Scheduling Studio Logo

scheduling.studio

Privacy Policy

Last Updated: February 15, 2026

Welcome to Scheduling Studio ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have control over your data. This Privacy Policy explains how we collect, use, store, and share your information when you use our website and services (collectively, the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

A. Information You Provide Directly

Account Information: When you register via Google Sign-In, we collect your name, email address, profile picture, and role (e.g., "Coach," "Recruiter"). You may also provide a bio, timezone preferences, currency preferences, and custom booking rules.

Payment Information: We process payments via a PCI-DSS compliant third-party payment processor. We store a customer identifier, subscription identifier, billing interval, and invoice history (date, amount, status, invoice URL) in our database. We do not store your credit card number, CVV, or full card details on our servers—these are handled entirely by our payment processor.

User Content: This includes your bio, meeting preferences ("Vibe"), custom booking rules, availability schedules, and any content you create within the Service.

Phone Numbers: If you choose to connect SMS or WhatsApp notifications, we collect your phone number and store it in association with your account.

B. Information Collected from Third-Party Integrations

We access third-party services only after you explicitly authorize each integration. You may disconnect any integration at any time from your Account Settings.

Google Calendar: We access your Google Calendar to read events (to check availability and detect conflicts) and write events (to book meetings on your behalf). We store OAuth tokens (access token, refresh token, expiration) securely to maintain your connection.

Gmail (Email Scanning): If you connect your Gmail account, we access email metadata and content (subject lines, sender/recipient addresses, dates, and message snippets) for contacts you are scheduled to meet. This data is used by our AI-powered "Scout" and "Dossier" features to generate pre-meeting intelligence briefings, analyze communication patterns, and provide contextual insights. We access up to 20 recent email threads per contact. Email content is processed in real-time and is not permanently stored on our servers—it is transmitted to our AI provider for analysis and the results are returned to you. OAuth tokens for Gmail are stored securely in your user profile.

Zoom: If you connect Zoom, we access your Zoom account to create and manage video meeting links for your bookings. We store OAuth tokens and your Zoom user ID.

C. Information Collected Automatically

Usage Data: We collect analytics on how you interact with the Service, including page views, feature usage, and derived metrics (e.g., "Deep Work Score" calculations). This data is collected via third-party analytics tools.

Cookies and Tracking Technologies: We use cookies and similar technologies as described in Section 10 below.

D. Information Collected from Guests and Third Parties

Booking Data: When someone books a meeting through your Scheduling Studio page, we collect the guest's name, email address, phone number (if provided), timezone, and any notes they include. This data is stored in our booking records and used to create calendar events, send confirmations, and facilitate communication between hosts and guests.

Guest SMS Opt-In: Guests may voluntarily opt in to receive SMS notifications about their booking. If they do, we collect their phone number and record their consent (including timestamp) in a dedicated consent record. Guests can opt out at any time by replying STOP to any message.

E. Meeting Recordings and Transcriptions

Scribe (Meeting Recording): If you enable the "Scribe" feature, a recording bot joins your meetings (Google Meet or Zoom) to capture audio. The raw audio file is temporarily downloaded from our recording provider and uploaded to secure cloud storage associated with your account. The audio is then transcribed—either by our recording provider or by our AI provider—and AI-generated meeting notes (including summaries, action items, key decisions, and follow-ups) are created and stored in your account.

F. Web Research

Contact Research: Our Scout feature may use publicly available information (via web search engines) to research contacts you are scheduled to meet. The contact's name, email address, and email domain are used as search inputs. The resulting publicly available information (professional profiles, company information, published articles) is compiled into a briefing for your review. We do not store raw search results—only the AI-generated briefing is retained.

