1. Introduction
Event Alpha ("we," "our," or "us") operates the Event Alpha web application (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
2. Information We Collect
We collect the following types of information:
- Account Information: When you sign in via Google or Microsoft OAuth, we receive your name, email address, and profile picture from your identity provider.
- Calendar Data: With your explicit consent, we access your calendar events in read-only mode. This includes event titles, descriptions, times, and locations. We do not modify, create, or delete any events in your calendar.
- Location Data: Event locations from your calendar are geocoded (converted to coordinates) to display on a map. We cache geocoding results to improve performance.
- Usage Data: We collect basic usage information such as feature interactions and error logs to improve the Service.
3. How We Use Your Information
- To display your calendar events on an interactive map
- To calculate routes and travel times between events
- To provide AI-powered schedule insights (when you use the chat feature)
- To manage your account and subscription
- To improve and maintain the Service
4. Calendar Data Usage
Our use of Google Calendar data adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We only request read-only access to your calendar events
- Calendar data is used solely to provide the core mapping and logistics features of the Service
- We do not sell, share, or transfer your calendar data to third parties for advertising or any unrelated purpose
- We do not use your calendar data for training machine learning models
- Calendar data is not stored permanently — it is fetched in real-time when you use the app
5. Data Storage and Security
We store the following data in our database:
- Your account information (name, email, provider)
- Your event preferences (priorities, hidden events)
- Imported events (if you choose to import events manually)
- Cached geocoding results (location to coordinates mappings)
- Subscription and billing information (managed by Stripe)
We use industry-standard security measures including encrypted connections (HTTPS), secure authentication (OAuth 2.0), and row-level security policies on our database to ensure your data is only accessible to you.
6. Third-Party Services
We use the following third-party services:
- Google APIs: Calendar access, geocoding, and places search
- Microsoft Graph API: Calendar access for Outlook users
- Mapbox: Map rendering and route calculations
- Supabase: Database hosting and authentication
- Stripe: Payment processing
- Vercel: Application hosting
Each of these services has its own privacy policy governing their handling of data.
7. Data Retention and Deletion
Calendar events are fetched in real-time and not permanently stored. Account data and preferences are retained as long as your account is active. You may request deletion of your account and all associated data at any time by contacting us. Upon account deletion, all your data will be permanently removed from our systems within 30 days.
8. Your Rights
You have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Revoke calendar access at any time through your Google or Microsoft account settings
- Export your data
9. Children's Privacy
The Service is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date at the top of this page. Continued use of the Service after changes constitutes acceptance of the updated policy.
11. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at papadking@gmail.com.