1. Who We Are
PodCal ("we", "our", "us") is an open-source scheduling platform operated by Zero Limit (SASU), registered in France, with its registered office at 60 Rue François 1er, 75008 Paris, France. Our cloud service is hosted on Scaleway infrastructure in the European Union (Paris, France). Our source code is publicly available under the MIT license at github.com/zerolimit-es/solid-scheduler.
2. Our Architecture: Why It Matters for Privacy
PodCal uses a dual-storage architecture built on the Solid protocol, a decentralized data standard created by Sir Tim Berners-Lee. This means:
- Your scheduling data (events, bookings, availability) is stored in an encrypted EU-hosted database for real-time availability and fast access, and synced to your personal Solid Pod as a permanent copy you fully own.
- The cloud database powers real-time features (conflict detection, calendar view, booking pages). You can request deletion of the cloud copy at any time.
- Your Solid Pod is your personal archive. We push data to it on your behalf but do not read or mine its contents. You control access.
- You can switch providers or self-host at any time. Your Pod data is portable by design.
3. What We Collect
We distinguish clearly between what we store and what stays in your Pod.
3a. Data we store (cloud service only)
If you use PodCal Cloud (our hosted service), we store the following data in our encrypted EU-hosted database:
| Data | Purpose | Retention |
|---|---|---|
| Email address | Account identification, notifications | Until account deletion |
| WebID (Solid identifier) | Solid Pod authentication | Until account deletion |
| Solid Pod URL | Connecting to your data store | Until account deletion |
| Subdomain choice | Your booking page URL | Until account deletion |
| Booking data (date, time, duration) | Real-time availability, conflict detection, calendar view | Until account deletion (also synced to your Pod) |
| Attendee info (name, email, notes) | Booking confirmations, email notifications | Until account deletion (also synced to your Pod) |
| Availability settings | Determining bookable time slots | Until account deletion (also synced to your Pod) |
| Subscription tier | Feature access control | Until account deletion |
| Aggregate usage counts | Enforcing plan limits (e.g. bookings/month) | Rolling monthly |
3b. Data stored by Stripe
If you subscribe to a paid plan, payment processing is handled entirely by Stripe, Inc. We store only your Stripe customer ID and subscription ID. We never see or store your credit card number, bank details, or billing address. See Stripe's privacy policy.
3c. Website analytics (podcal.eu)
Our marketing website at podcal.eu uses Umami, a privacy-focused, cookieless analytics tool self-hosted on our own EU infrastructure (analytics.zerolimit.es, Scaleway, Paris). Umami collects:
- Page views and referrer URLs
- Browser type and operating system
- Device type and screen size
- Country of origin (derived from IP address, which is not stored)
- Custom events (e.g. button clicks on calls to action)
Umami does not use cookies, does not track users across websites, and does not collect any personally identifiable information. All data is aggregated and anonymous. No data is shared with third parties — the analytics server is operated entirely by us.
3d. Data we do NOT collect
- Behavioral profiles or cross-site tracking data
- IP addresses (not logged beyond standard server access logs, which are rotated weekly)
- Cookies for tracking or advertising (we use a single session cookie for authentication)
- Contents of your Solid Pod beyond what PodCal writes to it
3e. Self-hosted users
If you self-host PodCal, we collect nothing. The software does not phone home, send telemetry, or contact our servers in any way. You are fully independent.
4. How We Use Your Data
The data we store is used exclusively to:
- Authenticate you and connect to your Solid Pod
- Route visitors to your booking page via your subdomain
- Provide real-time availability, conflict detection, and the calendar view
- Sync booking data to your Solid Pod as a permanent copy
- Enforce plan limits (e.g. bookings per month on the Free tier)
- Process subscription billing through Stripe
- Send transactional emails (booking confirmations, account notifications)
We do not use your data for advertising, profiling, training AI models, or any purpose other than operating the service you signed up for.
