Caltsu Logo
Caltsu

GDPR Compliance

Last updated: 2025-09-01

Caltsu is committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR).

1. Your Rights Under GDPR

As an EU resident, you have the following rights regarding your personal data:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing of your personal data
  • Rights in Relation to Automated Decision Making: Protection against automated profiling

2. Lawful Basis for Processing

We process your personal data under the following lawful bases:

  • Contractual necessity: To provide our calendar synchronization service
  • Legitimate interests: To improve our service, ensure security, and provide support
  • Consent: For marketing communications (where applicable)

3. Data We Collect

  • Account Information: Email address, name, authentication tokens
  • Calendar Data: Event metadata based on your sync rules and privacy settings
  • Usage Data: Service logs, sync operations, and error reporting
  • Technical Data: IP address, device information, browser type

4. How We Protect Your Data

  • Encryption: All data is encrypted in transit (TLS) and at rest
  • Access Controls: Strict access controls and authentication requirements
  • Regular Audits: Security reviews and vulnerability assessments
  • Data Minimization: We only collect data necessary for our service

5. Data Sharing & Transfers

  • Third Parties: We only share data with trusted processors under strict agreements
  • International Transfers: Data may be transferred outside the EU with appropriate safeguards
  • No Selling: We never sell your personal data to third parties

6. Data Retention

  • Account Data: Retained until you delete your account
  • Calendar Data: Cached only as long as needed for synchronization
  • Logs: Stored for up to 90 days for troubleshooting and security

7. Exercising Your Rights

To exercise any of your GDPR rights, contact us at:

Email: privacy@caltsu.com
Response Time: We will respond within 30 days

Please include:

  • Your full name and email address
  • Clear description of your request
  • Proof of identity (if required)

8. Data Protection Officer

For data protection matters, contact our Data Protection Officer:

Email: dpo@caltsu.com

9. Supervisory Authority

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local supervisory authority.

10. Changes to This Notice

We may update this GDPR notice from time to time. We will notify you of significant changes via email or through our service.

Effective date: 2025-09-01