Skip to main content

Privacy Policy

Last updated: January 10, 2026

At MeetMate, we respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and store your information in compliance with GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act).

1. Data We Collect

We collect minimal information necessary to provide our scheduling service:

  • Event names and date ranges you create
  • Participant names entered when joining events
  • Availability selections (available, maybe, unavailable dates)
  • Unique session tokens (UUIDs) stored in your browser's localStorage for session management
  • IP addresses for security and abuse prevention (automatically logged by our hosting provider)
  • Browser type, device type, and access times for service improvement

2. How We Use Your Data

Your data is used exclusively for:

  • Providing the core scheduling functionality
  • Enabling real-time updates when participants submit availability
  • Calculating optimal meeting dates based on participant availability
  • Preventing abuse and ensuring service security
  • Improving service performance and user experience

We never sell, rent, or trade your personal information to third parties.

3. Data Storage and Security

Your data is stored securely:

  • All data is encrypted in transit (HTTPS/TLS) and at rest
  • Stored in Supabase (PostgreSQL) with industry-standard security practices
  • Data is stored in secure data centers with physical and digital security measures
  • Access to data is restricted to essential personnel only
  • Event passwords are hashed using bcrypt (never stored in plain text)

4. Data Retention Policy

We automatically delete event data after 30 days of inactivity to minimize data storage:

  • Events and all associated data (participants, availability) are deleted 30 days after the event's end date
  • Event creators can manually delete events at any time through the admin controls
  • Deletion is immediate and permanent - data cannot be recovered

5. Browser Storage (localStorage)

We use your browser's localStorage to store session tokens:

  • Session tokens allow you to edit your availability when returning to an event
  • Stored with key pattern: session_[eventId]
  • You can clear this data anytime through your browser settings
  • We do not use cookies for tracking or advertising

6. Your Rights (GDPR & CCPA)

You have the following rights regarding your data:

  • Right to access: Request a copy of your personal data
  • Right to rectification: Correct inaccurate data
  • Right to erasure: Request deletion of your data (event creators can delete events directly)
  • Right to data portability: Receive your data in a structured format
  • Right to object: Object to data processing
  • Right to restriction: Request restricted processing of your data
  • Right to withdraw consent: Withdraw consent at any time

7. Third-Party Services

We use the following third-party services:

Supabase (Database & Real-time)

Secure data storage and real-time synchronization

Privacy Policy: https://supabase.com/privacy

Vercel (Hosting)

Application hosting and content delivery

Privacy Policy: https://vercel.com/legal/privacy-policy

These services may have access to technical data (IP addresses, request logs) as part of their infrastructure.

8. No User Accounts

MeetMate does not require user accounts or authentication. You do not need to provide email addresses, phone numbers, or create passwords to use our service. All participation is anonymous except for the names you choose to provide when joining events.

9. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of MeetMate after changes constitutes acceptance of the updated policy.

Privacy Policy - MeetMate | MeetMate