Legal
Privacy Policy
Last updated: July 2026. This policy explains what personal information invitepe collects, why we collect it, and how we handle it. By using invitepe you agree to the practices described here.
Information We Collect
Account & Profile
- Name and email address (required at sign-up)
- Password — stored as a one-way cryptographic hash; we never see the plain text
- Optional profile details: display photo, bio, phone number, timezone, public username
Booking & Scheduling Data
- Invitee name, email address, and timezone
- Selected meeting date, time, and duration
- Any custom questions answered during the booking flow
- Free-text notes provided by the invitee
- Booking status history (upcoming, completed, cancelled, rescheduled)
Payment Metadata
- Payment amount, currency, and platform fee for each booking
- Razorpay order ID and payment ID (references only — no card or bank details)
- Full card numbers, CVVs, and bank account credentials are handled exclusively by Razorpay and are never stored on invitepe servers
Third-Party Integration Tokens
- OAuth access and refresh tokens for connected services (Google Calendar, Zoom, Microsoft Teams). These are stored encrypted and used solely to create and manage calendar events and meeting links on your behalf.
Technical & Usage Data
- Django session cookie (required for authentication — no tracking cookies)
- Server logs: IP address, request path, HTTP status code, timestamp. Retained for up to 90 days for security and debugging.
How We Use Your Information
- Providing the service — creating accounts, displaying booking pages, processing reservations
- Email notifications — booking confirmations, reminders, reschedule and cancellation notices sent via Amazon SES
- Calendar & meeting sync — creating and updating events in Google Calendar, Zoom, or Microsoft Teams using the OAuth tokens you granted
- Payment processing — passing order details to Razorpay and routing payouts to host bank accounts via Razorpay Route
- Security & fraud prevention — rate-limiting, detecting abuse, and protecting accounts
- Service improvement — aggregate, anonymised usage metrics to understand how features are used. No individual-level behavioural tracking.
We do not sell, rent, or trade your personal data to any third party for marketing purposes.
Third-Party Services
invitepe integrates with the following services. Each operates under its own privacy policy.
Data Retention
- Account data — retained for as long as your account is active. Deleting your account removes your profile, event types, and personal details within 30 days.
- Booking records — retained for 3 years for accounting and dispute-resolution purposes, then permanently deleted.
- Payment metadata — retained for 7 years to comply with applicable financial regulations.
- Server logs — 90 days, then automatically purged.
- OAuth tokens — deleted immediately when you disconnect an integration or delete your account.
Your Rights
You have the right to:
- Access — request a copy of all personal data we hold about you
- Correction — update inaccurate information via Dashboard → Settings at any time
- Deletion — request deletion of your account and personal data (subject to legal retention obligations above)
- Portability — request your booking history and profile data in a machine-readable format
- Withdraw consent — disconnect any OAuth integration at any time via Dashboard → Integrations
To exercise any of these rights, email privacy@invitepe.com. We will respond within 30 days.
The short version
- — We collect only what's needed to run the scheduling service.
- — We never sell your data. We never track you across the web.
- — One session cookie. No ad trackers, no analytics pixels.
- — Your OAuth tokens are used only to create meetings on your behalf and deleted the moment you disconnect.
- — Questions? privacy@invitepe.com
Privacy questions: privacy@invitepe.com · Terms & Refund Policy · Support