Privacy Policy
Introduction
This Privacy Policy describes how AgendaCraft ("we", "us", or "our") collects, uses, and shares information about you when you use our services.
Effective Date: May 16, 2026.
If you have questions about this policy, please contact us at privacy@agendacraft.ai.
Children's Privacy
Our services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child, please contact us immediately.
Information We Collect
We collect the following categories of personal data for the purposes described below:
| Category | Fields collected | Purpose |
|---|---|---|
| Account Data | Contact details such as email address and name, Account identifiers such as username and user ID, Profile details and connected-account information from sign-in providers, User preferences such as timezone, theme, and calendar settings | To create, authenticate, and manage user accounts |
| Authentication and Security Data | Session, cookie, and token information used to keep users signed in, Security verification data used to prevent unauthorized access, Sign-in, sign-out, and account-security activity | To protect accounts, maintain signed-in sessions, and prevent unauthorized access |
| Task and Planning Data | Projects, areas, planners, and planning preferences, Task details such as title, description, priority, duration, status, and schedule, Calendar block assignments, capacity, recurrence, and completion information, User-provided task, calendar, and planning content that may include sensitive information if a user chooses to enter it | To provide planning, scheduling, and task-management features |
| Calendar and Connected Integration Data | Connected provider account details and authorization information, Calendar lists, event details, availability, reminders, and sync status, External task or calendar linkage information needed to keep integrations in sync | To sync calendars and connected services when you enable integrations |
| Billing Data | Subscription status, plan, billing cycle, invoice, and payment-provider identifiers, Billing amounts, currency, payment dates, invoice links, and billing history, Payment webhook and support metadata needed to process billing events | To manage subscriptions, invoices, payment-related support, and compliance obligations |
| Notification Data | Device and push-subscription information, Notification preferences, scheduling details, delivery status, and message content | To send reminders and product notifications when notifications are enabled |
| Usage and Analytics Data | Page views, route visits, feature interactions, and marketing-site engagement, Analytics identifiers and event properties from tools such as PostHog and Statsig, Referral, campaign, and Timelight quiz interaction data | To understand product usage, improve the service, and measure marketing-site engagement |
| Device and Technical Data | IP address, user agent, browser, operating system, and device information, Request, response, performance, error, and diagnostic information, Local browser storage used to preserve app state, preferences, and sync continuity | To operate, secure, troubleshoot, and preserve app state and sync continuity |
Data Retention
We retain your data for the following periods:
| Category | Retention period |
|---|---|
| Account Data | Retained while an account is active and deleted or anonymized upon account deletion, subject to legal, security, backup, and support obligations |
| Authentication and Security Data | Retained for limited security, fraud-prevention, troubleshooting, and account-protection windows |
| Task and Planning Data | Retained while an account is active and deleted or anonymized upon account deletion, subject to legal, security, backup, and support obligations |
| Calendar and Connected Integration Data | Retained while integrations are connected and deleted or anonymized upon account deletion, subject to legal, security, backup, and support obligations |
| Billing Data | Retained as needed for billing operations, accounting, dispute handling, and legal or tax compliance |
| Notification Data | Retained while notifications are enabled and as needed for delivery, then removed or deactivated |
| Usage and Analytics Data | Retained according to configured analytics, logging, security, and troubleshooting retention settings |
| Device and Technical Data | Retained until sign-out, cache/version invalidation, manual clearing, browser-managed eviction, or configured logging retention limits |
Cookies and Tracking
We use the following types of cookies and tracking technologies:
| Category | Lawful basis |
|---|---|
| Essential cookies: required for the service to function | Performance of a contract (Article 6(1)(b)) |
| Analytics cookies: help us understand how the service is used | Legitimate interests (Article 6(1)(f)) |
Third-Party Services
We share data with the following third-party services:
| Service | Purpose | Privacy policy |
|---|---|---|
| Amazon Web Services (AWS) | Service provider for cloud infrastructure, backend hosting, and database hosting | View |
| Vercel | Service provider for web application hosting, edge delivery, and platform operations | View |
| Stripe | Payment provider for subscription billing, checkout, customer portal, and payment-related webhook processing | View |
| Google (OAuth and Calendar APIs) | Connected account provider for sign-in, identity data, and calendar synchronization | View |
| PostHog | Product analytics and event tracking across showcase and web app experiences | View |
| Statsig | Feature flagging, experimentation, and product analytics/autocapture | View |
| OneSignal | Push notification delivery and messaging infrastructure | View |
Your Rights
You have the following rights regarding your personal data:
- Right to access your personal data
- Right to request deletion of your data
- Right to opt out of the sale of your personal information
- Right to non-discriminatory treatment for exercising your rights
California Privacy Rights (CCPA)
If you are a California resident, you have the following additional rights:
- Right to Know: You may request disclosure of the personal information we collect, use, and share about you.
- Right to Delete: You may request deletion of personal information we have collected about you.
- Right to Opt-Out: You may opt out of the sale of your personal information.
- Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
Submitting requests. To exercise any of these rights, contact us using one of the methods below. We will respond within the timeframes required by CCPA §1798.130.
- Email: privacy@agendacraft.ai
What We Do Not Do
- We do not sell personal information.
- We do not use sensitive personal information to infer characteristics about you.
- We do not knowingly collect personal information from children under 13.
Contact Us
- Legal Name: AgendaCraft
- Address: Maryland, United States
- Email: privacy@agendacraft.ai