.

Cookies:

The Timezones app does not set any cookies. Plausible Analytics operates without cookies by default.

Was this page helpful?