Viewday
Start Free

Privacy Policy

Effective date: 24 Aug 2025
Last updated: 26 Aug 2025

1. Data We Collect

We only collect the data necessary to provide our service:

  • Google Calendar data: essential event details needed to render read-only embeds (e.g., title, start/end, all-day, location, description, color, last updated) via the Google Calendar API.
  • Account information: your Google email address and OAuth tokens to connect your account.
  • App usage data: limited technical information (e.g., error logs and service status).

We do not collect your Google password or unrelated Google data (like emails or contacts).

2. How We Use Your Data

  • Render read-only calendar embeds that you can place in your Notion pages.
  • Discover calendars you choose to link and keep embeds up to date using incremental updates and push notifications.
  • Provide account management, support, and reliability monitoring.

We never sell your data to third parties.

3. Where Your Data is Stored

  • Your data is stored in Supabase (managed Postgres and Realtime) and served via Vercel.
  • Data is encrypted in transit (TLS). Our infrastructure providers encrypt data at rest.
  • We do not store your Google password.

4. Data Retention

We retain cached calendar data only while your account remains connected and your embeds are active.

If you disconnect your Google account, delete your Viewday account, or remove an embed’s connected calendar, OAuth tokens and all cached event data is deleted from our databases right away.

You can disconnect and delete data from your dashboard at any time.

5. Your Rights (GDPR)

If you are based in the European Economic Area (EEA), you have the right to:

  • Access the data we store about you
  • Correct inaccurate or incomplete data
  • Delete your data at any time (“right to be forgotten”)
  • Export your data in a machine-readable format
  • Object to processing or withdraw consent at any time

To exercise these rights, contact us at privacy@viewday.app.

6. Legal Basis for Processing (GDPR)

  • Consent: when you connect your Google account to Viewday.
  • Contract: to deliver the service you signed up for.
  • Legitimate interest: to maintain the security and functionality of our app.

7. Security

  • Transport security: all traffic uses TLS.
  • At rest: our infrastructure providers encrypt data at rest.
  • Tokens: OAuth tokens are stored securely and access-controlled. We are rolling out additional application-layer encryption for tokens; this page will be updated when live.
  • Access controls and monitoring protect against unauthorized access.

8. Third-Party Providers

We rely on the following trusted providers:

  • Google Calendar API (read-only access to calendars and events)
  • Google push notifications (webhooks) for change detection
  • Supabase (database, authentication, and Realtime broadcasting)
  • Vercel (app hosting)

Notion is not a processor of your Google Calendar data; you paste public embed links into your Notion pages.

9. Contact Us

If you have questions or concerns about your data, please contact us: privacy@viewday.app.

If you are in the EU and believe we have not addressed your concerns, you have the right to lodge a complaint with your local Data Protection Authority (DPA).