myappointment.ai
Legal

Privacy Policy

Effective June 27, 2026

MyAppointment.AI (“MyAppointment,” “we,” “us,” or “our”), operated by MyQueso Holdings, Inc., provides online scheduling tools that let a host share a booking link so their clients can book meetings. This Privacy Policy explains what information we collect, how we use it, and the choices you have. It applies to myappointment.ai and the booking and scheduling features offered there.

Two terms are used throughout. A host is the professional who connects a calendar and offers times to book. A visitor is a person who books a meeting on a host’s page.

1. Information we collect

Account information. Host accounts are created through a connected customer relationship management (CRM) product (for example, MyLola or SWH). We receive the host’s name, email address, and the scheduling settings they configure, such as booking pages, meeting types, availability, and branding.

Booking information. When a visitor books a meeting, we collect the information they provide on the booking form. This typically includes their name, email address, an optional phone number, any answers to the host’s intake questions, and any notes they add.

Calendar information. When a host connects a calendar, we access limited calendar data to provide scheduling. See Section 2 for details specific to Google Calendar.

Technical information. We collect basic technical data needed to operate and secure the service, such as IP address, browser type, timestamps, and error logs.

We do not request or collect special categories of personal data, and we do not knowingly collect information from children (see Section 8).

2. Google user data and Limited Use

When you connect your Google Calendar, MyAppointment.AI accesses your calendar list and free/busy information to determine your availability, and creates, updates, or deletes calendar events that correspond to bookings made through MyAppointment.AI. We do not read the contents of unrelated calendar events and we do not use this data for advertising. Access tokens are stored securely and used only to provide the scheduling features you enable. You can revoke access at any time at myaccount.google.com/permissions or by disconnecting your calendar in MyAppointment settings.

If a host connects a Google account, MyAppointment requests only the Google Calendar access needed to provide scheduling. We do not request access to Gmail, Google Contacts, Google Drive, or any data that is not needed for scheduling.

What we access

  • Calendar availability (read). We read the host’s calendar free/busy information and event times to calculate accurate availability. This uses Google Calendar read access.
  • Calendar events (write). We create, update, and cancel events for bookings, add the visitor as a guest, and generate a Google Meet link for virtual meetings. This uses Google Calendar events access.

How we use it

We use Google user data only to provide and improve the scheduling features the host turned on, which are the prominent, user-facing features of MyAppointment. We do not use Google user data for any other purpose.

How we store and protect it

To keep providing scheduling, we store the host’s Google authorization (the access and refresh tokens) on our servers with restricted access. These tokens are never exposed to the browser, never stored in client-side storage, and are transmitted over encrypted connections.

How we share it

We do not sell Google user data, and we do not transfer it to third parties such as advertising platforms, data brokers, or information resellers. The only third party involved in handling this data is Google itself, which provides the Calendar and Meet services on the host’s behalf.

MyAppointment’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Consistent with the Limited Use requirements, we do not use Google user data to serve advertising, and we do not allow humans to read it except: with the host’s affirmative consent; as necessary for security or to comply with applicable law; or where the data is aggregated and used for internal operations in line with the policy above.

Your control

A host can disconnect Google Calendar at any time from the MyAppointment settings page, or revoke access from their Google Account permissions. Disconnecting or revoking deletes the stored access and refresh tokens from our systems.

3. How we use information

  • Provide scheduling: show availability, take bookings, and create or change calendar events.
  • Send transactional messages such as booking confirmations, reschedules, cancellations, and reminders.
  • Operate, secure, and improve the service.
  • Comply with legal obligations and enforce our Terms of Service.

We do not sell personal information, and we do not use it for third-party advertising.

4. How we share information

  • With the host. A booking’s details are shared with the host whose page was used.
  • With the connected CRM. Booking details are sent to the host’s connected CRM so the host’s records stay current.
  • With service providers. We use trusted vendors to host infrastructure, send email and text messages, and provide calendar and meeting services (for example, Google). They may process data only to perform services for us.
  • For legal reasons. We may disclose information if required by law or to protect rights, safety, and the integrity of the service.
  • In a business transfer. If we are involved in a merger, acquisition, or asset sale, information may transfer as part of that transaction.

5. Data retention

We keep information for as long as needed to provide the service and for legitimate business or legal purposes. Calendar access and refresh tokens are deleted when a host disconnects their calendar or closes their account. Booking records may be retained by the host in their connected CRM under that CRM’s own policies.

6. Security

We protect information with administrative, technical, and physical safeguards. Calendar tokens are stored on our servers with restricted access, are never exposed to the browser or stored in client-side storage, and are transmitted over encrypted connections. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

7. Your choices and rights

  • Disconnect a calendar at any time from the settings page, or revoke access in your Google Account.
  • Access, correct, or delete. Hosts can manage their data through their connected CRM. Visitors can contact the host, or contact us, to request access to or deletion of their booking information, subject to the host’s records.
  • Depending on where you live, you may have additional rights under laws such as the GDPR or CCPA/CPRA. To exercise them, contact us at the address in Section 10.

8. Children

MyAppointment is not directed to children and is not intended for use by anyone under 18. We do not knowingly collect information from children. If you believe a child has provided information, contact us and we will delete it.

9. International users

MyAppointment is operated in the United States. If you access the service from outside the United States, you understand your information may be processed in the United States.

10. Changes and contact

We may update this Privacy Policy from time to time. We will post the updated version here and revise the effective date above. Material changes will be communicated where appropriate.

Questions or requests: privacy@myappointment.ai.