Time and calendar data are sensitive. Here's exactly how we protect yours.
Every query is scoped to your organisation at the application layer. No row in our database can be returned to another tenant — period. We use a sharded tenant database where each org's data lives behind its own encrypted connection string.
When you connect Google Calendar, Outlook, or Zoom, the events are scoped to YOUR account — not even other members of your own org can see them. We never use your calendar data to train models for other customers.
Plus tier AI inference runs on-device — meeting titles never leave your browser. Only Pro's "Get an AI take" sends sanitised meeting context to a cloud LLM, and only when you explicitly click the button. Bodies, full attendee emails, and free-text notes are stripped before any cloud call.
TLS 1.2+ for all traffic. Database encryption at rest. OAuth refresh tokens encrypted with AES-256-GCM. Tenant database connection strings stored encrypted; the master key never touches our application database.
Every create, update, and delete is recorded with actor, timestamp, before/after diff, and IP. Pro plans get 90-day retention plus the History panel on every entity. Every super-admin impersonation is logged separately and cannot be deleted.
SOC 2 Type II — in progress, target Q3. GDPR — covered today via data export, account deletion, and DPA on request. ISO 27001 and HIPAA — on the roadmap, contact us if these are blocking adoption.
Pen-test reports, SOC 2 progress letter, sub-processors list, DPA template — we'll send what we have on request.
security@timsio.com