The General Data Protection Regulation (GDPR) went into effect on May 25, 2018. It provides data subjects (Calendly users and Calendly invitees) privacy rights and greater transparency into and control over how companies, like Calendly, use their personal data.
How does Calendly uphold these data rights and comply with other provisions of the GDPR?
The right to be informed |
Your invitees have a right to know about what, why, and how data about them is collected and processed. Calendly informs your invitees through our Terms of Use, Data Processing Addendum, and Privacy Policy, as well as in articles and educational resources. |
The right of access |
If requested by an EU citizen, you have an obligation as a data controller under GDPR to inform your invitee (often referred to as "data subjects") what personal data is being held and for what purposes. To fulfill this request, you can export your meeting details, filter, and provide the resulting data to your invitee. |
The right to rectification ('right to correction') |
If an invitee contacts you regarding an inaccuracy in their email address for an upcoming meeting, you can edit it from your Meetings page. Just click the "details" section for your upcoming meeting then click on the pencil icon to edit. For other requests regarding personal data that needs to be corrected, please contact us. |
The right of erasure (the 'right to be forgotten') |
You can submit a data deletion request to delete invitee data from your account. To review the instructions, check out this article. |
The right to restrict processing |
Please contact us and we will do our best to comply with your invitee's objection. Please note that this may require deletion of their data, as we process data to provide the Calendly service to both you and your invitees. |
The right to data portability |
To fulfill this request, you can export your meeting details, filter, and provide the resulting data to your invitee. |
The right to object |
For Calendly invitees (who are not also Calendly users), please be assured that we do not use the email addresses that they provide when scheduling a meeting for any marketing or promotional purposes. Your EU invitees can withdraw consent from the use of cookies at any time. To learn more, please visit our Cookies FAQ. If you integrate Calendly to share invitee information with another application, we designate invitees in GDPR countries as "transactional contacts" so their information is only used to send information about orders, shipments, test message, etc., unless they explicitly opt-in to future, marketing-related emails. |
Automated decision-making and profiling |
Calendly does not make decisions that have a legal (or similar effect) on you or your invitees via automatic processing. |