Privacy Policy

Last updated: 14 May 2026

Aligrio is built on a simple principle: your data is yours. We do not collect, store, or transmit your calendar data. This policy explains exactly what we do (and don't do) with your information.

1. Information we collect

When you download and use Aligrio, we collect only the minimum information necessary to operate the app and process licence purchases:

• Licence information — your email address, used to deliver your licence key and provide support. This is only ever collected at the point of purchase, or whenever you email us for support.
• Basic analytics — anonymous crash reports and app version information to help us fix bugs. These contain no personally identifiable information and no calendar data.

We do not collect your name, location, device identifiers, or any information about your calendar events.

2. Calendar data

Aligrio connects to your calendar providers (Google Calendar, Microsoft Outlook, Apple Calendar) using OAuth authentication. This connection is established directly between the app and your calendar provider on your device.

Your calendar events, contacts, and any associated data are read locally and are never transmitted to Aligrio's servers. We have no access to your calendar data whatsoever.

2a. Google API Services User Data Policy

Aligrio's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• Google Calendar data is accessed solely to display your schedule within the app.
• Google user data is never transmitted to Aligrio's servers, shared with third parties, or used for advertising or analytics profiling.
• Google user data is never used to train machine learning or AI models.
• Human access to Google user data is strictly limited to security investigations and where required by law.

3. Data security

We take the security of your information seriously and have implemented appropriate technical and organisational measures to protect it:

• Encryption in transit — all communication between Aligrio and your calendar providers (Google Calendar, Microsoft Outlook) uses industry-standard TLS encryption. OAuth tokens and any data exchanged with calendar APIs are never transmitted in plaintext.
• Local storage and encryption at rest — OAuth tokens and any cached calendar data are stored locally on your device using your operating system's secure credential storage (macOS Keychain, Windows Credential Manager). They are never written to Aligrio's servers.
• No server-side storage of Google user data — because your calendar data is read and processed entirely on your device, there is no copy of it on our infrastructure that could be exposed in a breach.
• Minimum-scope OAuth access — Aligrio requests only the narrowest OAuth scopes required to display your schedule. We do not request write, delete, or sharing permissions unless strictly needed for a feature you have enabled.
• Restricted human access — as noted above, human access to any Google user data is strictly limited to security investigations and where required by law.
• Secure development practices — we follow secure software development practices, keep dependencies up to date, and respond promptly to any reported security vulnerabilities.

If you believe you have discovered a security vulnerability in Aligrio, please contact us via our support page.

4. How we use your information

The limited information we collect is used solely to:

• Deliver your licence key and activation instructions
• Provide customer support when you contact us
• Fix bugs and improve the stability of the app

We do not use your information for advertising, analytics profiling, or any other purpose.

5. Third-party services

Aligrio uses the following third-party services:

• Payment processor: licence purchases are handled by a third-party payment provider (LemonSqueezy). We do not store your payment card details.
• Calendar providers: when you connect Google Calendar or Microsoft Outlook, you are subject to those providers' privacy policies. Apple Calendar data and Outlook on desktop is read locally and does not involve any third-party network calls.

6. Data retention and deletion

Because Aligrio reads calendar data locally and does not transmit it to our servers, we do not retain any Google user data, Microsoft user data, or Apple Calendar data on our infrastructure. Any locally cached calendar data on your device is cleared when you disconnect a calendar account or uninstall the app.

You can revoke Aligrio's access to your Google account at any time via your Google Account permissions page, or to your Microsoft account via your Microsoft account privacy settings. Revoking access immediately terminates Aligrio's ability to read your calendar data.

For information we do hold:

• Your email address is retained for as long as your licence is active, or until you request deletion.
• Anonymous crash report data is retained for 90 days and then automatically deleted.

You may request deletion of any personal data we hold by contacting us via our support page.

7. Your rights

You have the right to:

• Request a copy of any personal data we hold about you
• Request deletion of your personal data
• Withdraw consent to crash reporting at any time via the app's settings

To exercise any of these rights, contact us at our support page.

8. Children's privacy

Aligrio is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will notify licence holders of any material changes by email. The date at the top of this page reflects the most recent update.

10. Contact

If you have questions about this Privacy Policy, please reach out via our support page.