AI
AIAgentsAge
Agents HubPricingBlog
Contact
Book a Call
Back to Agenda

Privacy Policy for Agenda Application

Last Updated: 22 December 2025

1. Introduction

Agenda (the "Application", the "Service") is a multi-tenant agency and productivity dashboard designed to help users manage business operations including, but not limited to, client management, project tracking, task planning, calendar scheduling, meetings, time tracking, invoicing, and internal collaboration.

This Privacy Policy explains in full detail how personal data is collected, used, stored, shared, transferred, and protected when you use the Application.

We are committed to processing personal data lawfully, fairly, transparently, and securely, in accordance with:

  • UK General Data Protection Regulation (UK GDPR)
  • EU General Data Protection Regulation (EU GDPR)
  • Data Protection Act 2018
  • Other applicable data protection and privacy laws

By accessing or using the Application, you confirm that you have read and understood this Privacy Policy.

2. Data Controller

For the purposes of applicable data protection laws, the Data Controller is:

  • Name: Prasaath Sastha Kuppan Ravi
  • Trading As: AIAgentsAge
  • Jurisdiction: United Kingdom
  • Contact Email: privacy@aiagentsage.com

At the time of publication of this Privacy Policy, AIAgentsAge is operated as an independent software project and is not incorporated as a separate legal entity. All data protection responsibilities are assumed personally by the Data Controller.

3. Scope of This Policy

This Privacy Policy applies to:

  • All users of the Agenda Application
  • Users located in the United Kingdom, European Economic Area (EEA), and Switzerland

This policy applies solely to the Agenda Application and does not cover third-party websites or services that may be linked or integrated.

4. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person
  • User: Any individual accessing or using the Application
  • Processing: Any operation performed on personal data
  • Controller: The person determining the purposes and means of processing
  • Processor: A third party processing data on behalf of the Controller
  • Tenant: An organization or workspace within the Application

5. Categories of Personal Data Collected

5.1 Identity and Account Information

  • Full name
  • Email address
  • Profile image (if provided via authentication)
  • Internal user identifier

5.2 Authentication and Security Data

  • OAuth identifiers
  • Access and refresh tokens
  • Session identifiers
  • Login timestamps
  • Security and authentication logs

5.3 Technical and Device Data

  • IP address
  • Browser type and version
  • Operating system
  • Device type
  • Time zone
  • Error and diagnostic logs

5.4 Usage Data

  • Pages and features accessed
  • Actions performed in the Application
  • Session duration
  • Interaction timestamps

5.5 Business and User-Generated Content

  • Client and project information
  • Tasks, time entries, and invoices
  • Calendar events and meeting details (including creation, modification, and deletion of Google Calendar events)
  • Attendee information
  • Email templates and reminders
  • Notes, comments, and internal records

Users remain responsible for ensuring lawful processing of any third-party personal data they upload.

6. Purposes of Processing

Personal data is processed for the following purposes:

6.1 Service Provision

  • Account creation and management
  • User authentication
  • Access to multi-tenant workspaces
  • Calendar scheduling and synchronization (read, create, update, and delete calendar events on your behalf)
  • Project, task, and time management
  • Invoicing and record keeping

6.2 Communication

  • Meeting invitations and reminders
  • Transactional and system emails
  • Security and service notifications

6.3 Security and Fraud Prevention

  • Preventing unauthorized access
  • Monitoring system integrity
  • Enforcing tenant data isolation

6.4 Service Improvement

  • Performance monitoring
  • Feature enhancement
  • Debugging and error resolution

6.5 Legal and Regulatory Compliance

  • Compliance with legal obligations
  • Responding to lawful authority requests
  • Protection of legal rights

7. Legal Bases for Processing

Personal data is processed on the following lawful bases under GDPR:

  • Performance of a Contract (Article 6(1)(b))
  • Legitimate Interests (Article 6(1)(f))
  • Consent (Article 6(1)(a)), where applicable
  • Legal Obligation (Article 6(1)(c))

Consent may be withdrawn at any time where applicable.

