Privacy Policy

Effective date: May 1, 2026 · Last updated: May 1, 2026

1. Introduction

Welcome to SoSoul Calendar ("we," "us," or "our"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application and services (the "App").

Please read this policy carefully. If you disagree with its terms, please discontinue use of the App.

2. Information We Collect

Account information

Email address (provided by Google when you sign in via AWS Cognito)
First and last name (provided by you during initial account setup)
A unique user identifier generated by our system

Calendar & social data

Events you create, including title, description, date, time, and location
RSVP status for events you are invited to
Friend connections and pending invitations

Profile images

Profile photos you choose to upload, stored privately in Amazon S3 and accessible only via time-limited signed URLs issued to authenticated users by our server

Usage & diagnostic data

Device type, operating system, and app version
Crash reports and diagnostic data used to improve App stability

        We do not access your Google Calendar data. SoSoul Calendar maintains its own calendar data, which is
        stored on our servers and is separate from any external calendar service.
      

3. How We Use Your Information

Provide, operate, and maintain the App and its social features
Authenticate your identity via Google Sign-In (powered by AWS Cognito)
Display your profile, events, and friend connections within the App
Deliver event invitations to your friends within the App
Serve your profile image securely via signed URLs
Diagnose technical issues and improve App stability
Comply with legal obligations

We do not sell your personal information to third parties.

4. Google Sign-In

SoSoul Calendar uses Google Sign-In (via AWS Cognito) for authentication. When you sign in with Google, we receive your email address from Google solely to identify and authenticate your account. Your first and last name are collected directly from you during initial account setup, and your profile picture is one you choose to upload yourself. We do not request access to your Google Calendar, Google Drive, or any other Google services.

Our use of information received from Google complies with the Google API Services User Data Policy , including the Limited Use requirements.

5. Data Storage and Security

Your data is stored on AWS infrastructure in the us-east-1 region. We implement appropriate technical and organizational measures — including encrypted data in transit (HTTPS/TLS), IAM least-privilege policies, and signed CloudFront URLs for media — to protect your information against unauthorized access, alteration, disclosure, or destruction.

While we take reasonable precautions, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

We retain your personal information for as long as your account is active or as needed to provide the App's services. You may request deletion of your data at any time (see Section 7).

6. Sharing of Information

We may share your information only in the following limited circumstances:

AWS infrastructure: We use Amazon Web Services (Lambda, S3, CloudFront, API Gateway, Cognito, SecretsManager) to operate the App. AWS processes data on our behalf under their Privacy Notice. Profile images stored in S3 are never publicly accessible; they are served exclusively via time-limited signed URLs issued to authenticated users.
Legal requirements: If required by law, regulation, or valid legal process.
Business transfers: In connection with a merger, acquisition, or sale of assets, with appropriate notice.
With your consent: Any other sharing with your explicit permission.

7. Your Rights and Choices

You may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of your account and associated data.
Portability: Request a machine-readable export of your data.
Revoke Google Sign-In: Revoke our app's access to your Google account at any time via Google Account permissions . This will prevent future sign-ins but does not automatically delete your existing data.

To exercise any of these rights, contact us at the address in Section 10.

8. Children's Privacy

SoSoul Calendar is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately and we will take steps to delete it.

9. Third-Party Links

The App may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing any personal information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date at the top of this page. Continued use of the App after changes become effective constitutes acceptance of the revised policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us:

SoSoul Calendar
Email: alpha_app@sosoulcalendar.com