5. Legal Basis for Processing (GDPR Art. 6)
| Processing Activity | Legal Basis |
|---|---|
| Account creation and authentication | Contract performance (Art. 6(1)(b)) — necessary to provide the service you signed up for |
| Booking data storage and Solid Pod sync | Contract performance (Art. 6(1)(b)) — core functionality of the scheduling service |
| Subscription billing via Stripe | Contract performance (Art. 6(1)(b)) — necessary to process your paid subscription |
| Transactional emails (booking confirmations) | Contract performance (Art. 6(1)(b)) — necessary for the scheduling service to function |
| Plan limit enforcement | Legitimate interest (Art. 6(1)(f)) — preventing abuse and ensuring fair use of shared resources |
| Website analytics (Umami) | Legitimate interest (Art. 6(1)(f)) — understanding aggregate website usage to improve the service. No personal data is processed; all metrics are anonymous and cookieless. |
| Security logging | Legitimate interest (Art. 6(1)(f)) — protecting the service and its users from threats |
| Legal compliance | Legal obligation (Art. 6(1)(c)) — where required by applicable law |
We do not rely on consent as a legal basis for any core processing, because all processing is either necessary for the service or covered by legitimate interest. You can always exercise your rights under Section 7 below.
6. Data Sharing
We do not sell, rent, or share your personal data with third parties, with the following limited exceptions:
- Stripe — Payment processing only. Stripe acts as an independent data controller for payment data.
- Scaleway — Our hosting provider. They process data on our behalf under a Data Processing Agreement (DPA) in compliance with GDPR.
- Inrupt — Provides the Solid Pod hosting infrastructure (PodSpaces). Your Pod data is governed by Inrupt's terms and privacy policy. We do not have access to Pod contents.
- Legal obligation — We may disclose data if required by law, court order, or government request. We will notify you if legally permitted to do so.
7. Data Location and Transfers
All PodCal Cloud infrastructure is hosted in the European Union (Scaleway, Paris, France). We do not transfer your account data outside the EU. Stripe may process payment data in the US under their own data transfer mechanisms.
8. Your Rights (GDPR)
If you are in the EU/EEA, you have the right to:
- Access — Request a copy of all data we hold about you
- Rectification — Correct inaccurate data
- Erasure — Delete your account and all associated metadata
- Portability — Export your data (your scheduling data is already in your portable Solid Pod)
- Object — Object to processing of your data
- Restriction — Request restricted processing
To exercise these rights, email scheduler@zerolimit.es. We will respond within 30 days.
You also have the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL), the French data protection authority, if you believe your rights have not been respected:
- Website: www.cnil.fr
- Address: 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France
9. Data Retention
Account metadata is retained for as long as your account exists. When you delete your account:
- All account metadata is permanently deleted from our database within 48 hours
- Your Stripe subscription is canceled (Stripe retains payment records per their own policy)
- Your Solid Pod and all scheduling data remain untouched — they're yours
- Server backups containing your data are overwritten within 7 days
10. Cookies
PodCal uses a single, strictly necessary session cookie to keep you logged in. We do not use:
- Tracking cookies
- Analytics cookies (our analytics tool, Umami, is fully cookieless)
- Advertising cookies
- Third-party cookies of any kind
Because we only use a strictly necessary cookie, no cookie consent banner is required under GDPR.
11. Security
We take security seriously:
- All connections encrypted via TLS 1.3
- Server hardened with UFW firewall, fail2ban, and SSH key-only access
- API keys hashed with SHA-256 (we never store raw keys)
- Stripe webhook signature verification on all payment events
- Daily encrypted database backups with 7-day rotation
- Optional passkey MFA (WebAuthn) — Touch ID, Windows Hello, YubiKey, or any FIDO2 security key as a second factor after Solid OIDC login
- Passkey credentials stored server-side (public key only — we never see your biometric data)
- Open-source codebase — security is verifiable by anyone
If you discover a security vulnerability, please report it to scheduler@zerolimit.es. We aim to respond within 24 hours.
12. Children
PodCal is not intended for use by anyone under 16 years of age. We do not knowingly collect data from children.
13. Changes to This Policy
We may update this privacy policy from time to time. Material changes will be communicated via email to registered users at least 14 days before taking effect. The "last updated" date at the top of this page indicates when the policy was last revised. Previous versions are available in our GitHub repository.
14. Contact
For privacy-related questions or concerns, contact:
Zero Limit (SASU)
60 Rue François 1er, 75008 Paris, France
- Email: scheduler@zerolimit.es
- Website: podcal.eu