Privacy Policy

Monkey GroupMeet

Effective date: March 25, 2026

Contact: david@monkeyai.io

This Privacy Policy explains how Monkey GroupMeet ("Monkey GroupMeet," "we," "our," or "us") collects, uses, discloses, and protects personal information when you use our website, applications, and related services that help users schedule group meetings (collectively, the "Services"). By using the Services, you acknowledge the practices described in this Privacy Policy.

1. Information We Collect

• Account and profile information (e.g., name, email address, profile photo, time zone).
• Scheduling information (e.g., availability preferences, booking links, event names, invitee responses, meeting descriptions).
• Calendar and contact data if you connect an integration (e.g., busy/free times, event metadata, participant names and emails) as needed to schedule meetings.
• Communications and support information (e.g., messages, survey responses, bug reports).
• Payment and billing information for paid plans (processed by our payment provider).
• Device, usage, and log information (e.g., IP address, browser type, device identifiers, pages viewed, timestamps, diagnostic data).
• Cookies and similar technologies used to remember preferences, keep you signed in, and improve performance.

2. How We Use Information

• Provide and maintain the scheduling platform and its features.
• Personalize the experience (e.g., time zone, meeting preferences).
• Process transactions, subscriptions, and plan administration.
• Respond to inquiries and provide customer support.
• Monitor and analyze usage trends and product performance.
• Prevent fraud, abuse, spam, and unauthorized access.
• Comply with legal obligations and enforce our terms and policies.

3. Legal Bases for Processing

Where required by law, we process personal information based on your consent, performance of a contract, compliance with legal obligations, and our legitimate interests (operating, improving, and securing the Services).

4. How We Share Information

• With service providers that help operate the Services (e.g., hosting, analytics, support, email, payments, security).
• With integrations you choose to connect (e.g., calendars, conferencing) as necessary to provide requested functionality.
• With other users or invitees where sharing is inherent to scheduling (e.g., participant names, booking details).
• With professional advisers, auditors, insurers, or legal counsel where reasonably necessary.
• In connection with a business transaction (e.g., merger, acquisition, asset sale).
• When required by law or to protect rights, safety, or the integrity of the Services.

5. Data Retention

We retain personal information as long as reasonably necessary to provide the Services and for the purposes described in this Policy, including legal, security, and operational needs. If you delete your account, we will delete or de‑identify your information within a reasonable period unless retention is required or permitted by law.

6. Your Choices and Rights

Depending on your location, you may have rights to access, correct, update, delete, restrict, or object to certain processing, and to data portability. You may also withdraw consent where applicable. Manage account information in‑product, or contact us at the email above to exercise rights not available in‑product (we may need to verify your identity).

7. Cookies and Similar Technologies

We and our service providers use cookies, local storage, pixels, and similar technologies to operate the Services, maintain session state, remember preferences, and measure effectiveness. You can control cookies through your browser settings, but disabling certain cookies may affect functionality.

8. International Data Transfers

Your information may be stored and processed in countries other than your own. Where required, we use appropriate safeguards (such as contractual protections) to protect cross‑border transfers.

9. Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information. No method of transmission or storage is completely secure. You are responsible for keeping your credentials confidential and notifying us of suspected unauthorized access.

10. Children’s Privacy

The Services are not directed to children where parental consent is required. We do not knowingly collect personal information from children in violation of applicable law. If you believe a child provided information improperly, contact us so we can review and take appropriate action.

11. Third‑Party Services

The Services may link to or integrate with third‑party products (e.g., calendars, video platforms, payments). Their privacy practices are governed by their own policies, not this one. Please review their policies as applicable.

12. Region‑Specific Disclosures

Depending on where you live (e.g., EEA, UK, California, Canada), you may have additional rights or disclosures under applicable law. Where required, we will provide those disclosures and honor eligible requests.

13. Changes to This Policy

We may update this Policy from time to time. If we make material changes, we may provide notice through the Services or other appropriate means. The updated version is effective as of the date at the top.

14. Contact Us

If you have questions or requests about this Policy or our practices, contact: David Yang, Monkey, david@monkeyai.io.

15. Google User Data and API Services Disclosure

If you choose to connect a Google account, Monkey GroupMeet requests access to your basic profile (email, profile) for authentication and to your Google Calendar (https://www.googleapis.com/auth/calendar) to create meeting events on your behalf when you finalize a time. We do not use Google data for advertising, and we do not read or store your other calendar contents beyond the data needed to create and manage the event you request.

To maintain your connection, we securely store OAuth access and refresh tokens. These tokens are used only to perform user‑initiated actions (e.g., creating calendar events) and are not shared or sold.

Use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We do not allow human access to Google user data except as necessary to investigate abuse, comply with law, or with your explicit consent.

You may revoke Monkey GroupMeet’s access to your Google account at any time at https://myaccount.google.com/permissions. To request deletion of your account and associated data (including stored OAuth tokens), contact david@monkeyai.io. We will delete or de‑identify your information within a reasonable period unless retention is required by law.