← Back to Stellar Calendars

Privacy Policy

Last updated: 2026-04-09

Stellar Calendars ("we", "our", "the service") is a tool that synchronizes events between Google Calendars based on rules you configure. This privacy policy explains what data we collect, how we use it, how we protect it, and your rights regarding your data.

Information We Collect

When you sign in to Stellar Calendars with your Google account, we collect:

• Google account identifier — your Google account ID and email address, used to identify you across sessions.
• OAuth tokens — an access token and a refresh token from Google, which allow our service to read and write events on the calendars you authorize. These tokens are stored encrypted at rest.
• Calendar metadata — the list of your Google Calendars (titles, IDs, time zones, colors) so you can configure sync rules.
• Calendar event content — for events that match your sync rules, we read the source event (title, time, description, location, recurrence) and write a copy to your destination calendar. We also store an internal sync state record per event so we can detect changes.
• Sync rules — the rules you configure (which calendar copies to which, with what filters and transformations).

How We Use Your Information

We use your data exclusively to provide the calendar synchronization service you signed up for:

• Read events from your source calendars and create matching events on your destination calendars.
• Detect changes to source events and propagate updates or deletions to destination events.
• Track sync state so we can perform incremental updates instead of re-reading everything.
• Send you optional notification emails (e.g., if our service loses access to your account).

We do not use your calendar data for advertising, profiling, training AI models, or any purpose unrelated to the sync service. We do not sell or share your data with third parties.

Where Your Data Is Stored

• OAuth tokens, sync rules, calendar metadata, and per-event sync state are stored in Amazon DynamoDB in the us-east-1 region.
• Calendar event content itself is read from and written to Google Calendar via the Google Calendar API; we do not maintain a separate copy of event content beyond what is needed for change detection (a hash and identifier).
• Server logs (which may include event titles for debugging) are written to disk on AWS EC2 instances in us-east-1 and rotated periodically.

How We Protect Your Information

• All communication with Google Calendar uses HTTPS/TLS.
• OAuth tokens are stored in AWS DynamoDB with encryption at rest.
• Access to our infrastructure (AWS, DynamoDB, servers) is restricted to a small number of administrators.
• We follow Google's API Services User Data Policy, including the Limited Use requirements.

Your Rights and Controls

You have the following controls over your data:

• Revoke access at any time via your Google account permissions page. Once revoked, our service immediately loses the ability to access your calendars.
• Delete your account and all associated data using the "Delete Account" button in the Stellar Calendars app. This removes your OAuth tokens, sync rules, and sync state from our database. Events that were previously synced to your destination calendars remain on your calendars (we do not delete them on account deletion; you can do so manually if you wish).
• Request a copy of your data by emailing us at support@stellarcalendar.com.
• Opt out of email notifications by setting your notification level to zero in your account settings.

Google API Services User Data Policy

Stellar Calendars' use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We use Google user data only to provide or improve the calendar sync service the user signed up for.
• We do not transfer Google user data to third parties except as necessary to provide the service, comply with applicable law, or as part of a merger/acquisition.
• We do not use Google user data for advertising purposes.
• We do not allow humans to read Google user data except with explicit user permission, for security investigations, to comply with applicable law, or for aggregated/anonymized analysis with strict access controls.

Data Retention

We retain your data as long as your account is active. If you delete your account or have not signed in for an extended period (12+ months) and your OAuth tokens have expired, we may delete inactive account records.

Children's Privacy

Stellar Calendars is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us.

Changes to This Policy

We may update this privacy policy from time to time. We will post the updated date at the top of this page. Material changes will be communicated to users via email when feasible.

Contact

Questions or concerns? Email support@stellarcalendar.com.