Privacy Policy

Effective Date: May 31, 2026

Website: www.widgetminds.com

We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website and services.

1. Who We Are

www.widgetminds.com ("we", "our", or "us") provides online tools that allow users to create and manage widgets, embed them on their websites, and view usage statistics.

If you have any privacy-related questions or wish to make a data request, please contact us through our Contact Page.

2. Information We Collect

We collect only the data necessary to provide and improve our services:

a) Account Information

When you sign up, we collect:

  • Email address (for account creation and login)
  • Password (securely hashed)
  • Optional profile information you choose to provide

b) Widget Data

We store information related to the widgets you create, such as:

  • Widget titles, content, and configuration settings
  • Performance statistics (e.g., views, clicks, impressions)

c) Appointment Booking & Google Calendar Integration

What Google data we access:

  • Calendar events: We access ONLY the calendar.events scope to create and delete appointment events in your Google Calendar
  • Your Google email address: To display which Google account is connected to your booking instance
  • OAuth access and refresh tokens: To maintain authorized access to create calendar events on your behalf

Why we access this data:

  • To automatically create calendar events when customers book appointments through your widget
  • To automatically delete calendar events when bookings are cancelled or removed
  • To provide you with a seamless booking-to-calendar experience
  • To display appointment details (customer name, email, phone, service, date/time) in your calendar

How we use Google data:

  • Only for calendar syncing: We use your Google Calendar access solely to create and delete appointment events at your request
  • NOT used for advertising: We do not use any Google user data for personalized ads, marketing, or selling to third parties
  • NOT used for profiling: We do not analyze, profile, or track your Google Calendar data for any purpose
  • NOT used for analytics: We do not use Google user data for unrelated analytics or data mining
  • We do NOT access unrelated calendar data: We only manage events we created for your bookings; we never read, browse, or access your other personal calendar events

How we store OAuth tokens:

  • Tokens are stored securely in encrypted JSON format within our database
  • Tokens are protected by industry-standard security measures
  • We NEVER store your Google Calendar content on our servers - only the minimal token data needed for API access
  • Tokens are deleted immediately when you disconnect Google Calendar or delete your account

Important: Limited Use of Google Data

Our use of Google user data is strictly limited to providing the calendar sync feature you explicitly requested. We only access the minimum permissions required (calendar.events scope) and never use your Google data for any other purpose.

We do NOT: sell, rent, share, or use your Google data for advertising, profiling, analytics, or any purpose unrelated to calendar syncing.

d) Usage & Technical Data

We automatically collect limited technical data through cookies and analytics tools:

  • Browser type, device information, and IP address
  • Pages visited and time spent on the site

e) Contact Form Submissions

If you contact us via the form on our website, we collect the information you provide (such as your name, message, and email) solely for responding to your inquiry.

3. How We Use Your Information

We use your data to:

  • Provide, maintain, and improve our services
  • Authenticate your account and manage user sessions
  • Generate and display widget statistics
  • Sync appointment bookings to your Google Calendar (only when you explicitly connect and authorize this feature)
  • Remove cancelled/deleted appointments from your Google Calendar (to keep your calendar synchronized with booking status)
  • Display customer appointment details in calendar events
  • Respond to messages submitted via the contact form
  • Prevent abuse, spam, or unauthorized access
  • Analyze site performance and improve user experience

We do not sell or rent your personal data to anyone.

4. Cookies and Analytics

We use cookies and third-party analytics (like Google Analytics) to:

  • Maintain user sessions (e.g., keeping you logged in)
  • Remember your preferences
  • Analyze site usage to improve performance

You will see a cookie consent banner when you first visit our site, giving you the option to accept or decline non-essential cookies.

You can change your cookie settings at any time through your browser.

5. Data Storage and Security

We take data security seriously.

  • All communication with our site uses SSL (HTTPS) encryption.
  • Passwords are hashed and salted before storage.
  • Data is stored securely on GDPR-compliant hosting servers.

We implement reasonable measures to prevent unauthorized access or misuse.

6. Data Retention

We retain your information only as long as necessary to provide our services. If you delete your account, your personal data, widgets, and related statistics are permanently removed from our systems within 30 days.

7. Third-Party Services

a) Google Calendar API

When you connect your Google Calendar to our Appointment Booking widget, we use the Google Calendar API exclusively to create calendar events for your appointments.

What we do with Google data:

  • Create calendar events: Automatically add appointments to your Google Calendar when customers make bookings
  • Delete calendar events: Automatically remove appointments from your Google Calendar when bookings are cancelled or deleted
  • Display connected account: Show which Google account is linked to your booking instance

What we do NOT do with Google data:

  • NO selling: We never sell your Google user data
  • NO sharing: We never share your Google data with third parties (except Google itself for API access)
  • NO advertising: We never use Google data for personalized advertising or marketing
  • NO storage: We do not store any of your Google Calendar content on our servers
  • NO browsing: We never read, browse, or access your existing personal calendar events unrelated to our appointment bookings

Data shared with Google:

  • When creating calendar events, we send appointment details (date, time, customer name, email, phone, service information) to Google Calendar API
  • When deleting calendar events, we send the event ID to Google Calendar API to remove the appointment
  • Your OAuth tokens are used only to authenticate API requests on your behalf

How to revoke access:

  • Via our platform: Disconnect Google Calendar from your instance settings. Our stored tokens are deleted immediately, preventing any further calendar access from our system. Note: The authorization remains in your Google Account until you manually revoke it via Google's permissions page.
  • Via Google: Revoke the authorization completely by visiting Google Account Permissions and removing WidgetMinds from your connected apps
  • Automatic deletion: When you delete your account, all OAuth tokens are permanently removed within 30 days

Data retention for Google tokens:

  • OAuth tokens are retained only while you have Google Calendar connected
  • Tokens are immediately deleted when you disconnect or delete your account
  • We NEVER store your actual calendar content - only the minimal token data required for API access
  • No calendar events or personal calendar data are retained on our servers

Google API Services User Data Policy Compliance:

Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We use Google user data only to provide the calendar sync feature you explicitly requested, and we do not use it for any other purpose including serving advertisements.

b) Other Service Providers

We may share limited data with trusted third parties who help us operate our services, such as:

  • Hosting providers (to host the website)
  • Analytics providers (for website traffic analysis)
  • Email or support tools (to respond to your inquiries)

These providers process your data securely and only as necessary to perform their services for us.

8. Your Rights (for EU and EEA Users)

You have the right to:

  • Access your personal data
  • Request correction or deletion
  • Withdraw consent or object to processing
  • Request a copy of your data (data portability)

To exercise these rights, please use our Contact Page

We will respond within the time period required by applicable law.

9. Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect data from minors.

10. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always be available on this page, with a new "Effective Date."

If major changes are made, we will notify users via email or a notice on the site.

11. Contact Us

For privacy questions, concerns, or data requests, please reach us through our

Contact Page

We do not publish our email directly to avoid spam and to ensure faster, secure handling of requests.