Privacy Policy

How CalDuro collects, uses, and protects your information.

Last updated: July 7, 2026

1. Introduction

CalDuro, Inc. (“CalDuro”, “we”, “us”, or “our”) provides a scheduling and meeting-intelligence platform that helps individuals and teams book meetings, sync calendars, automate workflows, and capture AI-generated notes and summaries of their conversations (the “Service”). This Privacy Policy explains what personal data we collect, why we collect it, how we use and share it, and the choices and rights available to you.

This Policy applies to visitors of our marketing website, users who create a CalDuro account (“Users” or “Organizers”), and individuals who book, attend, or are otherwise invited to a meeting scheduled through CalDuro(“Invitees” or “Attendees”). By using the Service, you agree to the collection and use of information in accordance with this Policy. If you do not agree, please do not use the Service.

If you are an Invitee booking time with an Organizer, the Organizer is generally responsible for how they use CalDuro and for obtaining any consents required from you (for example, to record a meeting). We act as a data processor / service provider on the Organizer’s behalf for scheduling and meeting data, and as a data controller for account, billing, and website analytics data described below.

2. Information We Collect

We collect the following categories of information:

a. Account & Profile Information

  • Name, email address, and password (stored using one-way hashing; we never store plain-text passwords).
  • Profile details you choose to add, such as bio, avatar/profile photo, job title, company, and time zone.
  • Team or organization information if you create or join a team workspace, including your role and permissions.

b. Scheduling & Booking Data

  • Event types, availability rules, buffer times, and booking page configuration you create.
  • Attendee information submitted through booking pages, such as name, email address, phone number, time zone, and answers to any custom questions the Organizer configures.
  • Meeting metadata: date, time, duration, location or video link, cancellation and rescheduling history, and organizer notes.

c. Calendar & Video Conferencing Integrations

  • When you connect Google Calendar, Microsoft Outlook/Office 365, Apple Calendar (CalDAV), Zoom, Google Meet, or Microsoft Teams, we receive an OAuth access token/refresh token and limited calendar data (event availability, and, where you authorize it, event details) needed to check availability, create events, and generate meeting links.
  • We request the minimum scope of access required for each integration and never post to your calendar or conferencing account outside of actions you take in CalDuro.

d. Payment & Billing Information

  • If you subscribe to a paid plan, our payment processors (Stripe and/or Paddle) collect your card or payment method details directly. CalDuro does not store full payment card numbers on our servers — we retain only the customer ID, subscription ID, plan tier, and billing history needed to manage your subscription.
  • If you enable paid bookings for your event types, attendee payment information is likewise processed by Stripe on your behalf.

e. Communications & Workflow Data

  • Content of automated workflow emails, reminders, and webhook payloads that you configure to be sent to Attendees or third-party systems (e.g., Slack, HubSpot, Zapier, Mailchimp, WhatsApp) as part of your workflow automations.
  • Support requests and other correspondence you send to us.

f. Technical & Usage Data

  • IP address, browser type and version, device identifiers, operating system, referring URLs, pages viewed, and timestamps.
  • Session identifiers used for authentication: a short-lived JWT access token stored in an HTTP cookie and a refresh token stored in your browser’s local storage.
  • Cookies and local storage values used for theme preferences and essential site functionality (see Section 7).

g. Waitlist & Marketing Sign-Ups

  • If you join our waitlist or subscribe to updates, we collect your email address (and name, if provided) and store it in our marketing database (Airtable) to notify you about early access and product updates.

3. Recordings, Transcripts & AI Features

CalDuro offers, or plans to offer, AI-assisted meeting features — such as audio/video recording, live or post-meeting transcription, and AI-generated summaries and action items (“AI Meeting Features”). Where these features are enabled for a meeting:

  • Consent is required. Recording and transcribing a conversation may be regulated by wiretapping, call-recording, or data protection laws that require the consent of some or all participants (so-called “one-party” or “two-party/all-party” consent laws). The Organizer who enables recording or transcription is solely responsible for notifying attendees and obtaining any consent required by applicable law before a meeting is recorded or transcribed. CalDuro will display an in-meeting notice when AI Meeting Features are active, but this does not replace the Organizer’s legal obligations.
  • What we process. Audio, video, and/or shared-screen content of a recorded meeting; the resulting text transcript; speaker labels (where technically identifiable); and AI-generated summaries, highlights, and action items derived from that content.
  • How it’s used. Recordings and transcripts are used solely to provide the AI Meeting Features to the Organizer’s account (e.g., generating a summary, making the transcript searchable). We do not use meeting audio, video, or transcript content to train general-purpose AI models, and we do not sell this content.
  • Third-party AI processing. Transcription and summarization may be performed using third-party speech-to-text and large language model providers acting as our subprocessors under contractual confidentiality and data protection terms; they are not permitted to use your content for their own purposes.
  • Retention and deletion. Organizers can delete recordings and transcripts from their account at any time; deletion requests are processed within 30 days, subject to residual copies in encrypted backups that age out on our standard backup rotation schedule.

