Privacy Policy
How we handle your data on the NimbleCal website and app.
Last updated: May 4, 2026
TL;DR:
- Calendar content you save in NimbleCal is end-to-end encrypted by default. It is encrypted on your devices before storage or sync, and your decryption keys do not leave your devices in plaintext.
- To run the Service, NimbleCal servers process account, billing, sync, reminder, diagnostic, Website analytics, signup abuse protection, support, feedback, testimonial, and product-update data.
- Email invitations need readable invite details because recipients, email systems, calendar clients, and RSVP pages must be able to display the invitation. If you send an invite, NimbleCal and its email delivery provider process recipient email addresses, invitation delivery and RSVP metadata, event details, and an iCalendar file needed to deliver and display the invitation.
- NimbleCal does not run ads or cross-site tracking, sell your personal data or Your Content, share your personal data or Your Content for cross-context behavioral advertising or targeted advertising, build advertising profiles from your personal data or Your Content, or use your personal data or Your Content to train AI models.
This TL;DR is a convenience summary and does not replace the full policy below, which contains the complete details.
1. Introduction
This Privacy Policy describes how NimbleCal's Website, Web App, or related services (collectively, the "Service"), operated by Nimbledot LLC ("Nimbledot", "we", "us"), collect and process your personal data.
NimbleCal is designed to collect the data needed to provide the Service, keep calendar content end-to-end encrypted by default, and explain the limited places where certain data is processed outside end-to-end encryption to provide a feature.
2. Definitions
For clarity, the following definitions apply:
- "Website" means NimbleCal's public website located at
nimblecal.comand related domains we operate. - "Web App" means the NimbleCal web application located at
app.nimblecal.comand related domains we operate. - "Service" means the Website, Web App, and related services we provide, including our backend services for sync, authentication, billing, invitations, and email.
- "Account" means the user account you create to access the Service.
- "Subscription" means a paid plan that provides access to paid features for a recurring fee.
- "Your Content" means the calendar data and other content you upload, create, transmit, or store using the Service. This includes encrypted calendar and event data, and event details you choose to send through invitation features.
- "Service Providers" means the vendors and providers we use to operate the Service, such as hosting, authentication, billing, anti-abuse, diagnostics, Website analytics, and email delivery providers.
3. How we handle calendar content
NimbleCal is built so the calendar content you save in the app is end-to-end encrypted by default. Event titles, descriptions, notes, locations, recurrence details, and similar calendar content are encrypted on your devices before they are stored or synced. The decryption keys do not leave your devices in plaintext, so for encrypted calendar content NimbleCal's servers store ciphertext plus the limited metadata needed to operate sync. We cannot read that encrypted calendar content. The sections below explain the limited cases where some data must be readable to provide a feature, such as email invitations and reminder scheduling metadata.
Encrypted content
Calendar content, such as event titles, descriptions, notes, locations, recurrence details, and other event details, is encrypted on your devices before it is synced or stored on our servers.
This end-to-end encrypted calendar storage and sync model covers the main calendar, event, settings, and key records. The servers see ciphertext plus the limited metadata needed to sync and maintain those records.
Unencrypted content and metadata
Some metadata is stored unencrypted so the system can function. For example:
- internal identifiers linking records to your account
- flags that mark records as deleted or visible
- timestamps for sync coordination
- reminder scheduling timestamps
- invitation records
For encrypted calendar records you store or sync in the app, this metadata does not include your event titles, descriptions, or other calendar text.
Invitations are an exception. When you choose to send invites, recipient email addresses are needed for delivery, and the event details in the invitation must be readable by recipients, email systems, calendar clients, and RSVP pages. For this flow, NimbleCal stores recipient email addresses and an invitation record containing the event title, description, start and end time, timezone, location, organizer name and email, and optional organizer message. That record supports email delivery, invitation links, RSVP pages, re-sending invitations, and an iCalendar file for calendar clients. Invitation emails are processed by our email delivery provider.
Authentication, subscription, and feedback features require certain personal data such as email addresses and payment metadata when you use those features. Those parts are not zero-knowledge.
