Is Calendly GDPR compliant?

Calendly is fully committed to compliance with the General Data Protection Regulation (GDPR). We understand the importance of incorporating standards put forth by GDPR into our data practices and making sure our customers, whether citizens of the EU or businesses that use Calendly with European customers, feel secure and confident to continue using Calendly.

In response to GDPR, we have developed new features (including cookie management tools and data deletion processes), enhanced existing functionality (such as Terms of Use opt-ins), improved our documentation, and incorporated a Data Processing Addendum into our Terms of Use.

However, since GDPR is a new and broad regulation with no certification process, we have no process of verifying our compliance. Nonetheless, through our good-faith efforts, we believe we are in compliance, both now and as future developments come along.

If you integrate Calendly to share invitee information with another application, we designate invitees in GDPR countries as "transactional contacts" so their information is only used to send information about orders, shipments, test message, etc., unless they explicitly opt-in to future, marketing-related emails. 


Does Calendly have a Data Processing Addendum (DPA)?

We have incorporated a Data Processing Addendum into our Terms of Use that covers all visitors (including Calendly users who have an account with us, Calendly invitees who schedule meetings with a Calendly user, and Calendly viewers who are simply visiting the website) located in the European Economic Area, Switzerland, and the United Kingdom. There is nothing additional for you to sign or execute, and by accepting the Terms of Use, the DPA is already in place for you.

Can I get a signed version of Calendly’s Data Processing Addendum (DPA)?

Please contact us and we will be happy to process your request.