8. Data Sharing and Disclosure

8.1 Data Processors

Personal data may be shared with trusted processors, including:

  • Authentication providers (e.g., Google OAuth, Google Calendar API)
  • Database and infrastructure providers
  • Email delivery services
  • Cloud hosting and security providers

All processors operate under appropriate data protection agreements.

8.2 Tenant-Level Sharing

Data may be visible to:

  • Other users within your tenant
  • Clients or collaborators you invite
  • Calendar participants when integrations are enabled

8.3 Legal Disclosure

Data may be disclosed where required by law or in response to valid legal requests.

8.4 Business Changes

In the event of a transfer of ownership or future incorporation, personal data may be transferred subject to continued safeguards and user notification.

9. International Data Transfers

Personal data may be processed outside the UK or EEA, including in the United States.

Where international transfers occur, appropriate safeguards are implemented, including:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable
  • Technical and organizational security measures

10. Data Retention

Personal data is retained only as long as necessary:

  • Account data: While the account is active
  • Business data: Until deleted by the user or account termination
  • Authentication data: While integrations remain active
  • Security logs: For limited operational periods

Data may be retained longer where legally required.

11. Your Data Protection Rights

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase personal data
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time
  • Not be subject to automated decision-making with legal effects

Requests are handled within one month and are generally free of charge unless manifestly unfounded or excessive.

12. Cookies and Similar Technologies

The Application uses cookies and similar technologies strictly for:

  • Authentication and session management
  • Security
  • Preference storage
  • Performance optimization

You may control cookies through your browser settings. Disabling cookies may affect functionality. For more details, see our Cookie Policy.

13. Security Measures

Appropriate technical and organizational measures are implemented, including:

  • Encryption in transit and at rest
  • Secure OAuth authentication
  • Token protection and rotation (including Google Calendar access and refresh tokens)
  • Role-based access control
  • Multi-tenant data isolation
  • Monitoring and audit logging

14. Children's Privacy

The Application is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children.

15. Google Calendar Integration

When users connect their Google Calendar to the Application, the following permissions are granted:

  • Calendar Read Access: The application accesses your calendar events to check availability when scheduling meetings and preventing double-bookings.
  • Calendar Create Access: The application creates calendar events when you schedule meetings through the integrated scheduler.
  • Calendar Update Access: The application updates existing calendar events when meeting details change in the Application.
  • Calendar Delete Access: The application deletes calendar events when meetings are canceled in the Application.

These permissions enable the Application to:

  • Create, update, and manage meeting events on your behalf
  • Check your availability when scheduling new meetings
  • Synchronize meeting details between the Application and your Google Calendar
  • Generate Google Meet conference links and attach them to calendar events
  • Send meeting reminders based on calendar event timing

All calendar data is processed securely and remains accessible only to authorized users within your tenant. Users may revoke Google Calendar access at any time through their Google Account settings or by disconnecting the integration in the Application.

16. Processing Personal Data of Others

If you upload personal data relating to other individuals, you confirm that you have lawful authority to do so and that such processing complies with applicable laws.

17. Changes to This Privacy Policy

This Privacy Policy may be updated periodically. Changes will be posted within the Application and reflected in the "Last Updated" date.

18. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. In the United Kingdom, this is the Information Commissioner's Office (ICO).

19. Contact Information

For all privacy-related inquiries:

Email: privacy@aiagentsage.com

Effective Date

This Privacy Policy is effective as of 22 December 2025.

Terms of ServiceCookie Policy
AI
AIAgentsAge

Solutions

  • Overview
  • Agents Hub
  • Services

Company

  • About
  • Case Studies
  • Blog
  • Contact

Support

  • Pricing
  • Book a Call

Legal

  • Privacy Policy
  • Cookie Policy
  • Terms of Service

© 2024 AIAgentsAge. All rights reserved.

GDPR compliant • EU-based business

AI Agents to your Advantage.