DaysMeet

Privacy Policy

Last updated: January 1, 2025

At DaysMeet, your privacy matters. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our service.

1. Information We Collect

We collect the following categories of personal data:

  • Account information: name, email address, username, profile photo
  • Booking data: invitee names, email addresses, phone numbers, selected times, and any answers to custom questions
  • Calendar data: calendar events (read/write) when you connect your calendar to prevent double-booking
  • Payment data: billing details processed by Stripe; we never store raw card numbers
  • Usage data: log data, IP addresses, browser type, pages visited, and referral sources

2. How We Use Your Information

  • To provide and improve the DaysMeet service
  • To send booking confirmations, reminders, and notifications
  • To process payments and prevent fraud
  • To respond to support inquiries
  • To comply with legal obligations
  • To send product updates (you may opt out at any time)

3. Legal Basis (GDPR)

For users in the European Economic Area (EEA), we process personal data under the following legal bases: contract performance (to provide the service), legitimate interests (product improvement, security), legal obligation (regulatory compliance), and consent (for marketing emails).

4. Data Sharing

We do not sell your personal data. We share data only with:

  • Service providers: Stripe (payments), Supabase (database), Resend (email), Twilio (SMS), and infrastructure providers — all bound by data processing agreements
  • Calendar integrations: Google and Microsoft, only when you connect your calendar
  • Legal requirements: when required by law, court order, or government request

5. Data Retention

We retain your data for as long as your account is active, plus a reasonable period after deletion to fulfil legal obligations. Booking data is retained for 7 years for tax and accounting purposes. You may request deletion of your data at any time.

6. Your Rights

Depending on your location, you may have the right to:

  • Access and receive a copy of your personal data
  • Correct inaccurate data
  • Delete your data (“right to be forgotten”)
  • Object to or restrict certain processing
  • Data portability
  • Withdraw consent at any time

To exercise these rights, email privacy@daysmeet.com. We will respond within 30 days.

7. Cookies

We use essential cookies for authentication and security, and optional analytics cookies (PostHog) to understand how the service is used. You can disable analytics cookies in your browser settings.

8. Security

We use industry-standard security measures including TLS encryption, row-level security, and encrypted OAuth token storage. No method of transmission over the Internet is 100% secure; we cannot guarantee absolute security.

9. Children

DaysMeet is not directed at children under 13. We do not knowingly collect personal data from children. If you believe we have collected such data, please contact us immediately.

10. International Transfers

Your data may be transferred to and processed in countries outside your own. When we transfer data from the EEA, we use Standard Contractual Clauses or other approved safeguards.

11. Changes to This Policy

We may update this policy periodically. We will notify you of material changes by email. Your continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact

For privacy questions or to exercise your rights, contact our Data Protection team at privacy@daysmeet.com.