Privacy & Consent

This page explains what data is processed, where it is stored, and why. It also explains your choices in the consent modal.

Who we are (GDPR Controller)

Controller: [Company / Individual Legal Name] ("cAilendar", "we", "us")

Address: [Street, City, ZIP, Country]

Email: [privacy@your-domain.tld]

Data Protection Officer (if applicable): [DPO contact or “Not appointed”]

If you contact us, we will use your message to respond and keep a record of the communication for support, security, and compliance.

What this app does

cAilendar helps you turn pasted plans (for example, travel bookings or schedules) into structured calendar events, preview them, and export them as an .ics file or add them to Google Calendar.

Data categories we process

Input content you provide

Text you paste or type into the app (which may include dates, locations, names, booking references, and other travel/plan details).

Generated outputs

Generated calendar event data (event titles, times, locations, descriptions) and the resulting .ics file content.

Account data (if you sign in)

Identifiers and basic profile fields provided by your login provider (e.g., email address, provider user ID).

Device and usage data

A consent record in this browser and an anonymous device identifier used to remember your choices. If you enable analytics, we process usage signals (page views, feature interactions) as described below.

Purposes and legal bases (GDPR)

Provide the service (calendar generation)

Purpose: Create calendar events from your input and deliver results.

Legal basis: Performance of a contract / steps at your request (Art. 6(1)(b)) and, where required, your consent for specific processing.

Consent management

Purpose: Store your consent choices and respect them.

Legal basis: Consent (Art. 6(1)(a)) and compliance with legal obligations (Art. 6(1)(c)) where applicable.

Security, abuse prevention, and operations

Purpose: Protect the service, prevent fraud/abuse, and keep the system reliable.

Legal basis: Legitimate interests (Art. 6(1)(f)).

What is stored only on this device

Your History is stored in your browser (localStorage). It is not synced to a server and it is not shareable.

You can view and delete local history at: /history

We also store your consent preferences in this browser (unless you disable “Save Preferences” in the consent modal).

What may be stored on the server

For GDPR compliance and basic operations, the server may store the minimum required:

Account

Your user identifier (from your login provider) and basic profile fields.

Audit / telemetry events

A timestamped event (e.g. "calendar_created"). These events are not linked to your account and are stored without a user identifier (they are dissociated from your identity). Optionally, we may store a small list of keywords derived from the calendar to understand content preferences and improve advertising relevance.

{
  "event_type": "calendar_created",
  "created_at": "2025-12-13T10:22:02Z",
  "language": "en",
  "timezone": "Europe/Berlin",
  "location": null,
  "keywords": ["vacation", "paris", "museum", "family"]
}

AI processing and third parties

When you enable Data Processing (Required) and submit content to generate a calendar, your text is sent to our backend API for processing.

Depending on the feature and configuration, some processing may be performed using third-party AI providers (for example, OpenAI). In that case, your submitted text (or parts of it) may be transmitted to that provider to generate structured event data.

Important: Please avoid submitting special categories of personal data (Art. 9 GDPR) such as health data, political opinions, religious beliefs, or other sensitive information.

Analytics and advertising

If you enable Anonymous Analytics in the consent modal, we may measure usage (for example, page views and feature interactions) to understand what to improve.

The site may display advertising. Depending on configuration, we may use Google services (such as Google AdSense) and measurement tools (such as Google Analytics). When enabled, these services may set cookies or use similar technologies, and may process device identifiers and IP addresses.

Where required, we use consent and/or consent-mode style controls to limit tracking until you opt in.

Authentication providers

If you choose to sign in, authentication is performed through third-party login providers (for example Google, Apple, or Facebook). We receive identifiers and basic profile information from the provider to create and secure your account.

International transfers

Some service providers (e.g., cloud hosting, analytics, or AI providers) may process data outside the EEA/UK. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) and additional measures.

Retention

Local history is stored in your browser until you delete it. Consent choices are stored until you reset them.

Server-side logs/telemetry (if any) are retained only as long as necessary for security, compliance, and operational needs, then deleted or anonymized.

Your rights (GDPR)

Depending on your jurisdiction, you may have rights to access, rectification, deletion, restriction, portability, and to object to certain processing.

To exercise rights, contact us at [privacy@your-domain.tld]. We may need to verify your request.

You also have the right to lodge a complaint with your supervisory authority.

Security

We use reasonable technical and organizational measures to protect data. However, no method of transmission or storage is completely secure.

No guarantees, user due diligence, and liability

Calendar AI is provided to help you draft calendar events from the information you provide. It may produce incorrect, incomplete, or outdated results.

You are responsible for reviewing, verifying, and (if necessary) correcting all generated events (including dates, times, time zones, locations, and descriptions) before you rely on them or import them into your calendar.

No warranties: To the maximum extent permitted by applicable law, we provide the service “as is” and “as available” and make no warranties (express or implied), including implied warranties of merchantability, fitness for a particular purpose, and non-infringement.

Limitation of liability: To the maximum extent permitted by applicable law, we will not be liable for any indirect, incidental, special, consequential, exemplary, or punitive damages, or for any loss of profits, revenues, data, goodwill, business interruption, or missed flights/ bookings resulting from your use of the service.

Nothing in this notice limits liability that cannot be limited under applicable law (for example, intentional misconduct or gross negligence where such limitations are prohibited).

If you want stronger protections (for example, governing law/venue, consumer carve-outs, or a paid plan with different terms), add a dedicated Terms of Service.

Changes

We may update this notice from time to time. The “Last updated” date will change when we do.

Last updated: 2025-12-16

Consent controls

You can change your consent choices at any time. Deleting consent will remove stored preferences from this browser and reload the app so you can choose again.