To support reminders efficiently, the Service also maintains a separate reminders collection for the Web App and sync infrastructure that is intentionally not end-to-end encrypted. That collection contains limited reminder metadata: reminder identifiers, event IDs, user IDs, reminder timestamps, delivery and deletion state such as whether a reminder has been sent or deleted, and related created/updated timestamps. This metadata is designed not to include plaintext event titles, descriptions, notes, locations, or other calendar content. Keeping this collection unencrypted lets the Service maintain reminder timing, coordinate reminder behavior across devices, and support notification delivery without decrypting every event.
4. Personal data we collect
We collect the following categories of personal data, depending on how you use the Service:
A) Account and authentication
- email address
- optional display name, if you choose to provide one
- account identifiers and session/authentication metadata
- password hashes and related auth records handled through Supabase
- security-related logs such as IP address, user agent, timestamps, and error logs
B) Encrypted sync data and non-content metadata
- encrypted calendar, event, settings, and key data
- limited metadata needed for sync and integrity, such as internal IDs, timestamps, and deletion or visibility flags
C) Reminders and notification scheduling metadata
To support reminders efficiently, we process limited reminder metadata: reminder identifiers, event IDs, user IDs, reminder timestamps, delivery and deletion state such as whether a reminder has been sent or deleted, and related created/updated timestamps. This metadata is designed not to include the plaintext content of your events.
D) Invitations (only if you send them)
- recipient email addresses
- invitation content needed to deliver and render the invitation, including the event title, description, start and end time, timezone, location, and organizer name and email
- invitation links or tokens and delivery metadata
- optional organizer message
E) Billing and subscriptions
Paid subscriptions are processed through Paddle, which acts as NimbleCal's merchant of record for paid subscription orders. Paddle and its payment partners handle payment-method details such as full card or bank account numbers. In the checkout and payment-processing flow, NimbleCal does not intentionally receive or store full card or bank account numbers on its own servers.
If you purchase a Subscription, NimbleCal receives and stores the subscription and billing metadata needed to provide paid access and support billing, such as product identifiers, customer identifiers, customer email, plan status, renewal and cancellation state, and related timestamps. We may also process refund or dispute metadata, such as refund status, dispute identifiers, resolution timestamps, and related support notes, when needed for refunds, disputes, fraud prevention, or legal, tax, and accounting obligations.
F) Support, feedback, and testimonials
If you contact us or submit feedback, we collect the content of your message, contact information if you choose to provide it, and optional diagnostics you choose to share, for example browser, platform, language, timezone, and related troubleshooting details.
If you submit a testimonial and choose to allow a public quote, we also collect the attribution you choose to provide so we can publish that quote on NimbleCal's owned channels.
G) Website analytics and product updates
The Website uses Plausible to process cookie-free aggregate pageview analytics so we can understand which pages are visited, how the site performs overall, and whether key Website links or buttons are used.
In that process, Plausible receives standard request information such as page URL, referrer, approximate location derived from IP, and user agent so it can produce aggregate statistics without setting cookies or building visitor profiles.
Plausible also receives limited Website click-event labels, such as CTA, checkout, or support-link clicks. This Website analytics path is separate from the Web App and from the end-to-end encrypted calendar-content model.
If you sign up for optional product updates, we process your email address and product-update preference so we can send the updates you asked for and honor related email preferences. You can unsubscribe at any time.
H) Operational crash reports (if enabled)
If crash reports are enabled in the Web App, we process a narrow, predefined operational crash payload. It can include build version, a general route area, browser and operating-system family, online or offline state, error type, sanitized stack-frame labels, and predefined diagnostic fields.
These reports are intended for unexpected client-side errors. They go through NimbleCal's server path first so we can validate and scrub the payload before anything reaches Sentry. This means the browser does not send crash reports directly to Sentry.
I) Signup abuse protection
Account signup currently uses Friendly Captcha to reduce automated abuse.
That flow can involve:
- technical request data needed to load and evaluate the challenge
- the challenge response and request IP address needed for verification
- NimbleCal's own short-lived signup-proof hash, hashed email binding, limited verification metadata, provider-returned verification identifier, and related timestamps
NimbleCal does not store the raw Friendly Captcha challenge response.
