Privacy Policy

Last updated: January 21, 2025

đź“‹ Quick Summary

  • Your calendar stays private - we do not expose your schedule or other calendar events to other contacts. If you create or schedule an event using Blossum, the event details you choose to include will be shared with the invitee(s). We do not share your broader schedule (what else is on your day/week or who you meet with).
  • We collect minimal data - Only what's needed to make scheduling work and to run the service reliably
  • You control your data - request export by emailing hello@blossumnow.com , or delete your account via Settings → Delete Account (or by emailing hello@blossumnow.com)
  • No selling your info - We're not in the data business
  • Questions? Email hello@blossumnow.com

Table of Contents

1. Information We Collect

Information You Provide

When you use Blossum, you provide us with:

  • Account information: Name, email address, phone number (optional)
  • Calendar connections: OAuth tokens to access your Google Calendar, Outlook, or iCal
  • Priority contacts: Names and contact details of people you designate for ongoing engagement
  • Availability preferences: Your scheduling rules and preferences

Information We Collect Automatically

  • Usage data: How you interact with Blossum (features used, meetings scheduled)
  • Device information: Device type, operating system, browser type
  • Log data: IP address, access times, error logs

What we DON'T collect: We never read the content of your calendar events. We only access start/end times and availability status (free/busy).

2. How We Use Your Information

We use your information to:

  • Provide and maintain the Blossum service
  • Find available meeting times across calendars
  • Send meeting invitations and reminders
  • Suggest optimal times to connect with priority contacts
  • Improve our features and user experience
  • Communicate with you about updates, features, and support
  • Prevent fraud and ensure platform security

Important: We will never sell your personal information to third parties. Period.

3. Calendar Data Privacy

Your calendar privacy is our top priority.

What We Access

  • Free/busy status (to determine availability)
  • Start and end times of events
  • Calendar timezone settings

What We NEVER Access

  • Event titles or descriptions
  • Event locations
  • Attendee lists
  • Meeting notes or attachments
    • (In short: for external events we only read free/busy + start/end + timezone.)

What We Share

When suggesting meeting times to your contacts, we only share available time slots.

  • When you schedule a meeting through Blossum, the invitee(s) will receive the event details you include (title, time, location, notes, attachments, attendees). That’s necessary for invitations to work.
  • If two Blossum users mutually select each other as priority contacts, Blossum may suggest time slots that work for both. Those suggestions only show available time slots — they do not reveal other details about your calendar or who you’re meeting with.
  • You will be able to block specific contacts from receiving algorithmic scheduling suggestions (we are implementing an in-app block control).

Microsoft sign-in & Admin consent (work / school accounts)

If you sign in with a Microsoft work or school account, Blossum will request the Microsoft Graph permissions needed to enable calendar sync (specifically to read free/busy status, event start/end times, and timezone settings). Some of those permissions may require an Azure administrator to grant tenant-wide (admin) consent before users in your organization can complete sign-up and use calendar features.

  • Important: Tenant-wide admin consent does not change what Blossum accesses or shares — it only lets an administrator approve the exact permissions listed on the Microsoft consent screen so individual users in the tenant don’t need to approve them each time. We continue to only access the items listed above.
    • For exact permission names, the admin consent URL, and step-by-step admin instructions, see our Admin Setup page.

    4. Data Sharing & Disclosure

    We share your information only in these limited cases:

    With your explicit consent
    Where you explicitly choose to share availability or schedule a meeting, we will share only what is necessary to enable that meeting.

    With service providers
    We use trusted third-party service providers who process data on our behalf under contract and are restricted to processing only for the services they provide to us. Our primary providers include:

    • Cloud hosting / infrastructure: Google Cloud.
    • Payment processing: Stripe
    • Email delivery: Klaviyo (transactional/marketing messages).
    • Analytics: Google Analytics (configurable per user marketing settings).

    These partners are contractually obligated to protect your data and may only use it to provide services to us.

    For legal compliance
    We may disclose information if required by law, court order, or government regulation.

    To protect rights and safety
    We may share information to prevent fraud, protect our rights, or ensure user safety.

    5. Your Rights & Controls

    You have full control over your data. You may request a copy of your personal data and event data stored in Blossum. We will respond to requests in accordance with the applicable law for your jurisdiction (for example: EU/UK GDPR: within 1 month; Canada / PIPEDA: within 30 days; California / CCPA: within 45 days). If complexity requires it, we may extend where allowed by law and will notify you.

    Access & Export

    To request export/access: email hello@blossumnow.com with subject line: Data Request — Export/Access, include the account email and a copy of an identity verification (e.g., photo of ID or verification code sent to account email) as instructed by our support team. Where legally required (e.g., GDPR data portability), provided data will be supplied in a structured, commonly used, machine-readable format (CSV/JSON) where technically feasible.

    Update or Correct

    At present Blossum reads contact/profile info from your phone or connected account. We do not yet offer a full “update profile” page for every field; to request corrections, email hello@blossumnow.com and we will apply corrections or provide instructions.

    Delete Your Data

    You can delete your account and all associated data in one of two ways:

    • Tap Settings → Delete Account in the app. This will open your email app and create a pre-filled message addressed to support@blossumnow.com (subject: “Blossum account delete request”). Send that message and we’ll begin the deletion process.
    • Or email support@blossumnow.com directly with the subject line Blossum account delete request and tell us which account (email address) to delete.

    When you request deletion we may ask a short follow-up to verify identity. Once verified, we’ll delete your data within 30 days, except where we’re legally required to retain certain records (for example, financial or tax records). If you’d like us to confirm what will be removed, reply to your deletion request and we’ll provide a short summary. For details about what information Apple collects for the iOS app, see our App Store privacy details: https://appstoreconnect.apple.com/apps/1503201540/distribution/privacy

    Disconnect Calendars

    You can revoke Blossum's access to your calendars at any time through your Google or Microsoft account settings.

    Marketing Opt-Out

    Unsubscribe from marketing emails using the link at the bottom of any email, or contact us.

    6. Data Security

    We take security seriously:

    • Encryption: All data is encrypted in transit (TLS) and at rest (AES-256)
    • OAuth authentication: We never store your calendar passwords
    • Regular security audits: We continuously monitor for vulnerabilities
    • Limited access: Only authorized team members can access user data, and only when necessary for support

    While we implement strong security measures, no system is 100% secure. If you suspect a security issue, contact us immediately at hello@blossumnow.com.

    7. Children's Privacy

    Blossum is not intended for users under 13 years old. We do not knowingly collect information from children. If we discover we've collected data from a child under 13, we'll delete it immediately.

    8. Changes to This Policy

    We may update this Privacy Policy from time to time. When we do:

    • We'll update the "Last updated" date at the top
    • For significant changes, we'll notify you via email or in-app notification
    • Your continued use of Blossum after changes means you accept the updated policy

    9. Contact Us

    Questions about this Privacy Policy? We're here to help.

    Email: hello@blossumnow.com
    Mail:
    C/O VOYER LAW CORPORATION
    403-134 ABBOTT STREET
    VANCOUVER BC V6B 2K4
    CANADA

    Legal Review Status: These Terms of Service were drafted using industry-standard frameworks and best practices. Formal legal review is pending as of January 2025. We will update this notice once review is complete. Last updated: January 23, 2025 Legal review: Pending

    Need Clarification?

    Legal documents can be confusing. If anything here is unclear, we're happy to explain.

    Email Us