Privacy Policy

Formal Policy. Switchback Tech LLC ("Company", "we", "us") provides a calendar and productivity service (the "Service"). This Privacy Policy describes how we collect, use, disclose, and protect personal data when you use the Service and our websites. It applies globally to all users. For GDPR purposes, Switchback Tech LLC (USA) is the data controller.

Formal Policy. We process personal data to: (i) provide core functionality, sync, and support; (ii) secure and maintain the Service, prevent abuse, and ensure availability; (iii) perform first‑party product analytics to measure feature adoption, retention, funnels, and performance—no third‑party ad retargeting or selling; (iv) communicate service notices and updates; and (v) comply with law. Where required, we rely on consent, e.g., for optional cookies.

Formal Policy. We do not sell personal data. We disclose data to vetted subprocessors (e.g., hosting, analytics, error monitoring, email, payments) under DPAs and access controls. We may disclose to comply with law, enforce terms, or protect rights and safety. In a corporate transaction (merger, acquisition, asset transfer), personal data may be transferred subject to this Policy and successor obligations. Our current vendors are listed on our Subprocessors page.

Formal Policy. Regardless of where you live, you may request access, correction, deletion, portability, restriction, or objection to processing, and you may withdraw consent where applicable. California/CPRA: we do not “sell” or “share” personal information for cross‑context behavioral advertising; you may still exercise opt‑out rights. Submit requests via the contact details below; we will verify and respond within statutory timelines. You may lodge a complaint with a supervisory authority.

Formal Policy. We implement administrative, technical, and physical safeguards, including encryption in transit, hardened infrastructure, access controls, least‑privilege, and monitoring. If we become aware of a breach affecting your personal data, we will notify affected individuals and regulators as required by law, without undue delay, and take steps to mitigate harm.

We regularly review our security measures to address new risks and vulnerabilities.

Formal Policy. Data may be processed in the U.S. and other jurisdictions. Where required, we use appropriate safeguards such as the EU Standard Contractual Clauses (SCCs) and, where applicable, the EU‑U.S./UK‑U.S. Data Privacy Framework. For example:

• Google Cloud Platform (U.S.) — SCCs in place; copy available on request
• PostHog (U.S.) — SCCs in place; copy available on request

We assess vendor practices and implement supplementary measures as needed.

Formal Policy. We retain:

• (a) Account Data — for the life of the account and deleted within 30 days of closure, unless required by law to retain it
• (b) Calendar Content — until you delete it or close your account, then deleted within 30 days
• (c) Support/communications — up to 24 months
• (d) Analytics/diagnostics — 12–24 months in aggregated or pseudonymous form
• (e) Legal/financial records — 6–7 years (as required by law)

Please note that due to the open‑source nature of parts of our products, services, and community, we may retain limited personal information indefinitely to ensure transactional integrity and nonrepudiation. For example, if you provide information in connection with a blog post, GitHub issue, pull request, or comment, we may display that information even if you delete your account, as we do not automatically delete community posts. If you contribute to a Switchback open‑source project and include personal information in your contribution (e.g., your name or email in commit metadata), that information will be embedded and publicly displayed with your contribution and we will not be able to delete or erase it because doing so would break the project history or code. Similarly, we cannot delete copies held or controlled by third parties (e.g., Git mirrors/forks, package registries, CI logs, or search/index caches).

Formal Policy. The Service is not directed to children under 16 (or higher age as defined by local law). We do not knowingly collect personal data from children. If you believe a child has provided data, contact us; we will delete it consistent with law.

Formal Policy. We may update this Policy. We will post changes here, update the “Last updated” date, and, where material, provide additional notice (e.g., in‑app or email). Continued use after the effective date constitutes acceptance.

Formal Policy. To exercise rights or ask questions, contact:

We will verify your request and respond within statutory timelines.