Privacy Policy for Gestion-a-taim

Last updated: November 21, 2025

This Privacy Policy describes how "Gestion-a-taim" ("the Application", "we", "us") collects, uses, stores, protects, and deletes information obtained from Google APIs.

1. Data Accessed

The Application accesses specific event data from authorized Google Calendars using the Google Calendar API (scope: .../auth/calendar). This data includes:

• Event summaries (titles)
• Start and end dates/times
• Event descriptions (only if necessary for synchronization context)

2. Use of Data

Event data is accessed for the sole purpose of synchronizing company events from specific Google accounts to our internal, local company calendar system. This ensures our employees have a unified view of work schedules within our secure environment.

The data is not used for any other purpose, such as advertising, analytics, marketing, or user tracking.

3. Data Storage and Sharing

Event data retrieved from Google APIs is stored securely on our private, local server infrastructure.

We do not share, sell, or transfer any data obtained from Google APIs to any third parties

4. Data Protection Mechanisms for Sensitive Data

We take the protection of Google user data seriously. We implement the following mechanisms to protect sensitive data:

• Encryption in Transit: All data transferred between Google APIs and our servers is encrypted using HTTPS/TLS protocols.
• Encryption at Rest: OAuth tokens (Access and Refresh tokens) are stored securely in our database with restricted access controls.
• Access Control: Access to the server and database where Google user data resides is strictly limited to authorized administrative personnel only.
• Secure Environment: Our application runs in a secured environment with firewalls and regular security updates to prevent unauthorized access.

5. Data Retention and Deletion Policy

We retain Google user data only for as long as necessary to provide the synchronization service.

• Retention: Calendar event data is retained in our local system as long as the synchronization service is active for the specific Google account.
• Deletion upon Disconnection: If an administrator removes a Google Calendar source from our application, all associated event data and OAuth tokens stored in our system are immediately and permanently deleted.
• User Request Deletion: Google account owners may request the deletion of their data at any time by contacting us or by revoking access to our application via their Google Account security settings. Upon revocation, our system will cease data collection and existing tokens will become invalid. Any residual data will be purged during routine database maintenance.

6. Google Limited Use Policy

Our use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Back to Homepage