Privacy Policy

This Privacy Policy describes how Syncalio ("we", "us", or "our") collects, uses, discloses and protects personal data when you use Syncalio, create an account, connect calendars or email accounts, publish booking pages, or book appointments through a Syncalio user.

Data Controller: Syncalio by Bros Energy SA
Via Marianda 16B, 6926 Montagnola, Switzerland
Email: info@syncalio.com

This policy applies to account holders, visitors, invitees, clients who book appointments, and people who interact with Syncalio booking pages. Syncalio acts as controller for our own website, account, billing, support, security and product-operation data.

When a Syncalio user creates booking pages, connects calendars, manages appointments or collects booking form answers, that user may act as controller for their own clients and invitees. Syncalio processes that appointment and invitee data to provide the service to the Syncalio user.

Syncalio integrates with Google Calendar and Microsoft Outlook / Microsoft 365 Calendar to read availability, synchronize appointment information, create or update booking events, prevent double bookings and keep the Syncalio calendar hub current. When users choose email-related features, Syncalio may use Gmail or Microsoft email permissions only to send booking-related messages on behalf of that user.

Syncalio stores OAuth tokens or similar connection material only as needed to provide the connected service. Users can disconnect integrations from account settings. When an integration is disconnected or an account is deleted, Syncalio disables the connection and removes stored OAuth tokens and sync material that are no longer needed, subject to legal, billing, security and technical obligations.

Syncalio's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Syncalio does not sell calendar data, booking data, OAuth data or invitee data. Syncalio does not use Google or Microsoft user data to train generalized AI or machine-learning models, for advertising, or for unrelated profiling.

We use personal data to:

• create and manage Syncalio accounts;
• display booking pages, public profiles and available appointment times;
• connect Google and Microsoft calendars and calculate availability;
• create, update, cancel and reschedule bookings and calendar events;
• send booking confirmations, reminders, service notices and support replies;
• process subscription, billing, accounting and tax records where applicable;
• secure, debug, monitor and improve the service;
• comply with legal obligations and protect rights, users and the service.

Depending on the context, we process personal data to perform a contract, take pre-contractual steps, comply with legal obligations, pursue legitimate interests such as security and product operation, or based on consent where required. Users who collect data from their own clients or invitees are responsible for ensuring they have a valid legal basis for that collection.

We share data only when needed to provide and protect the service, comply with law, or follow a user's instructions. Recipients may include hosting and database providers, Google, Microsoft, Zoom when selected, payment providers if paid plans are configured, professional advisers, authorities where legally required, and Syncalio users or invitees involved in a booking.

We do not sell personal data. We do not share Google or Microsoft user data with third parties except as necessary to provide or improve user-facing Syncalio features, comply with law, protect security, or as otherwise expressly permitted by the applicable provider policies.

Current subprocessor information is available in our Subprocessor List.

We use strictly necessary cookies required for authentication, security and core application functionality. We may use browser localStorage to remember your language preference. The cookie notice acknowledgement is stored in browser localStorage so the notice does not keep appearing after it has been acknowledged. We do not currently use third-party marketing or analytics cookies such as Google Analytics, Meta Pixel, PostHog, Plausible or Mixpanel. If those tools are introduced later, we will update this policy and request consent where required. More information is available in our Cookie Policy.

We keep personal data only for as long as needed to provide the service or meet legal, accounting, tax, security, fraud-prevention or dispute-resolution obligations. When an account is deleted or an integration is disconnected, Syncalio deletes or anonymizes operational product data and removes stored OAuth tokens and sync material that are no longer needed for the service. Billing, payment, invoice and transaction records may be retained where legally required. Deletion instructions are available on our Data Deletion page.

Syncalio is not designed to require sensitive personal data. Users should avoid requesting sensitive information through booking forms, appointment titles, notes or custom questions unless strictly necessary and legally permitted. If a user chooses to collect sensitive information through Syncalio, that user is responsible for ensuring they have a valid legal basis, including explicit consent where required.

Syncalio is a professional scheduling platform intended for professional and business use. We do not knowingly collect account data from individuals under 16. If you believe a minor has provided us with personal data, contact us at info@syncalio.com.

Depending on where you live, you may have the right to access, correct, delete, export or object to processing of your personal data, restrict certain processing, withdraw consent, or lodge a complaint with a supervisory authority. You can manage many account and integration choices from the Syncalio dashboard. For privacy requests, contact info@syncalio.com.

Swiss users: You may lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC) at edoeb.admin.ch.
EU/EEA users: You may lodge a complaint with your local supervisory authority.
UK users: You may contact the ICO at ico.org.uk.

Syncalio is operated from Switzerland and may use service providers located in Switzerland, the EEA, the United Kingdom, the United States or other countries. Where personal data is transferred internationally, we use appropriate safeguards such as adequacy decisions, Standard Contractual Clauses or equivalent transfer mechanisms where required.

Syncalio does not claim certification under the EU-U.S. Data Privacy Framework unless and until such certification is obtained and this policy is updated.

We use technical and organizational measures designed to protect personal data, including encrypted transport, restricted access, logging, provider security controls and operational review. No online service can guarantee absolute security, but we work to reduce risk and respond to security issues responsibly.

We may send service notices and product updates about Syncalio. Marketing communications are sent only where permitted and may be opted out of where required. We do not use connected calendar, email or OAuth data for advertising.

Syncalio does not use connected Google or Microsoft calendar data, booking data, OAuth data or invitee data to train generalized AI or machine-learning models. If Syncalio introduces optional AI features that process customer or calendar data, we will describe those features and any required choices before using that data for the feature.

Syncalio does not make solely automated decisions that produce legal or similarly significant effects about users or invitees.

Syncalio users are responsible for the booking pages, custom questions, appointment descriptions, client information and content they configure. Users should provide their own legally required notices to clients and invitees, avoid unnecessary sensitive data collection, and ensure they have the right to process and share information through Syncalio.

We may update this Privacy Policy from time to time. For material changes, we will notify users by email and/or via a prominent notice on the platform where appropriate.

For questions or requests about this policy or your personal data:
Email: info@syncalio.com