Privacy Policy

Last updated: 26 November 2025

Korekko helps independent professionals manage bookings, leads, reminders, payments and calendars in one place. We take your privacy seriously and collect only the minimum data needed to provide the service.

Information We Collect

• Account details: name, email, phone number, and provider slug.
• OAuth data (Google): we only access information you explicitly approve during sign in or calendar connection.
• For Google Calendar integrations, Korekko only uses:
  • calendar.readonly to view busy and free blocks.
  • calendar.events (optional) to create or update events that Korekko itself creates.
• Booking and lead information that you create inside Korekko.

Google Calendar Data Use

Korekko only requests access to your Google Calendar to read free and busy availability. We never read or store event titles, descriptions, attendees, locations, meeting links, or attachments. Korekko only uses the start and end timestamps of events to help prevent schedule conflicts, enable quiet hours, and provide availability based insights. Korekko does not export or share this calendar data with any third party services. You may revoke access at any time from your Google Account permissions page.

What Korekko Reads from Google Calendar

To prevent schedule conflicts and show availability based reminders, Korekko reads only busy and free time intervals. Specifically:

• Event start time
• Event end time

Korekko does not read:

• Event titles
• Descriptions or notes
• Attendees
• Meeting links
• Locations
• Attachments
• Any private metadata

What We Do Not Access

• No access to Gmail or email message bodies.
• No access to Contacts or Drive files.
• No cross account matching or scraping.

How We Use Your Data

• To authenticate your account via Supabase.
• To show availability, reminders, and calendar insights.
• To send optional notifications (WhatsApp, email, SMS).

Token Security and Revocation

• All Google OAuth tokens are stored encrypted server side.
• Tokens are never shared with third parties.
• You may revoke access at any time from your Google Account permissions page.

Third Party Services

We use Supabase for authentication and secure session management. Google Calendar access, if granted, is handled only using the official Google Calendar API.

Data Retention

You can request deletion of your account and associated data anytime by emailing team@korekko.com.

Contact Us

For questions about this policy, write to team@korekko.com.