J) Sources of personal data
We collect personal data from the following sources:
- directly from you, for example when you create an Account, submit feedback, send invitations, purchase a Subscription, or sign up for product updates
- automatically from your device and browser, for example IP address, user agent, authentication cookies, security logs, Website analytics, and crash diagnostics if enabled
- from our service providers and processors, for example subscription status information from Paddle, authentication records from Supabase, and delivery or verification metadata from AhaSend and Friendly Captcha
5. What we do not do
- We do not sell your personal data or Your Content.
- For encrypted calendar content, NimbleCal's servers do not hold your decryption keys in plaintext and cannot read that content server-side.
- We do not share your personal data or Your Content for cross-context behavioral advertising or targeted advertising.
- We do not run third-party advertising trackers in the Web App.
- The Web App does not run analytics scripts or behavior-tracking tools.
- If crash reports are enabled, they are treated as operational diagnostics, not product analytics.
- We do not use your personal data or Your Content to build advertising profiles.
- We do not use your personal data or Your Content to train AI models.
6. How we use personal data and legal bases for processing
Depending on your jurisdiction, we may rely on the following legal bases:
| Purpose of processing | Examples | Legal basis |
|---|---|---|
| Provide and operate the Service | authentication, sync, reminders, invitations you send, and Subscription access | Performance of a contract |
| Process and administer subscriptions | checkout, renewals, cancellations, refunds, disputes, and billing support | Performance of a contract |
| Provide customer support and account communications | verification emails, password resets, support replies, billing notices, and privacy-request handling | Performance of a contract |
| Maintain security, prevent abuse, and debug issues | security logs, signup abuse protection, fraud prevention, webhook validation, and operational crash reports if enabled | Legitimate interests |
| Measure aggregate Website pageviews and limited Website click events | cookie-free Plausible analytics for Website pageviews and limited Website click-event labels | Legitimate interests, or consent where applicable under local law |
| Send optional product updates upon opt-in | product-update emails you explicitly sign up to receive | Consent |
| Meet legal, tax, accounting, and compliance obligations | retaining required billing records, responding to valid legal demands, and maintaining suppression records | Legal obligation |
Where we rely on consent, you can withdraw it at any time. That does not affect the lawfulness of processing that happened before withdrawal.
Special-category data
NimbleCal is a calendar service. We do not ask you to provide sensitive or special-category personal data, and providing it is not necessary to use the Service.
Because the Service includes free-text fields, you may incidentally include such information in calendar entries, invitations, feedback, support messages, or other content you submit. As described in the "How we handle calendar content" section of this policy, calendar content that remains end-to-end encrypted is encrypted before it reaches NimbleCal's servers, and the decryption keys do not leave your devices in plaintext. That means NimbleCal and its service providers cannot access the plaintext calendar content for that encrypted content. If you send email invitations, recipient email addresses and the event details needed to deliver and display the invitation are processed outside end-to-end encryption using the transport, storage, and provider security measures described elsewhere in this policy. Other channels, such as support, feedback, billing, or direct email, can include information you choose to send there plus related operational metadata needed to provide the channel.
We recommend that you avoid including sensitive or special-category data in flows that are not end-to-end encrypted.
If you submit personal data about another person, you are responsible for ensuring you have the necessary rights and lawful basis to do so.
7. How we share personal data
We share personal data as needed to operate the Service, including with service providers and processors such as hosting, authentication, billing, anti-abuse, diagnostics, Website analytics, and email delivery providers.
For encrypted calendar content, service providers involved in encrypted calendar storage and sync receive ciphertext and the limited metadata needed to operate the Service, not plaintext event titles, descriptions, notes, or locations. The main calendar-content exception is email invitations: if you send an invite, NimbleCal and the providers used for that invitation flow process recipient email addresses, invitation delivery and RSVP metadata, and the event details needed to deliver the email, support the invitation link, and display the RSVP page. Other channels, such as support, feedback, billing, or direct email, can include information you choose to send there plus related operational metadata needed to provide the channel.
