Privacy Policy

Controller within the meaning of Art. 4 No. 7 GDPR:
PPJ Venture Labs UG (haftungsbeschränkt)
Hohenzollernstraße 30, 80801 Munich, Germany
Email: paul@kalender-sync.de
Phone: +49 174 3361564

Calendar synchronization (core service): Kalender Sync synchronizes only free/busy availability between your calendars. No event details (titles, attendees, notes, locations, descriptions) are transferred or permanently stored. We process:

• Your email address (for account creation and login)
• OAuth tokens for Google and Microsoft (we never see your password)
• Encrypted app-specific passwords for iCloud/KSuite (ChaCha20-Poly1305)
• Calendar metadata (calendar names, IDs, colors)
• Event time slots and free/busy status only
• Stripe customer ID and subscription ID (we never see or store your payment details)

Website: When you visit our website, we process server log data (IP address, browser type, requested page, timestamp). If you consent, we use Google Analytics for anonymous usage statistics.

Contact form and emails: When you contact us, we process your name, email address, and message content to respond to your inquiry.

• Art. 6(1)(b) GDPR — Performance of contract: Processing your calendar data is necessary to provide the synchronization service.
• Art. 6(1)(a) GDPR — Consent: Google Analytics (analytics), Microsoft Advertising UET and Google Ads (marketing) are only activated with your explicit consent via our cookie banner.
• Art. 6(1)(f) GDPR — Legitimate interest: Server logs for security and error diagnosis.

• Hetzner Online GmbH (Nuremberg, Germany) — Server hosting. All data is stored and processed in Germany. Data processing agreement in place.
• Netlify Inc. (USA, EU-US Data Privacy Framework) — Hosting of the marketing website (kalender-sync.de). No personal data from the app is processed here. All connections served exclusively over TLS 1.2+ with AEAD ciphers (ChaCha20-Poly1305 / AES-GCM) and forward secrecy; HSTS with preload enabled (max-age 2 years). Technical and organisational measures of the Kalender Sync app (encryption at rest, OAuth scopes, sub-processors) are documented at For IT admins.
• Brevo (Sendinblue) (Paris, France) — Transactional emails (login codes, sync notifications). Data processing agreement in place.
• Stripe, Inc. (USA, EU-US Data Privacy Framework + SCCs) — Payment processing for subscriptions. Stripe processes your payment data directly; we only store the Stripe customer ID and subscription ID. Stripe Privacy Policy.
• Google LLC (USA, SCCs) — Google Calendar API for reading/writing calendar data.
• Microsoft Corporation (USA, SCCs) — Microsoft Graph API for reading/writing calendar data.
• Apple Inc. (USA, SCCs) — Apple iCloud CalDAV for reading/writing calendar data.
• Google Analytics (optional, consent-based) — Anonymous website usage statistics. IP anonymization enabled. Only activated with explicit consent.
• Microsoft Advertising (UET + Offline Conversion API) (Redmond, USA, EU-US Data Privacy Framework) — Conversion tracking for our ads on Bing. Only activated with explicit marketing consent. For conversion events (signup, trial start, paid subscription), we send a SHA-256 hash of your email to Microsoft (Enhanced Conversions) so the conversion can be matched even when browser cookies don't permit it. The hash is computed in your browser or on our server; your email never leaves us in plaintext. If you arrived via a Bing ad, the Microsoft click ID (msclkid) is stored on your account (first-touch attribution, max. 90 days) and sent server-side at the moment of paid subscription so Microsoft can attribute the revenue to the original click. The msclkid is deleted from our database if you withdraw marketing consent or delete your account.
• Google Ads (Dublin, Ireland / Mountain View, USA, EU-US Data Privacy Framework) — Conversion tracking for our ads on Google Search, Google Display Network and YouTube. Only activated with explicit marketing consent. For conversion events (signup, trial start), we send a SHA-256 hash of your email to Google (Enhanced Conversions for Web) so the conversion can be matched even when browser cookies don't permit it. The hash is computed in your browser; your email never leaves us in plaintext. If you arrived via a Google ad, the Google click identifier (gclid for web, gbraid/wbraid for iOS and web-to-iOS under Apple's Restricted Data Processing) is stored on your account (first-touch attribution, max. 90 days). Stored identifiers are deleted from our database if you withdraw marketing consent or delete your account.
• First-touch source attribution (UTM parameters & referrer) — When you arrive via a marked marketing link (UTM parameters such as utm_source, utm_medium, utm_campaign, utm_term, utm_content) or from a referring website (document.referrer), we record this source information to evaluate the effectiveness of our acquisition channels (search, newsletter, referrals). On the landing page the values are held in memory only and inserted into CTA links to the application — no cookies, localStorage or sessionStorage on the landing. In the application the values are kept temporarily in sessionStorage (max. 24 hours) until you have registered and consented to marketing tracking; only then are they stored server-side on your account (first-touch attribution, max. 90 days). No transmission to third parties. Values are deleted from our database if you withdraw marketing consent or delete your account.
• YouTube (embedded videos, enhanced privacy mode) (Google Ireland Ltd., Dublin, Ireland / Google LLC, USA, EU-US Data Privacy Framework) — We embed videos from YouTube using the enhanced privacy mode (youtube-nocookie.com). The embed is loaded only after you actively click the preview thumbnail and give your explicit consent. Before consent no YouTube script is loaded, no connection is established to YouTube servers and no cookies or local storage entries are set. After consent and play, YouTube processes IP address, device and browser information, date/time, the URL of the page and playback metadata. If you are logged in to YouTube, YouTube may associate the data with your account. We ourselves do not receive personal data from YouTube. You can withdraw consent at any time via the “Cookie settings” in the footer. See the Google Privacy Policy for details.
• Cal.com (booking widget, only after consent) (Cal.com, Inc., 530 Divisadero St #225, San Francisco, CA 94117, USA) — In the contact dialog on our website we offer the option to book a call directly via an embedded Cal.com booking widget. The widget is loaded only after you actively click “Activate booking” and give your explicit consent. Before consent no Cal.com content is loaded, no connection is established to Cal.com servers and no cookies or local storage entries are set. You can always reach us by email instead, without consent. Legal basis: Art. 6(1)(a) GDPR (consent) in conjunction with § 25(1) TTDSG, and additionally Art. 6(1)(b) GDPR for a concrete booking request. After consent, Cal.com processes your IP address, device/browser information and the data you enter in the booking form (name, email, message, chosen time slot). Transfer to the USA is based on EU Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR. You can withdraw consent at any time via the “Cookie settings” in the footer. See the Cal.com Privacy Policy for details.

