Privacy Policy

Last Updated: April 3, 2026

1. Introduction

Welcome to MsgBox ("we", "our", or "us"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our calendar synchronization services, specifically integrating with Google Calendar and third-party enterprise platforms (such as Lark, Feishu, DingTalk, and WeCom).

2. Information We Access and Collect

When you authorize our application to connect with your Google Account, we request access to the following information:

  • Google Account Email: To uniquely identify your account and manage your sync preferences.
  • Google Calendar Data (Read and Write access): We access your calendar events (including event titles, descriptions, start/end times, and attendees) solely to synchronize them with your chosen external platforms.

3. How We Use Your Information

The primary purpose of accessing your Google Calendar data is to provide the core functionality of our synchronization service. Specifically, we use your data to:

  • Push events created in third-party platforms (Lark, Feishu, DingTalk, WeCom) to your Google Calendar.
  • Read your existing Google Calendar events to prevent booking conflicts and push your availability to external platforms.
  • Keep event updates and deletions synchronized across all connected platforms in real-time.

We do not use your Google Calendar data for advertising, marketing, or any other purposes unrelated to the synchronization service.

4. Google API Services User Data Policy (Limited Use)

MsgBox's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data. Your Google Calendar data is only shared with the specific third-party enterprise platforms (Lark, Feishu, DingTalk, or WeCom) that you explicitly authorize and configure within your account settings.

6. Data Storage and Security

We implement industry-standard security measures, including encryption in transit (HTTPS/TLS) and at rest, to protect your data. OAuth access tokens and refresh tokens are securely encrypted in our database. We only store the minimal amount of event metadata (such as event IDs and timestamps) required to maintain synchronization mapping; we do not indefinitely store the full content of your Google Calendar events.

7. Revoking Access and Data Deletion

You have full control over your data. You can revoke our application's access to your Google Account at any time by visiting your Google Account's Security Settings page.

Upon disconnecting your Google account within our platform or revoking access, we will immediately cease synchronization and delete your associated Google OAuth tokens and calendar mapping data from our active databases.

8. Contact Us

If you have any questions or concerns regarding this Privacy Policy or our data practices, please contact our support team at:

Email: support@msgbox.chat