4. How We Use Information

We use the information we collect to:

  • Create and maintain your account and authenticate your sessions.
  • Provide core scheduling functionality: publish booking pages, check calendar availability, create and update calendar events, and generate video conferencing links.
  • Operate AI Meeting Features you or your Organizer enable, as described in Section 3.
  • Send transactional communications: booking confirmations, reminders, cancellations, receipts, and account/security notices.
  • Send workflow automation emails and webhooks that you configure.
  • Process payments and manage subscriptions, upgrades, downgrades, and cancellations.
  • Provide customer support and respond to inquiries.
  • Monitor, maintain, and improve the security, stability, and performance of the Service, including debugging and fraud/abuse prevention.
  • Analyze aggregated, de-identified usage trends to improve features and user experience.
  • Comply with legal obligations and enforce our Terms of Service.

6. How We Share Information

We do not sell your personal data. We share information only in the following circumstances:

  • With your Organizer or the Attendees you invite — scheduling and meeting details are inherently shared between the parties to a meeting.
  • Service providers and subprocessors who process data on our behalf under contractual confidentiality and security obligations, including: cloud hosting and infrastructure providers; Google Calendar, Microsoft Outlook/Office 365, Apple/CalDAV for calendar sync; Zoom, Google Meet, and Microsoft Teams for video conferencing; Stripe and Paddle for payment processing; Airtable for waitlist and marketing sign-ups; email delivery providers for transactional and workflow emails; and speech-to-text/AI providers for transcription and summarization.
  • Integrations you enable — if you connect third-party tools such as Slack, Notion, Zapier, HubSpot, Mailchimp, or WhatsApp, data you choose to sync or send via workflows is shared with those services subject to their own privacy policies.
  • Business transfers — in connection with a merger, acquisition, financing, or sale of assets, personal data may be transferred as part of that transaction, subject to standard confidentiality arrangements.
  • Legal requirements — when required to comply with applicable law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of CalDuro, our users, or the public.

7. Cookies & Similar Technologies

We use cookies and similar local storage technologies to:

  • Essential: keep you signed in (session/JWT cookies) and remember security-related settings. These cannot be disabled without affecting core functionality.
  • Preferences: remember display preferences such as light/dark theme and color mode.
  • Analytics (where enabled): understand aggregate usage of our website to improve content and performance.

Most browsers let you refuse or delete cookies through their settings. Because essential cookies are required to keep you logged in, disabling them will prevent you from using authenticated parts of the Service.

8. Data Retention

We retain personal data for as long as necessary to provide the Service and for legitimate business purposes, such as maintaining performance, complying with our legal obligations, resolving disputes, and enforcing our agreements. Specifically:

  • Account data is retained while your account is active and for a reasonable period afterward in case you reactivate it, after which it is deleted or anonymized.
  • Booking and meeting metadata is retained for as long as the associated account exists, unless deleted earlier by the Organizer.
  • Recordings and transcripts are retained per Section 3 and deleted upon Organizer request or account closure.
  • Billing records are retained for the period required by applicable tax and accounting laws.
  • Waitlist emails are retained until you unsubscribe or request deletion.

9. Security

We implement administrative, technical, and physical safeguards designed to protect personal data, including encryption of data in transit (TLS) and at rest, hashed password storage, role-based access controls, and regular security reviews of our infrastructure and third-party subprocessors. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security. If we become aware of a security incident affecting your personal data, we will notify affected users and relevant authorities as required by applicable law.

10. International Data Transfers

CalDuro is a global service, and personal data may be processed and stored in countries other than your own, including the United States, where our infrastructure and service providers operate. Where required, we rely on appropriate safeguards for such transfers, such as Standard Contractual Clauses approved by the European Commission, to ensure your personal data receives an adequate level of protection.

11. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access a copy of the personal data we hold about you.
  • Correct inaccurate or incomplete personal data.
  • Delete your personal data, subject to certain legal exceptions.
  • Restrict or object to certain processing of your personal data.
  • Receive your personal data in a portable format (data portability).
  • Withdraw consent at any time where processing is based on consent, without affecting prior processing.
  • Lodge a complaint with your local data protection supervisory authority.

To exercise any of these rights, contact us at privacy@calduro.com. We may need to verify your identity before fulfilling your request, and we will respond within the timeframe required by applicable law.

12. Additional Rights for California Residents

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”), provides you with additional rights, including the right to know what personal information we collect, use, and disclose; the right to request deletion; the right to correct inaccurate information; and the right to opt out of the “sale” or “sharing” of personal information. CalDuro does not sell or share personal information for cross-context behavioral advertising, and we do not discriminate against users who exercise their privacy rights.

13. Children's Privacy

The Service is not directed to individuals under the age of 16, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at privacy@calduro.com so we can delete it.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated version on this page and revise the “Last updated” date above. If changes are material, we will provide additional notice, such as an email or an in-app notification, before the changes take effect.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

CalDuro, Inc.

548 Market Street, PMB 62789, San Francisco, CA 94104, USA

Email: privacy@calduro.com

For questions about our Terms of Service, see our Terms of Service page.