2. How We Use Your Information

We use your data for the following purposes:

  • Core Scheduling: Identify scheduling conflicts, prevent double-booking, and manage your availability calendar.
  • Booking Management: Generate personalized booking links and landing pages, process bookings, and create calendar events.
  • Communications: Send emails, calendar invitations, SMS messages, Telegram messages, and WhatsApp messages on your behalf or to notify you of bookings and updates.
  • AI-Powered Features: Generate pre-meeting intelligence briefings (Scout), analyze your email communication patterns (Dossier), produce meeting notes and summaries (Scribe), provide schedule optimization insights, and detect burnout risks.
  • Meeting Recording: Record, transcribe, and summarize meetings when you activate the Scribe feature.
  • Billing: Process subscription payments, manage plan changes, and maintain billing history.
  • Service Improvement: Analyze aggregated, anonymized usage data to improve features and user experience.

3. Google User Data Policy (Limited Use Disclosure)

Scheduling Studio's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We do not sell your Google Calendar or Gmail data.
  • We do not use your Google data to serve advertisements.
  • We do not use your Google Calendar or Gmail data to train generalized AI/ML models.
  • We only transfer Google user data to third-party AI providers strictly for the purpose of providing the AI-powered features you have explicitly requested and authorized (e.g., generating a meeting briefing, analyzing your schedule, or producing meeting notes).
  • We limit our use of Google user data to providing and improving the user-facing features of the Service that are visible and accessible to you.
  • Human access to Google user data is limited to what is necessary for security purposes, to comply with applicable law, or when aggregated and anonymized for internal operations.

Gmail Specific Disclosures: When you connect Gmail, we request read-only access to your email messages. We use this access solely to retrieve relevant email threads with your upcoming meeting contacts for the purpose of generating AI-powered briefings. Email content is transmitted to our AI provider for processing and is not retained after the briefing is generated. You can disconnect Gmail access at any time from your integrations settings, which immediately revokes our ability to read your email.

4. Messaging and SMS Disclosures (TCPA Compliance)

We offer optional notification channels including SMS, Telegram, and WhatsApp. These are governed by the following terms:

A. SMS Notifications

  • Consent: SMS notifications are only sent after you (as a host) or a guest provides explicit opt-in consent. Host consent is captured during the SMS setup process via a consent checkbox. Guest consent is captured via an opt-in checkbox on the booking confirmation page.
  • Message Types: We send transactional SMS messages including booking confirmations, meeting reminders, meeting notes, and intelligence briefings.
  • Message Frequency: Message frequency varies based on your booking activity. You will typically receive one message per booking event plus optional reminders and follow-ups.
  • Opt-Out: You can opt out of SMS messages at any time by replying STOP to any message. You may resume by replying START. You can also disconnect SMS from your integrations settings.
  • Costs: Standard message and data rates from your wireless carrier may apply.
  • No Sharing: We do not sell, rent, or share phone numbers or consent data with third parties for marketing purposes. Phone numbers are shared only with our SMS delivery provider solely for the purpose of delivering messages.
  • Carrier Disclaimer: Carriers are not liable for delayed or undelivered messages.

B. Telegram Notifications

  • When you connect Telegram, we store your Telegram chat identifier, username, and first name to deliver notifications.
  • You can pause notifications by sending /stop to our bot and resume with /resume.
  • You can disconnect Telegram entirely from your integrations settings.

C. WhatsApp Notifications

  • When you connect WhatsApp, we store your WhatsApp identifier, phone number, and display name to deliver notifications.
  • You can pause or resume notifications by messaging our WhatsApp number.
  • You can disconnect WhatsApp entirely from your integrations settings.

5. Data Sharing and Disclosure

We do not sell your personal data. We share data only in the following circumstances:

  • AI Processing: We transmit calendar data, email metadata/content, meeting transcripts, audio recordings, and contact information to third-party AI providers for the purpose of generating AI-powered features (briefings, meeting notes, schedule analysis). These providers process data subject to their own data processing agreements and privacy policies.
  • Cloud Infrastructure: Your data is stored on secure cloud infrastructure provided by reputable third-party hosting services. Data is encrypted at rest and in transit.
  • Payment Processing: Billing information is shared with our PCI-DSS compliant payment processor for the purpose of processing transactions.
  • Messaging Providers: Phone numbers and message content are shared with third-party SMS, Telegram, and WhatsApp service providers solely for the purpose of message delivery.
  • Meeting Recording: When you use Scribe, our third-party recording provider joins your meeting to capture audio. The provider processes audio data subject to their own privacy policy.
  • Analytics Providers: Anonymized usage data may be shared with third-party analytics providers (subject to your cookie consent).
  • Legal Compliance: We may disclose your information if required by law, subpoena, or legal process, or to protect the rights, safety, or property of Scheduling Studio, our users, or others.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the successor entity. We will notify you via email or prominent notice on our Service before your data is transferred and becomes subject to a different privacy policy.