When a service provider processes personal data on our behalf, we require appropriate contractual terms that restrict the provider's use of the data, require confidentiality and security measures, and, where applicable, include data processing agreements and transfer safeguards.
We may also disclose data:
- to comply with valid legal process and legal obligations
- to protect the rights, safety, and security of Nimbledot, our users, or the public
- in connection with a business transaction such as a merger, acquisition, financing, or asset sale, subject to appropriate safeguards and notice where required
- when you explicitly ask us to publish something, for example a testimonial you submit for public display with the attribution you choose
Current service providers are listed on our public Service providers and subprocessors page.
8. Cookies and device storage
The Web App uses authentication cookies and device storage such as browser storage to:
- keep you signed in
- store encrypted or protected key material and state required for the end-to-end encryption flows
- support device-specific key-wrapping and "remember this device" behavior where enabled
The hosted Web App does not set third-party tracking cookies.
The Website stores recent documentation searches in your browser's local storage so docs search can show them back to you. Those searches run in your browser and are not sent to us as part of the search feature itself.
9. Data retention
We retain personal data only as long as reasonably necessary for the purposes described in this policy, including:
- while your Account is active
- for a reasonable period after account deletion to process deletion, handle disputes, comply with legal obligations, and account for backups or log-rotation windows
- as required for billing, accounting, fraud prevention, and tax compliance
Because we use Service Providers, some data may remain in provider backups or logs until their retention windows expire.
Where NimbleCal sets a retention window directly, we say so below. For provider-controlled logs, backups, and legal-retention paths, we describe retention at a practical level.
| Data category | Retention period |
|---|---|
| Account data and encrypted calendar data | Retained while your Account is active. When you use NimbleCal's in-Service deletion flow, NimbleCal deletes the live account record and the synced app data tied to that account. Some copies may still remain for a reasonable period in backups, logs, and other vendor-controlled retention windows, and some separate billing or suppression records can remain as described below. |
| Supabase database backups | Supabase currently retains daily database backups for the most recent 7 days. |
| Subscription and billing metadata | Retained as required for accounting, fraud prevention, refunds, disputes, and tax compliance. NimbleCal's current account-deletion flow does not delete these rows. They are typically kept for several years depending on jurisdiction. |
| Infrastructure and security logs | Retention for provider-native logs is controlled by the vendor's current plan and settings rather than one NimbleCal-wide timer. Vercel currently retains runtime logs for 1 day. Other provider logs are rotated, aggregated, or deleted under those services' normal policies. |
| Feedback submissions | Retained as long as useful for product improvement, abuse prevention, dispute handling, or legal compliance. If you delete your Account through NimbleCal's in-Service deletion flow, we keep past feedback but remove the associated account link and email fields. |
| Support records and direct email | Retained as long as needed to respond, preserve support history, handle abuse or disputes, or comply with legal obligations. |
| Invitation records | Retained while the related invitation remains active. These invitation records support invitation links, RSVP pages, and resend flows, and are separate from the email-delivery data described below. No universal post-send deletion timer currently applies to these invitation records. If an organizer deletes their Account through NimbleCal's in-Service deletion flow, the live invitation records tied to that organizer's owned events are deleted through the normal account and data-deletion process, subject to backups, logs, vendor-controlled retention, legal obligations, and separate email-delivery records described below. |
| Invitation email delivery data | For invite emails, NimbleCal configures AhaSend to use the shortest retention settings the service supports for this flow: 1 day of message metadata retention and 0 days of message-data retention. This covers invite emails sent under this configuration. Provider backups, abuse or security logs, and legal obligations may be governed by AhaSend's own policies and applicable law. |
| Marketing email preferences | Retained until you unsubscribe. If you delete your Account, NimbleCal tries to mark the marketing record as unsubscribed and may keep a suppression record to prevent future marketing to that address. |
| Signup abuse-protection records | Friendly Captcha responses are not stored by NimbleCal. NimbleCal's current signup-proof implementation sets the proof TTL to 5 minutes and configures related hashed enforcement records for purge after a short post-expiry retention window, currently 7 days. |
10. Your rights and privacy choices
Depending on where you live, you may have the following rights:
- access your personal data and receive a copy
- rectify inaccurate or incomplete personal data
- erase your personal data in certain circumstances
- restrict processing of your personal data
- request portability for data you provided to us in a structured, commonly used, and machine-readable format
- object to processing based on legitimate interests
- withdraw consent at any time, without affecting the lawfulness of processing based on consent before withdrawal
- if applicable, lodge a complaint with your local data protection supervisory authority
A list of EEA supervisory authorities is available from the European Data Protection Board: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
Because most of your calendar content is end-to-end encrypted and we cannot decrypt it server-side, access or export for encrypted calendar content is typically performed client-side, for example by exporting from the Service while you are logged in.
