ONEXPAND Calendar Privacy Policy

1. Introduction

At ONEXPAND, we are committed to protecting user privacy and ensuring the security and responsible use of data obtained through our integration with Google Calendar. This Privacy Policy outlines our practices and commitments regarding access to and usage of sensitive and restricted user data.

2. Data Collection and Usage

2.1 Authorisation: Our integration with Google Calendar requires user authorisation through OAuth 2.0 authentication. Users must grant explicit consent before our application can access their Google Calendar data.

2.2 Scope of Access: We request access only to the minimum set of Google Calendar API scopes necessary to provide our intended functionality. These scopes include:

• calendar.readonly

• calendar.events

2.3 Purpose of Access: We access Google Calendar data solely for the purpose of:

• Reading events in Google Calendar, which typically represent tasks and allow users to add them to their timesheet after mapping to a project or task.

• Adding a task to Google Calendar as an event and modifying it later as required.

3. Data Handling and Protection

3.1 Security Measures: We employ industry-standard security measures to protect user data obtained through our integration with Google Calendar. This includes encryption of data in transit and at rest, regular security audits, and adherence to best practices for secure software development.

3.2 Data Retention: We retain Google Calendar data only for as long as necessary to fulfill the intended purpose of the integration. Once data is no longer needed, it is securely deleted from our systems.

3.3 Data Sharing: We do not share user data obtained through our integration with Google Calendar with any third parties, except as required by law or with the user's explicit consent.

4. Transparency and Accountability

4.1 Privacy Policy: We maintain a publicly accessible Privacy Policy that clearly explains our data handling practices, including how we collect, use, and share user data obtained through our integration with Google Calendar.

4.2 User Consent: We provide users with clear and understandable information about the data we access and how it will be used. Users have the right to revoke consent and discontinue access to their Google Calendar data at any time.

5. Compliance and Accountability

5.1 Google Policies: We comply with all applicable Google policies, including the Google API Terms of Service, Google API User Data Policy, and other relevant guidelines and requirements.

5.2 Auditing and Compliance: We regularly review and audit our practices to ensure compliance with Google's policies and industry standards for data protection and privacy.

6. Contact Information

For questions or concerns regarding our Privacy Policy, please contact us at hello@ONEXPAND.co.uk.

Limited Use Disclosure

ONEXPAND Calendar’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.