Privacy Policy

At Kamili Labs LLC ("we," "us," or "our"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, share, and protect information when you use Kamili Calendar and related services.

This policy applies to all users of the Kamili Calendar platform, including our web application, mobile applications (iOS and Android), booking pages, calendar integrations, and any other services we provide (collectively, the "Service").

By using Kamili Calendar, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this policy, please do not use our Service.

We use the information we collect for the following purposes:

• Provide and operate the Service: Create and manage your account, display your calendars, and enable scheduling features.
• Sync calendars: Synchronize events across connected calendars (Google Calendar, Outlook, etc.) to provide a unified view of your schedule.
• Generate analytics and insights: Provide scheduling analytics, time audits, and productivity insights based on your calendar data.
• Send reminders and notifications: Deliver event reminders, scheduling confirmations, and booking notifications via email, push notifications, or SMS.
• Process payments: Handle subscription billing and payment processing through our payment provider, Stripe.
• Improve the Service: Analyze usage patterns to improve features, fix bugs, and develop new functionality.
• Communicate with you: Send service updates, security alerts, product announcements, and respond to support requests.
• Ensure security: Detect, prevent, and respond to fraud, abuse, or security incidents.

We do not sell, rent, or trade your personal information to third parties.

We may share your information with the following categories of service providers and partners, solely to operate and improve the Service:

• Stripe: Payment processing and subscription management. Stripe receives your billing information to process payments securely.
• Google (Google Calendar API): Calendar synchronization. Event data is exchanged to keep your calendars in sync.
• Microsoft (Microsoft Graph API): Outlook calendar synchronization and event data exchange.
• Zoom: Video conferencing integration. Meeting links and details are shared to create and manage virtual meetings.
• Google Meet / Microsoft Teams: Video conferencing links generated for calendar events.
• Slack: Notifications and status updates sent to your connected Slack workspace.
• Zapier: Workflow automations you configure may send event data to other services via Zapier.

We may also disclose your information if required to do so by law, or in the good-faith belief that such action is necessary to:

• Comply with a legal obligation, subpoena, or court order
• Protect and defend the rights or property of Kamili Labs LLC
• Prevent or investigate possible wrongdoing in connection with the Service
• Protect the personal safety of users of the Service or the public

We take the security of your data seriously and implement industry-standard measures to protect it:

• Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security).
• Encryption at rest: Stored data is encrypted using AES-256 encryption.
• SOC 2 compliance: Our infrastructure and processes are designed to meet SOC 2 Type II standards for security, availability, and confidentiality.
• OAuth token security: We use OAuth 2.0 for third-party integrations and never store your third-party passwords. Access tokens are encrypted and can be revoked at any time.
• Access controls: Internal access to user data is strictly limited, logged, and reviewed regularly.

Depending on your location, you may have the following rights regarding your personal data:

• Right to access: Request a copy of the personal data we hold about you.
• Right to correction: Request correction of inaccurate or incomplete personal data.
• Right to deletion: Request deletion of your personal data, subject to certain legal exceptions.
• Right to portability: Request your data in a structured, commonly used, machine-readable format (e.g., ICS for calendar data, CSV or JSON for other data).
• Right to withdraw consent: Withdraw your consent at any time where we rely on consent to process your data.
• Right to object: Object to the processing of your personal data for certain purposes, including direct marketing.
• Right to restrict processing: Request that we limit how we use your data in certain circumstances.

To exercise any of these rights, please contact us at privacy@kamililabsllc.com.

You can request deletion of your data through the following methods:

• Account settings: Navigate to Settings > Account > Delete Account in the Kamili Calendar app to initiate account and data deletion.
• Email request: Send a deletion request to privacy@kamililabsllc.com from the email address associated with your account.

We use cookies and similar technologies to operate and improve our Service:

• Essential cookies: Required for the Service to function, including authentication, session management, and security. These cannot be disabled.
• Analytics cookies: Help us understand how users interact with the Service, which features are most used, and how we can improve the experience.
• Preferences cookies: Remember your settings, such as timezone, language, calendar view preferences, and theme.

You can manage your cookie preferences through your browser settings or through the cookie settings panel in our application. Note that disabling essential cookies may prevent the Service from functioning properly.

Kamili Calendar integrates with the following third-party services. Each service has its own privacy policy governing how they handle your data:

• Google Calendar API: Used for syncing events with Google Calendar. Google Privacy Policy
• Microsoft Graph API: Used for syncing events with Outlook and Microsoft 365 calendars. Microsoft Privacy Statement
• Zoom API: Used for creating and managing Zoom meetings linked to calendar events. Zoom Privacy Policy
• Slack API: Used for sending calendar notifications and status updates to Slack. Slack Privacy Policy
• Stripe: Used for payment processing and subscription management. Stripe Privacy Policy
• Analytics tools: We may use analytics services to understand usage patterns and improve the Service. These tools collect anonymized usage data.

We encourage you to review the privacy policies of any third-party services you connect to Kamili Calendar.

Kamili Calendar allows users to create public booking pages that enable others to schedule meetings. When someone books a meeting through your booking page, the following information is collected:

• Name of the person booking
• Email address of the person booking
• Meeting purpose or notes (if provided)
• Selected date and time
• Any additional custom fields configured by the calendar owner

Kamili Calendar connects with external calendar and productivity services to provide a unified scheduling experience. Here is how data flows between Kamili Calendar and connected services:

• Bidirectional sync: When you connect a calendar (e.g., Google Calendar, Outlook), events are synced in both directions. Changes made in Kamili Calendar are reflected in the connected service and vice versa.
• OAuth scope and permissions: We request only the minimum OAuth scopes necessary to provide calendar synchronization. You can review the specific permissions requested during the connection flow.
• Minimal data access: We only access the calendar data needed to provide the Service. We do not access unrelated data from your connected accounts (e.g., we do not read your emails or files).
• Token revocation: You can disconnect any connected service at any time from Settings > Integrations. When disconnected, we revoke the OAuth token and stop syncing data. Previously synced data in Kamili Calendar can be deleted upon request.

Kamili Calendar is operated by Kamili Labs LLC, based in the United States. Your data may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

If you are located outside the United States, please be aware that your data may be transferred to and processed in a country with different data protection laws than your country of residence.

We take appropriate safeguards to ensure that your data is treated securely and in accordance with this Privacy Policy, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission for transfers of data from the EU/EEA
• Data processing agreements with all service providers
• Ensuring adequate levels of data protection regardless of where data is processed

Kamili Calendar is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16 years of age.

If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information as quickly as possible. If you believe that a child under 16 has provided us with personal data, please contact us at privacy@kamililabsllc.com.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes:

• We will provide at least 30 days' notice before the changes take effect.
• We will notify you via email at the address associated with your account.
• We will update the "Last Updated" date at the top of this policy.
• A prominent notice may be displayed within the Kamili Calendar application.

Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the updated terms. If you do not agree with the changes, you should stop using the Service and delete your account.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all privacy-related inquiries within 10 business days.