We use the following cookies:

• klaro (essential) — Stores your cookie consent decision. Duration: 1 year. Provider: self-hosted.
• session (essential) — Authentication cookie for the app. Duration: session. Provider: self-hosted at Hetzner.
• _ga, _gid (optional, consent-based) — Google Analytics. Duration: _ga 2 years, _gid 24 hours. Only set with explicit consent.
• _uetsid, _uetvid, MUID (optional, consent-based) — Microsoft Advertising UET. Duration: _uetsid 24 hours, _uetvid 16 months, MUID 13 months. Only set with explicit marketing consent.
• _gcl_au, _gcl_aw, _gcl_dc (optional, consent-based) — Google Ads conversion linker. Duration: 90 days each. Only set with explicit marketing consent.

You have the right to:

• Access (Art. 15) — Request information about your stored personal data
• Rectification (Art. 16) — Correct inaccurate data
• Erasure (Art. 17) — Delete your account and all data (available in the app under Settings)
• Restriction (Art. 18) — Restrict processing of your data
• Data portability (Art. 20) — Export your data (available in the app under Settings)
• Objection (Art. 21) — Object to processing based on legitimate interest

To exercise your rights, contact us at paul@kalender-sync.de.

Your account data is retained as long as your account is active. When you delete your account, all personal data, calendar connections, sync configurations, and event mappings are permanently deleted within 24 hours. Server logs are retained for 7 days.

We provide a data processing agreement (Auftragsverarbeitungsvertrag) per Art. 28 GDPR upon request. Contact us at paul@kalender-sync.de.

You have the right to lodge a complaint with a supervisory authority. The competent authority is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18, 91522 Ansbach, Germany
Website: lda.bayern.de