Legal

Privacy Policy

Effective date: June 5, 2026

1. Overview and Information Collected

These sections describe the scope of this Privacy Policy and the categories of information Instant Expert collects.

1.1 Overview

This Privacy Policy describes how Instant Expert collects, uses, and shares information when you use our website and services.

By using the service, you agree to the practices described in this policy.

1.2 Information We Collect

We may collect information you provide directly, including name, email address, billing details, communication content, and any profile or project information you submit.

We may also collect usage and device data such as IP address, browser type, pages viewed, and interaction events for analytics, reliability, and abuse prevention.

2. Use and Sharing

These sections describe how Instant Expert uses information and when it may be shared.

2.1 How We Use Information

We use information to provide and improve the service, process transactions, communicate with you, enforce terms, detect fraud, and comply with legal obligations.

We may use aggregated or de-identified information for analytics and product development.

2.2 How We Share Information

We do not sell personal information for monetary compensation.

We may share data with service providers that support hosting, analytics, payments, customer support, or security, subject to contractual confidentiality requirements.

We may disclose information when required by law, to protect rights and safety, or in connection with a merger, acquisition, financing, or sale of assets.

3. Third-Party User Data

These sections describe how Instant Expert handles data from connected third-party accounts, including sign-in and calendar accounts.

3.1 Third-Party User Data Accessed

If you sign in with a third-party account, we may access basic account profile information, including your name, email address, profile image, and account identifier, so we can authenticate you and create or maintain your Instant Expert account.

If you connect a calendar account, we request access to your account email, calendar list metadata such as calendar identifiers, names, and primary-calendar status, and free/busy availability information for calendars you choose to use for scheduling conflict checks.

We store encrypted OAuth access and refresh tokens, token expiration timestamps, granted scopes, the connected account email, and the calendar selections needed to keep the connection working. We do not request or store calendar event titles, descriptions, locations, attachments, attendee lists, or event contents.

3.2 Third-Party User Data Usage

We use third-party sign-in data only to authenticate you, maintain your account session, personalize account-level UI, prevent abuse, and provide support for your account.

We use connected calendar data only to show your connected calendar account, let you choose which calendars should block scheduling conflicts, and calculate whether proposed Instant Expert meeting times conflict with your busy calendar periods.

We do not use connected account data for advertising, do not sell it, and do not use it to train generalized AI or machine-learning models.

3.3 Third-Party User Data Sharing

We do not sell connected account data or share it with third parties for advertising or independent third-party use.

We may disclose connected account data to service providers that process data on our behalf, such as hosting, database, security, monitoring, and customer-support providers, only as needed to operate and protect Instant Expert and subject to confidentiality and data-protection obligations.

We may also disclose connected account data if required by law, to protect the rights and safety of users or the service, or at your direction when you choose to use a feature that requires sharing. Our use and transfer of information received from third-party account APIs adheres to the applicable provider policies, including limited-use requirements.

3.4 Third-Party User Data Storage and Protection

OAuth tokens are encrypted before storage. Access to stored connected account data is limited to authorized systems and personnel who need it to operate, secure, debug, or support the service.

We use administrative, technical, and organizational safeguards such as access controls, encrypted transport, monitored infrastructure, and least-privilege operational practices designed to protect connected account data against unauthorized access, use, loss, alteration, or disclosure.

3.5 Third-Party User Data Retention and Deletion

We retain third-party sign-in profile data for as long as your account remains active or as otherwise needed to provide the service, comply with legal obligations, resolve disputes, or prevent abuse.

We retain calendar connection data only while your calendar remains connected or as otherwise needed for legal, security, or operational reasons. When you disconnect a calendar, we revoke the refresh token when possible and delete the stored calendar connection and calendar-selection records from our systems.

You can request deletion of connected account data or your account by contacting team@instant.expert. We may need to verify your identity before completing a deletion request, and limited records may be retained where required by law, security, fraud prevention, or legitimate business obligations.

4. Retention, Security, and Rights

These sections describe retention, security safeguards, and choices or rights that may be available to you.

4.1 Data Retention

We retain information for as long as reasonably necessary to provide the service, fulfill legitimate business purposes, resolve disputes, and meet legal obligations.

Retention periods may vary based on data type, sensitivity, and applicable legal requirements.

4.2 Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

4.3 Your Choices and Rights

Depending on your location, you may have rights to access, correct, delete, or restrict processing of personal information.

You may also have rights to object to processing or request data portability where legally available.

To make a request, contact us using the email listed below. We may need to verify your identity before processing certain requests.

5. Additional Privacy Terms

These sections cover children, international transfers, and changes to this Privacy Policy.

5.1 Children's Privacy

The service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

If you believe a child has provided personal information, contact us so we can take appropriate action.

5.2 International Data Transfers

If you access the service from outside the United States, your information may be transferred to and processed in the United States or other jurisdictions with different data protection laws.

5.3 Changes to This Policy

We may update this Privacy Policy from time to time by posting a revised version on this page.

Your continued use of the service after changes become effective constitutes acceptance of the updated policy.