For account deletion, use the in-Service deletion flow where available.
For other privacy requests such as access, portability, correction, deletion, restriction, or objection to processing, contact us using the details in the Controller and contact details section below.
Verification
We may need to verify your identity before fulfilling a privacy request. For requests about account data, we may ask you to confirm the email address associated with your Account. We will not require you to create a new Account solely to submit a request.
Appeals
If we deny your privacy request, you may appeal by contacting privacy@nimblecal.com. Where applicable law provides an appeal process or response timeframe, we will follow that law.
11. International transfers
We are a U.S. company and our providers may process data in multiple countries.
Because calendar content saved in the app is end-to-end encrypted by default, server-side exposure of that content in plaintext is reduced. Account, billing, invitation, diagnostics, and support data may still be processed in the regions where our providers operate, including the European Union, the United States, and Switzerland.
Transfer mechanisms (EEA/UK/Switzerland): Where personal data is transferred from the European Economic Area, United Kingdom, or Switzerland to countries not recognized as providing adequate data protection, including the United States, we rely on lawful transfer mechanisms and, where applicable, appropriate safeguards, such as adequacy decisions, the EU-U.S. Data Privacy Framework where a relevant provider has a valid certification, the European Commission's Standard Contractual Clauses (SCCs) as adopted under Commission Implementing Decision (EU) 2021/914, or other legal mechanisms supported by the relevant provider and processing path. Different providers and processing paths may rely on different mechanisms, and not every mechanism applies to every provider.
You may request more detail about the transfer safeguards relevant to a particular processing path by contacting privacy@nimblecal.com.
12. Security
We use technical and organizational measures designed to protect personal data. No system is perfectly secure, but our architecture is designed so that server compromise alone should not reveal end-to-end encrypted calendar content in plaintext without your decryption keys.
Further details on our current encryption and security practices can be found in Security.
13. Children's privacy
The Service is intended for people who meet the eligibility requirements in the Terms of Service: you must be at least 13 years old and, if you are under the age of majority in your jurisdiction, have valid consent from a parent or legal guardian.
NimbleCal is not directed to children under 13, and we do not knowingly collect personal data from children under 13. In the EEA, child-consent rules can require a person to be at least 16 unless a member state sets a lower age permitted by law. If you believe a child has provided us personal data without the required consent, contact us and we will take reasonable steps to delete it.
14. Automated decision-making
We do not use your personal data for automated decision-making, including profiling, that produces legal or similarly significant effects concerning you.
15. Necessity of providing personal data
Providing your email address is necessary to create and use an Account.
Providing payment information is necessary only if you choose to purchase a paid Subscription, and payment-method details are handled by Paddle rather than stored on NimbleCal's own servers.
Feedback submissions, optional diagnostics, testimonials, testimonial attribution, optional organizer messages, and product-update signups are optional.
Some technical data, such as IP address, user agent, auth-session metadata, and security logs, are processed automatically as part of using the Service and keeping it secure.
16. Controller and contact details
Data controller: Nimbledot LLC
Privacy requests and data-protection questions: privacy@nimblecal.com
General support: support@nimblecal.com
Security reports: security@nimblecal.com
Mailing address: 2010 El Camino Real # 1476, Santa Clara, CA 95050, United States
17. Changes to this policy
We may update this policy from time to time. We will update the "Last updated" date.
For material changes, we will provide notice through the Service, on the Website, or both. Where required by applicable law, we will seek consent before applying changes that materially affect how we process your personal data.