cafe logo

Privacy Policy

Last Updated: January 3, 2026

1. Introduction

CAFE SOFTWARE LLC ("we," "our," or "us") operates cafe.link (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information

When you create an account, we collect:

  • Email address
  • Account credentials (encrypted passwords)
  • Profile information you provide

2.2 Calendar and Event Data

When you use our Service, we collect:

  • Calendar names, descriptions, and privacy settings
  • Event details (titles, descriptions, dates, times, locations)
  • Event acknowledgments and RSVPs
  • Comments and photos you add to events
  • Links to other calendars you create or curate

2.3 Usage and Analytics Data

We automatically collect:

  • IP address and device information
  • Browser type and version
  • Pages visited and features used
  • Time and date of access
  • Referring website addresses
  • Analytics data through third-party services

2.4 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to track activity on our Service and store certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

3. How We Use Your Information

We use the collected information for:

  • Providing, operating, and maintaining our Service
  • Creating and managing your account
  • Enabling calendar and event sharing functionality
  • Sending administrative information and updates
  • Responding to your inquiries and support requests
  • Analyzing usage patterns to improve our Service
  • Detecting, preventing, and addressing technical issues
  • Preventing fraud and enhancing security
  • Complying with legal obligations

4. Data Sharing and Disclosure

4.1 Public and Unlisted Calendars

Calendars marked as "public" are accessible to anyone. Calendars marked as "unlisted" are accessible to anyone with the link. Private calendars are only accessible to you.

4.2 Service Providers

We may share your information with third-party service providers who assist us in:

  • Database hosting and management (Supabase)
  • Analytics services
  • Customer support tools
  • Email communication services
  • Payment processing (if applicable)

These service providers are contractually obligated to use your information only as necessary to provide services to us and are prohibited from using it for their own purposes.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. International Data Transfers

Your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable law.

6. Your Rights and Choices

6.1 Access and Portability

You have the right to access and receive a copy of your personal data.

6.2 Correction

You have the right to correct inaccurate or incomplete personal data.

6.3 Deletion (Right to Erasure)

You have the right to request deletion of your personal data. You can delete your account and all associated data through your account settings or by contacting us. Upon deletion, all your calendars, events, and personal information will be permanently removed from our systems.

6.4 Object to Processing

You have the right to object to certain processing of your personal data.

6.5 Restrict Processing

You have the right to request restriction of processing of your personal data.

6.6 Withdraw Consent

Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

7. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information
  • Right to opt-out of the sale or sharing of personal information (we do not sell your data)
  • Right to correct inaccurate personal information
  • Right to limit use and disclosure of sensitive personal information
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us at privacy@cafe.link. We will verify your identity before processing your request.

8. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR), including those described in Section 6 above.

Our legal basis for processing your personal data includes:

  • Performance of a contract (providing the Service to you)
  • Legitimate interests (improving our Service, preventing fraud)
  • Consent (for analytics and marketing, where applicable)
  • Legal obligations

9. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy. When you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal, accounting, or security purposes.

10. Security

We implement appropriate technical and organizational measures to protect your personal information, including encryption, access controls, and secure data storage. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

11. Children's Privacy

Our Service is not intended for individuals under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

CAFE SOFTWARE LLC

Email: privacy@cafe.link

Website: cafesoftware.org