6. Data Retention

  • Account Data: We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.
  • Booking Records: Booking data (including guest information) is retained for as long as your account is active to support client management features.
  • Meeting Recordings and Transcripts: Audio files and transcripts are stored in your account until you delete them or delete your account.
  • Integration Tokens: OAuth tokens and connection data for third-party integrations are deleted when you disconnect the integration or delete your account.
  • SMS Consent Records: SMS consent and opt-out records are retained as required by the Telephone Consumer Protection Act (TCPA) and applicable regulations.
  • Temporary Tokens: Temporary link tokens used for connecting messaging integrations expire automatically after 10 minutes.

7. Data Security

We implement commercially reasonable technical and organizational measures to protect your data, including:

  • All data is transmitted over HTTPS/TLS encryption.
  • Data at rest is encrypted using industry-standard encryption provided by our cloud infrastructure.
  • Authentication is handled via secure OAuth 2.0 protocols.
  • API endpoints are protected by authentication middleware that verifies user identity tokens.
  • Third-party API credentials and secrets are stored securely in environment configuration or secret management services—never in client-side code.
  • Webhook endpoints validate incoming requests to prevent unauthorized access.

While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

  • Access and Portability: You may request a copy of the personal data we hold about you.
  • Correction: You may update or correct your personal information in your Account Settings.
  • Deletion: You may request deletion of your account and associated data by contacting us at support@scheduling.studio.
  • Revoke Google Access: You can revoke our access to your Google Calendar and Gmail at any time via your Google Security Settings.
  • Disconnect Integrations: You can disconnect Zoom, Telegram, WhatsApp, or SMS from your integrations settings at any time.
  • Opt Out of SMS: Reply STOP to any SMS message or disconnect from integrations settings.
  • Cookie Preferences: You can manage your cookie preferences via the cookie consent banner that appears on your first visit. You can reset your preferences by clearing your browser's local storage.
  • Do Not Track: We currently do not respond to "Do Not Track" browser signals.

For California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act and the California Privacy Rights Act, including the right to know what personal information is collected, the right to delete, and the right to opt out of the sale or sharing of personal information. We do not sell or share your personal information as defined under CCPA/CPRA. To exercise your rights, contact us at support@scheduling.studio.

For EEA/UK Residents (GDPR)

If you are located in the European Economic Area or United Kingdom, our legal bases for processing your personal data include: (a) your consent (e.g., connecting integrations, opting into SMS); (b) performance of a contract (e.g., providing the Service); (c) compliance with legal obligations; and (d) our legitimate interests (e.g., improving the Service, preventing fraud). You have the right to withdraw consent at any time, lodge a complaint with your local data protection authority, and request restriction of processing.

9. International Data Transfers

Your data is processed and stored in the United States via our cloud infrastructure providers. If you are located outside the United States, your data will be transferred to and processed in the United States. By using the Service, you consent to this transfer. We rely on our providers' data processing terms and appropriate safeguards for international transfers.

10. Cookies and Tracking Technologies

We use the following categories of cookies and tracking technologies:

  • Necessary Cookies: Required for authentication, security, and core functionality. These cannot be disabled.
  • Analytics Cookies: Third-party analytics tools help us understand how users interact with the Service. These are only loaded after you consent.
  • Marketing Cookies: We may use third-party marketing and retargeting tools for advertising purposes. These are only loaded after you consent.

You can manage your preferences via the cookie consent banner. Analytics and marketing cookies are only activated after your explicit consent.

11. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@scheduling.studio and we will promptly delete such information.

12. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last Updated" date. Your continued use of the Service after any changes constitutes your acceptance of the updated policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Scheduling Studio
Email: support@scheduling.studio