GlowCal Privacy Policy
Effective Date: 15 July 2025
GlowCal (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, and safeguard your information across our web app and landing page. By using GlowCal, you agree to the terms described below.
What We Collect & Why
1. Google Authentication (OAuth 2.0)
We use Google’s secure OAuth service to authenticate users and access their Google Calendar. Specifically, we request access to read and update your event titles only using the calendar.events scope. This access is used solely to add emojis to your calendar event titles — nothing more.
We do not:
- Access or store your private event details, guests, or locations
- Access your email, files, or other Google services
- Use your Google data for advertising or profiling
Google may log OAuth access per its own privacy policy: Google Privacy Policy.
2. Supabase (Database + Authentication)
GlowCal uses Supabase to securely store limited user data:
- Your email address
- Subscription plan
- Usage activity (how many events you’ve emojified per week)
- Stripe-related subscription metadata (non-sensitive)
Supabase is GDPR-compliant and follows modern security practices including encryption, role-based access, and secure API communication.
3. Stripe (Payments)
If you choose to upgrade to the Pro Plan, your payment information is processed by Stripe, a certified PCI-compliant payment processor. We do not store any payment card details on our servers.
Stripe may store:
- Your billing email
- Payment method (secure tokenized form)
- Subscription history
See Stripe’s full privacy policy here: Stripe Privacy Policy.
4. Website & WordPress Tracking
Our landing page is hosted on WordPress, which may use cookies to improve performance and understand visitor behavior. We may use tools like Google Analytics or basic WordPress plugins to track:
- Page views
- Button clicks
- Referral traffic
- Anonymous aggregate usage data
You can control cookie settings through your browser at any time.
Email Communication
If you sign up for GlowCal, we may contact you by email to:
- Provide onboarding support
- Notify you about updates or outages
- Offer optional product tips or occasional GlowCal announcements
You can opt out at any time via the unsubscribe link or by emailing us directly.
We Don’t Sell or Share Your Data
We do not sell, rent, or share your personal information with advertisers or third parties. Your data stays between you and GlowCal. We use it only to run the service and improve it.
Data Deletion & User Control
You have the right to:
- Request a copy of your data
- Request account and data deletion
- Revoke access from your Google Account settings anytime
To request deletion, email us at hello@glowcal.io and we will process your request within 7 days.
Security Practices
GlowCal takes your privacy seriously. We use:
- HTTPS encryption across all services
- Secure authentication via Google
- Supabase with role-based access control and encrypted storage
- Stripe’s PCI-compliant payment infrastructure
We regularly review access logs and restrict administrative privileges to essential personnel only.
Service Providers
We rely on the following third-party services to operate GlowCal:
| Service | Purpose |
|---|---|
| Google OAuth | Authentication + Calendar access |
| Supabase | User data storage + authentication |
| Stripe | Payment processing |
| WordPress | Landing page hosting |
| Google Analytics (optional) | Site analytics |
Data Retention
We only keep data for as long as needed:
- Active users: data is retained while your account is active
- Deleted users: data will be fully purged within 30 days of confirmed deletion
- Logs and anonymized analytics may be retained longer for system integrity
Changes to This Policy
We may occasionally update this Privacy Policy. If significant changes are made, we’ll notify users via email or through a notice on our website.
Contact Us
Have questions, concerns, or want your data wiped? Email: hello@glowcal.io
