Back

Privacy Policy

Sections

OverviewData CollectionData SecurityData UsageYour RightsGoogle ComplianceGDPR & CCPAContact

Your Privacy Matters

At DeRahm, we believe that privacy is a fundamental right. This Privacy Policy explains how we collect, use, protect, and respect your personal data. We're committed to transparency and compliance with international privacy regulations including GDPR and CCPA.

Last Updated: January 2025 | Effective Date: January 15, 2025

What Data We Collect

We collect only the information necessary to provide and improve DeRahm:

Account Information

Email address, name, and profile information you provide during signup.

Calendar Data

Event titles, times, participants, and metadata from calendars you explicitly authorize. This includes read access to view your existing events and write access to create, update, and delete events that DeRahm creates on your behalf.

Usage Data

Anonymous analytics about how you use DeRahm to improve our service.

Technical Data

IP address, device type, browser information, and error logs for security and support.

Data Security & Encryption

Encryption in Transit

All data transmitted between your device and DeRahm servers is encrypted using industry-standard TLS 1.3 protocol. This prevents interception or tampering during transmission.

Encryption at Rest

Your data stored on our servers is encrypted using AES-256 encryption. Only you and authorized service providers can access your data, and encryption keys are protected with multi-factor authentication.

Security Infrastructure

Our infrastructure is hosted on secure, SOC 2 Type II compliant servers with automatic backups, intrusion detection, and 24/7 monitoring. We conduct regular security audits and penetration testing.

How We Use Your Data

We use your data only for legitimate purposes:

  • •Providing Services: To deliver calendar synchronization, event management (creating, updating, and deleting events), sharing, and collaboration features.
  • •Improvement: To analyze usage patterns and improve DeRahm's features and performance.
  • •Communication: To send you service updates, security alerts, and respond to support requests.
  • •Security: To detect and prevent fraud, abuse, and security threats.
  • •Legal Compliance: To comply with applicable laws and regulations.

We Do NOT:

Harvest, store, or sell your personal data to third parties without your explicit permission. We never monetize your data, and we don't share it with advertisers or data brokers.

Your Privacy Rights

Right to Access

You can request a copy of all personal data we hold about you.

Right to Rectification

You can correct inaccurate or incomplete information.

Right to Erasure

You can request deletion of your data, subject to legal retention requirements.

Right to Restrict Processing

You can limit how we use your data in certain circumstances.

Right to Data Portability

You can request your data in a portable format.

Right to Object

You can opt-out of non-essential processing, including marketing communications.

To exercise any of these rights, contact us at privacy@derahm.com with your request.

Google Calendar API & OAuth Compliance

DeRahm uses Google Calendar API to provide calendar synchronization and management features. Your trust in our data handling is paramount.

OAuth Scopes & Permissions

We request the minimum permissions necessary to provide our service:

  • ✓
    calendar.readonly- Read access to your calendars and their metadata
  • ✓
    calendar.events- Create, update, and delete calendar events that DeRahm creates

    This permission allows DeRahm to manage events it creates on your behalf. We only modify or delete events that were originally created through DeRahm.

What We Do With These Permissions

  • •Read your calendars: View your calendar list and event details to enable synchronization
  • •Create events: Add new events to your calendar when you create them through DeRahm
  • •Update events: Modify events that DeRahm created when you make changes
  • •Delete events: Remove events that DeRahm created when you delete them

Your Control

You maintain complete control over your Google account and can revoke DeRahm's access at any time through your Google Account security settings. When you revoke access, we immediately stop accessing your calendars and delete any cached calendar data.

Data Handling & Security

All calendar data retrieved via Google API is treated with the same industry-leading security and encryption standards as all your data on DeRahm. We cache only the minimum information necessary for synchronization and never share or sell your calendar data to third parties. Your calendar events remain private and secure.

GDPR & CCPA Compliance

GDPR (EU General Data Protection Regulation)

We comply with GDPR and provide the privacy rights outlined above. Our legal basis for processing your data is:

  • • Performance of Contract: Processing necessary to deliver DeRahm services
  • • Legitimate Interest: Improving service quality and security
  • • Consent: For marketing communications and analytics
  • • Legal Obligation: Compliance with laws and regulations

CCPA (California Consumer Privacy Act)

If you're a California resident, you have additional rights:

  • • Right to know what personal data is collected and used
  • • Right to delete personal data
  • • Right to opt-out of selling or sharing personal information
  • • Right to non-discrimination for exercising CCPA rights

We do not sell your personal information. You can exercise CCPA rights by contacting privacy@derahm.com.

Contact & Data Protection Officer

If you have questions about this Privacy Policy or your data, please contact us:

Email: privacy@derahm.com

Address: DeRahm, Inc.

Response Time: We typically respond within 30 days

Changes to this policy will be posted on this page with an updated revision date. Continued use of DeRahm after changes constitutes acceptance of the updated policy.