BusyBee

Privacy Policy

Last updated: April 15, 2026

1. Introduction

BusyBee ("BusyBee", "we", "us", "our") is a software service that connects Slack and Google Calendar so your Slack status (and related Slack settings you configure) can reflect your calendar. This Privacy Policy describes how we collect, use, store, and protect information when you use the BusyBee Slack application, website, and dashboard (together, the "Service").

By installing or using the Service, you agree to this Privacy Policy. If you do not agree, do not use the Service.

2. Who operates the Service

Operator: Orem Data, LLC, DBA BusyBeeApp

3. Information we collect

3.1 Slack workspace and account data

When you install or use BusyBee in Slack, we receive and store identifiers needed to run the integration, such as your Slack workspace (team) ID and name, and your Slack user ID. We do not collect or store your Slack password; authentication is handled by Slack.

3.2 OAuth tokens (encrypted at rest)

To perform actions on your behalf with minimal scopes, we store OAuth tokens provided by Slack and Google. In our database these secrets are encrypted at rest using an application-managed encryption key. This typically includes Slack user and bot tokens and a Google OAuth refresh token for calendar access.

3.3 Google Calendar connection

If you connect Google Calendar, we store which calendar you selected (for example "primary") and the encrypted refresh token described above. We use Google's APIs to read calendar data needed to evaluate your rules. We do not write changes back to Google Calendar as part of normal Service operation.

3.4 Calendar events (processed to run the Service)

To decide when to update Slack, the Service reads calendar event information from Google (such as timing, titles or types, and other fields exposed by the Calendar API that your rules rely on). That data is processed in memory or transiently as part of polling and rule matching. We do not maintain a long-term archive of your full calendar history in our database for this purpose.

You may configure rules using text you enter (for example keywords or patterns to match event titles). Those rule fields are stored as your settings, not as a copy of Google's calendar database.

3.5 Status rules and preferences

We store the rules and options you configure in the Service (for example rule names, match conditions, status text and emoji, notification pause preferences, and enablement flags).

3.6 Billing (Stripe)

If you subscribe, payment details are collected and processed by Stripe. We receive and store identifiers and subscription-related fields needed to manage billing in our systems (for example Stripe customer and subscription IDs, plan or trial state, and related workspace or user linkage as implemented in our product). We do not store full payment card numbers.

3.7 Web dashboard and marketing site

When you use our website or dashboard, we may process typical web technical data such as IP address, user agent, and request metadata as part of hosting and security. The dashboard may use an HTTP-only session cookie and related tokens to keep you signed in after you authenticate.

Where Cloudflare Turnstile (or similar) is enabled, a challenge may be verified with Cloudflare during sensitive flows such as installation; that interaction is governed by Cloudflare's policies.

4. Information we do not use the Service to retain

BusyBee is not designed to store:

  • A complete historical copy of your calendar or every event field.
  • Slack message content or Slack message history.
  • Your Google account password.

Slack profile and Do Not Disturb settings may be updated according to your rules; those updates live in Slack and are subject to Slack's own retention and visibility rules.

5. How we use information

  • Install, authenticate, and maintain the Slack integration.
  • Read Google Calendar as authorized, evaluate your rules, and update Slack.
  • Operate and secure the Service (including fraud or abuse prevention).
  • Provide billing and subscription management where applicable.
  • Respond to support requests and communicate about the Service.
  • Comply with law and enforce our terms.

We do not sell your personal information.

6. Legal bases (EEA, UK, and similar jurisdictions)

Depending on where you live, we may rely on one or more of: performance of a contract (providing the Service you requested); legitimate interests (for example securing and improving the Service, provided those interests are not overridden by your rights); consent where required (for example certain marketing or optional analytics, if we add them); and legal obligation.

7. Cookies and similar technologies

Our sites may use cookies or similar technologies needed for security, session management, and basic functionality. You can control cookies through your browser settings; disabling some cookies may limit dashboard features.

8. Third-party services

We integrate with service providers that process data under their own terms and privacy policies, including for example:

  • Slack — workspace integration and API usage.
  • Google — Calendar API access you authorize.
  • Stripe — payments and subscriptions.
  • Cloudflare — security and challenge verification when configured.
  • Vercel — hosting for our marketing site and web dashboard (Next.js).
  • Railway — hosting for our application API and Slack integration backend.

You can revoke Slack or Google access through your Slack and Google account settings; that may limit or stop BusyBee from working.

9. Retention

We retain information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Billing records may be retained longer where tax or financial rules require. Technical logs are typically kept for a limited period unless needed for security investigations.

10. Deletion and your choices

You can disconnect Google Calendar using in-app or dashboard flows where available, and you can remove or restrict the BusyBee app from your Slack workspace through Slack's controls. Removing the app may not erase every record immediately on our servers; you may email us to request deletion of personal data associated with your account, subject to lawful retention needs.

Contact hello@getbusybee.app for data requests.

11. Security

We use encryption for OAuth tokens at rest, HTTPS for web traffic in production configurations, and narrow OAuth scopes where possible. No method of transmission or storage is completely secure; we take reasonable steps to protect information but cannot guarantee absolute security.

12. International transfers

Our service providers may process data in countries other than your own. Where required, we rely on appropriate safeguards such as standard contractual clauses or equivalent mechanisms, in addition to technical and organizational measures.

13. Your privacy rights

Depending on applicable law, you may have rights to access, correct, delete, restrict, or object to certain processing, or to data portability, and rights related to automated decision-making where applicable. You may also have the right to lodge a complaint with a supervisory authority. To exercise rights, contact us at the email below. We may need to verify your request.

14. Children's privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe we have collected such information, contact us and we will take steps to delete it.

15. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the "Last updated" date. For material changes, we may provide additional notice (for example by email or an in-product message) where appropriate.

16. Contact

Questions about this Privacy Policy: hello@getbusybee.app