Privacy Policy

Last updated: March 19, 2026

PhantomCalendar is a calendar management tool that generates fake events to protect your time and prevent unwanted meeting requests. Here's exactly what we collect, why, and how we handle it.

What We Collect

• Account info: Your name and email address, provided when you sign up.
• Google account info: When you sign in with Google, we receive your name, email, and profile picture from Google OAuth.
• Google Calendar data: With your explicit permission, we read your existing calendar events to check for conflicts before generating fake events, and write new fake events to your calendar.
• Usage data: How many events you've generated, your subscription tier, and basic app activity. No third-party analytics trackers.

Google Calendar OAuth Scopes

When you connect your Google Calendar, we request the following permissions:

• Read access (calendar.readonly) — to check your existing events and avoid scheduling conflicts.
• Write access (calendar.events) — to add generated fake events directly to your calendar.

We only access the calendar you explicitly connect. We do not read, store, or share the contents of your real calendar events — we only check for time conflicts.

Why We Collect It

• Name & email: To create and manage your account.
• Calendar read access: To prevent fake events from overlapping with your real commitments.
• Calendar write access: To add fake events on your behalf — that's the whole product.

What We Don't Do

• We do not sell your data to anyone.
• We do not store the contents of your real calendar events.
• We do not share your information with third-party advertisers.
• We do not use your data to train AI models.

Data Storage & Security

Your data is stored in a secure PostgreSQL database. OAuth tokens are encrypted at rest using AES-256. We use HTTPS everywhere. Access to production data is strictly limited.

Third-Party Services

• Google OAuth: Used for sign-in and calendar access. Subject to Google's Privacy Policy.
• Stripe: Used for payment processing. We never see or store your card details. Subject to Stripe's Privacy Policy.
• OpenAI: Used to generate fake event titles and descriptions. We send only the minimum context needed (your industry, role, and time slot). No personal identifiers are sent to OpenAI.

Deleting Your Account & Data

You can delete your account at any time. Email us at privacy@phantomcalendar.com and we'll permanently delete your account and all associated data within 7 days. You can also revoke Google Calendar access at any time from your Google account permissions page.

Contact

Questions about privacy? Email privacy@phantomcalendar.com.

This policy applies to phantomcalendar.com and any associated services.