ChronSync

Privacy Policy

Last updated: 18 March 2026

1. Who we are

ChronSync is operated by Leadare LP, trading as Leadetic, registered in Athens, Greece. When this policy refers to “we”, “us”, or “our”, it means Leadare LP.

For any privacy-related inquiries, contact us at [email protected].

2. Data we collect

We collect the following categories of personal data:

  • Account information — name, email address, and authentication credentials when you register or sign in.
  • Calendar data — events, availability, and calendar metadata when you connect a calendar provider (Google, Microsoft, or Apple).
  • Booking data — attendee names, email addresses, booking times, and meeting links.
  • Integration tokens — OAuth access and refresh tokens for connected services (Google, Microsoft, Zoom, Apple). These are stored encrypted.
  • Usage data — pages visited, features used, and interaction patterns to improve the service.

3. How we use your data

We process your data for the following purposes:

  • Providing the scheduling and calendar synchronisation service.
  • Generating meeting links via connected video conferencing providers.
  • Sending booking confirmations, reminders, and notifications.
  • Improving the service and fixing issues.

Our legal basis for processing is the performance of our contract with you (providing the service) and our legitimate interest in improving ChronSync.

4. Third-party services

ChronSync integrates with the following third-party services, each governed by their own privacy policies:

  • Google — Calendar and Google Meet integration.
  • Microsoft — Outlook Calendar and Microsoft Teams integration.
  • Zoom — Meeting link generation.
  • Apple — Calendar integration via CalDAV.
  • Resend — Transactional email delivery.
  • Hetzner — Object storage (S3-compatible) for uploaded files.

We only share data with these services to the extent necessary to provide the features you have enabled.

5. Data storage and security

Your data is stored in a PostgreSQL database hosted in the European Union. OAuth tokens are encrypted at rest. We use TLS encryption for all data in transit. Access to production systems is restricted to authorised personnel.

6. Data retention

We retain your personal data for as long as your account is active. When you delete your account, we delete your personal data within 30 days. Anonymised usage data may be retained for analytical purposes.

7. Your rights

Under the General Data Protection Regulation (GDPR) and applicable Greek data protection law, you have the following rights regarding your personal data:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — request correction of inaccurate or incomplete data.
  • Right to erasure — request deletion of your personal data (“right to be forgotten”).
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to restrict processing — request that we limit how we use your data.
  • Right to object — object to processing based on legitimate interests.
  • Right to withdraw consent — where processing is based on consent, withdraw it at any time.

To exercise any of these rights, email us at [email protected]. We will respond within 30 days of receiving your request.

You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) if you believe your data protection rights have been violated. Contact details: www.dpa.gr.

8. Cookies

ChronSync uses essential session cookies for authentication. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

9. Changes to this policy

We may update this privacy policy from time to time. For material changes, we will notify you via email. The “last updated” date at the top of this page indicates when the policy was last revised.

10. Contact

If you have questions about this privacy policy or our data practices, contact us at [email protected].