This Privacy Policy explains how TimeVerse Inc. (“TimeVerse,” “we,” “us,” “our”) collects, uses, shares, and protects personal information when you use our AI-powered scheduling platform and related websites, applications, and services (collectively, the “Service”). By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy.

1. Information We Collect

We collect four main types of data:

a. Identifiers – name, email address, password, company, role. Provided by you when you create an account.

b. Scheduling Data – event titles, times, locations or video links, invitee details, notes. Created or imported by you while using the Service.

c. Connected-Account Data – calendar events, free-busy status, CRM contacts, conferencing links. Pulled through APIs after you authorize an integration.

d. Technical Data – IP address, browser type, device ID, activity logs, cookies. Collected automatically when you interact with the Service.

We cache external-calendar data only as long as needed to calculate availability and never store more than required.

2. How We Use Information

• Service delivery – authenticate you, create or update events, send invitations and reminders, sync with connected apps.
• AI assistance – generate automated scheduling suggestions using only the minimum data required, with vendors contractually barred from reusing your data to train their models.
• Improvement and analytics – analyze aggregated or de-identified usage data to troubleshoot problems and enhance features.
• Security and fraud prevention – detect suspicious activity, enforce our Terms of Use, and protect users.
• Legal compliance – meet legal obligations and keep required records.

Our lawful bases under the EU GDPR and UK GDPR include performance of contract, legitimate interests, consent, and compliance with law.

Google API Limited-Use Disclosure
TimeVerse’s use of information received from Google APIs, including Google Calendar, will comply with the Google API Services User Data Policy, including the “Limited use of user data” requirement of the Workspace API User Data and Developer Policy (for Workspace APIs) and the “Limited use of user data” requirement of the Photos API User Data and Developer Policy (for Photos APIs).

We access Calendar data only to authenticate your identity, display availability, and create or modify events that you explicitly manage through the Service. We do not use this data for advertising, we do not sell or share it with unaffiliated parties, and we do not permit human access to it except with your consent, for security or compliance purposes, or as required by law. We do not use Google Calendar data to train generalized AI or machine-learning models. Cached Calendar data is retained only as long as needed to provide the scheduling features described in this Policy and is deleted as outlined in Section 5.

3. How We Share Information

Service providers – hosting, email delivery, payments, AI inference, support tools, all bound by confidentiality, encryption, and least-privilege access controls.

Integrated services – calendars, CRMs, email, conferencing platforms. We share data only as you direct, and each service handles that data under its own privacy policy.

Analytics vendors – receive usage statistics after IP truncation and under strict data-processing agreements.

Business transfers – if we merge, sell assets, or enter bankruptcy, the successor must honor this Policy.

Legal authorities – we disclose information only when required to comply with subpoenas, court orders, or other lawful requests, and we limit disclosures to the minimum necessary.

We do not sell or share personal information for cross-context behavioral advertising.

4. International Transfers

When we use global cloud providers or sub-processors, data may be transferred outside your jurisdiction. We rely on Standard Contractual Clauses or equivalent safeguards and audit each sub-processor for compliance. A current list of sub-processors and a pre-signed Data Processing Agreement are available at https://timeverse.ai/legal.

5. Data Retention

• Account data is kept while your account remains active.
• Event data is stored until you delete the event or close your account.
• Integration tokens are deleted as soon as you disconnect the integration.
• Logs are rotated or anonymized on a rolling schedule that never exceeds 90 days.
• Encrypted backups are purged within 90 days after the primary deletion.

After these periods, data is securely deleted or irreversibly anonymized.

6. Security

We protect data using TLS in transit, AES-256 encryption at rest, role-based access controls, regular patching, yearly penetration tests, and a documented incident-response plan. If a data breach occurs, we will notify affected users and regulators without undue delay and within any legally required timeframe.

Your responsibilities: use a strong, unique password, enable multi-factor authentication where available, and alert us immediately if you suspect unauthorized access.

7. Your Rights

• Access and correction – log in to your account or email privacy@timeverse.ai.
• Portability – request a CSV or JSON export of your data.
• Deletion – delete your account in settings or email us.
• Marketing opt-out – click “unsubscribe” in any marketing email.

We verify your identity before fulfilling requests.

8. United States State Privacy Rights

Residents of California, Virginia, Colorado, Connecticut, Utah, Florida, Montana, Tennessee, and Texas can know, correct, delete, and opt out of specific data processing. Send requests to privacy@timeverse.ai with the subject “State Privacy Request”.

9. GDPR and UK GDPR Rights

If you are in the European Economic Area or the United Kingdom, you may access, rectify, erase, restrict, or object to processing and request data portability. You can also lodge a complaint with your supervisory authority. Contact our EU representative at eu-rep@timeverse.ai or our UK representative at uk-rep@timeverse.ai.

10. Nevada Residents

We do not sell personal information. Nevada residents may request to join our “do not sell” list by emailing privacy@timeverse.ai with the subject “Nevada Opt-Out”.

11. Children’s Privacy

The Service is not directed to children under 13, and we do not knowingly collect their data. If you believe a child has provided us personal information, contact us and we will delete it.

12. Changes to This Policy

We may update this Policy as our practices or legal requirements change. We will post the revised Policy with a new effective date and, for material changes, give at least 30 days’ advance notice by email or in-app message. Continued use after the effective date constitutes acceptance of the revised Policy.

13. Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of the State of Texas. Any dispute will be resolved exclusively in the state or federal courts located in Travis County, Texas. You consent to those courts’ personal jurisdiction.

14. Contact Us

TimeVerse Inc. – Privacy Team
10900 Stonelake Boulevard, Building 2, Suite 100, Austin, TX 78759
Email: privacy@timeverse.ai

We strive to respond within a few business days. If we do not resolve your concern, you may contact your state Attorney General or another relevant authority.

Thank you for trusting TimeVerse with your scheduling needs. We remain committed to protecting your privacy and keeping our practices transparent.