Calendarific logo

Privacy Policy

Last Updated: February 26, 2026

This Privacy Policy describes how HATCHSQUARE Technologies LLC ("Company", "we", "us", or "our"), the operator of calendarific.com ("Site") and the Calendarific API ("API"), collects, uses, stores, shares, and protects information obtained from users ("you" or "User") of the Site, API, and all related products and services (collectively, the "Services"). By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, you must discontinue use of our Services immediately.

1. Information We Collect

1.1. Information You Provide to Us

We collect information that you voluntarily provide when using our Services, including:

  • Account Information: Name, email address, mailing address, and company name provided during account registration;
  • Payment Information: Billing address and payment details. Payment transactions are processed by our third-party payment processors (Stripe and PayPal) and we do not store full payment card numbers on our servers;
  • Communications: Information you provide when contacting our support team or submitting feedback.

1.2. Information Collected Automatically

When you access our Services, we automatically collect certain information, including:

  • Log Data: IP address, browser type and version, operating system, referring URLs, pages visited, and date and time of access;
  • API Usage Data: API key identifiers, endpoints accessed, request timestamps, request volume, response codes, and error rates;
  • Cookies: Session and authentication cookies, and analytics cookies (see Section 7).

1.3. Information from Third Parties

We may receive information about you from payment processors (transaction confirmations and billing disputes) and analytics providers (aggregated usage statistics).

2. How We Use Your Information

We use the information we collect to:

  • Operate, maintain, and improve the Site and API;
  • Create, manage, and authenticate your account;
  • Process payments and manage subscriptions;
  • Analyze API usage patterns, diagnose technical issues, and enforce rate limits;
  • Detect, prevent, and respond to fraud, abuse, and violations of our Terms of Service;
  • Send transactional emails (order confirmations, account notifications, security alerts);
  • Comply with applicable laws and enforce our agreements.

3. How We Share Your Information

We do not sell, rent, or trade your personal information. We share your information only in the following circumstances:

3.1. Service Providers

We share information with third-party providers who perform services on our behalf:

  • Payment Processors: Stripe (privacy policy) and PayPal (privacy policy);
  • Hosting and Infrastructure: Cloud service providers that host our Site and API;
  • Analytics: Google Analytics for understanding Site usage.

These providers are contractually obligated to use your information only for the purposes of providing services to us.

3.2. Legal Requirements

We may disclose your information if required by law, subpoena, court order, or governmental request, or when necessary to protect the rights, property, or safety of the Company, our users, or the public.

3.3. Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Site of any change in ownership.

3.4. Aggregated Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you for research, analytics, and other purposes.

4. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer period is required by law:

  • Account Information: Duration of your account plus ninety (90) days following deletion or termination;
  • Payment Records: Seven (7) years to comply with tax and financial reporting obligations;
  • API Usage Logs: Up to twelve (12) months for security and abuse prevention;
  • Support Correspondence: Up to three (3) years following resolution.

When personal information is no longer necessary, we will securely delete or anonymize it.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including encryption of data in transit (TLS/SSL), encryption of sensitive data at rest, access controls on a need-to-know basis, and monitoring for unauthorized access attempts.

No method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

5.1. Data Breach Notification

In the event of a data breach likely to result in a risk to your rights and freedoms, we will notify affected users without undue delay and no later than seventy-two (72) hours after becoming aware of the breach, where feasible. We will also notify the relevant supervisory authority as required by applicable law.

6. API-Specific Privacy Provisions

If you access our Services through the API:

  • We collect and log API request metadata (API key identifier, endpoints accessed, timestamps, IP addresses, request volume, and response codes) for security monitoring, abuse prevention, rate limit enforcement, and service improvement;
  • API usage data may be used to detect and prevent violations of our Terms of Service and Acceptable Usage Policy;
  • We do not collect or store the content of API responses delivered to you beyond what is necessary for logging and debugging; and
  • You are responsible for the privacy and security of any data you collect, process, or store using data obtained through our API, and your use of such data must comply with all applicable privacy laws.

7. Cookies

Our Site uses the following cookies:

  • Essential Cookies: Session and authentication cookies required for you to log in and use your account. These cannot be disabled;
  • Analytics Cookies: Google Analytics cookies that help us understand how visitors use our Site. These collect information anonymously.

You can control cookies through your browser settings. Disabling essential cookies may prevent you from using the Site. For more information, visit www.allaboutcookies.org.

8. Your Privacy Rights

You have the following rights regarding your personal information. To exercise any of these rights, contact us at support@calendarific.com with the subject line "Privacy Rights Request".

8.1. All Users

  • Access: Request a copy of the personal information we hold about you;
  • Correction: Request that we correct inaccurate or incomplete information;
  • Deletion: Request that we delete your personal information, subject to legal exceptions;
  • Opt-Out of Marketing: Opt out of marketing emails at any time by clicking "unsubscribe" or by contacting us.

8.2. EEA/UK Users (GDPR)

If you are located in the European Economic Area or UK, we process your personal data under the following lawful bases: performance of a contract (providing our Services), legitimate interests (improving Services, preventing fraud, security), consent (marketing communications), and legal obligation. You additionally have the right to:

  • Data Portability: Receive your personal data in a structured, machine-readable format;
  • Restrict Processing: Request restriction of processing in certain circumstances;
  • Object: Object to processing based on legitimate interests;
  • Withdraw Consent: Withdraw consent at any time without affecting the lawfulness of prior processing;
  • Lodge a Complaint: File a complaint with your local data protection supervisory authority.

We will respond to GDPR requests within thirty (30) days.

8.3. California Residents (CCPA/CPRA)

If you are a California resident: we do not sell or share your personal information for cross-context behavioral advertising. You have the right to know what personal information we collect and how it is used, request deletion, request correction, and exercise these rights without discrimination. We will respond to verified requests within forty-five (45) days.

9. International Data Transfers

Your personal information is processed in the United States. If you are located outside the United States, the data protection laws of the US may differ from those of your jurisdiction. For transfers from the EEA or UK, we rely on Standard Contractual Clauses (SCCs) and data processing agreements with appropriate data protection obligations.

10. Children's Privacy

Our Services are not directed to individuals under sixteen (16). We do not knowingly collect personal information from children. If we become aware of such collection, we will delete the information promptly. Contact us at support@calendarific.com if you believe a child has provided us with personal information.

11. Changes to This Privacy Policy

We may update this Privacy Policy at any time. When we make material changes, we will update the "Last Updated" date above and notify you by email or by posting a prominent notice on our Site. Where required by law, we will obtain your consent before implementing material changes. Your continued use of the Services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, contact us at:

HATCHSQUARE Technologies LLC
Email: support@calendarific.com
Website: https://calendarific.com

For privacy-specific inquiries, include "Privacy" in the subject line.