PreferredPreferred
Privacy Policy
Last updated: April 9, 2026
1. Controller
The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
Preferred (prfd.app)
Contact: privacy@prfd.app
2. Data We Collect
We collect and process the following personal data:
  • Account data: name, email address, profile picture (provided via Google Sign-In)
  • Calendar data: calendar events (start/end times only, used to determine availability)
  • Booking data: booker name, email, phone (if provided), selected time slots, and interaction data (e.g., number of times additional slots were requested)
  • Usage data: pages visited, features used, browser type, and IP address
3. Purpose and Legal Basis
We process your data for the following purposes:
  • Providing the scheduling service (Art. 6(1)(b) GDPR – contract performance)
  • Authentication via Google OAuth (Art. 6(1)(b) GDPR – contract performance)
  • Creating calendar events on your behalf (Art. 6(1)(a) GDPR – consent, granted when connecting your calendar)
  • Improving the service and analyzing usage patterns (Art. 6(1)(f) GDPR – legitimate interest)
4. Google Services
We use the following Google services:
  • Google Sign-In (OAuth 2.0): Used for authentication. We receive your name, email address, and profile picture from Google. Google’s privacy policy applies: policies.google.com/privacy
  • Google Calendar API: Used to read your calendar events (to determine busy times) and to create meeting events with Google Meet links. We only access calendar data when you explicitly connect your calendar. You can disconnect at any time in Settings.
  • Google Analytics: We may use Google Analytics to understand how the service is used. This involves cookies and the transmission of usage data (including your IP address) to Google servers in the United States. You can opt out by using a browser extension or disabling cookies.
5. Data Storage and Hosting
Your data is stored in a PostgreSQL database hosted by Neon (neon.tech) and the application is hosted on Vercel. Both providers may process data outside the European Economic Area (EEA). Appropriate safeguards (Standard Contractual Clauses) are in place to ensure an adequate level of data protection in accordance with Art. 46(2)(c) GDPR.
6. Data Retention
We retain your account data for as long as your account is active. Booking data is retained for up to 12 months after the meeting date. When you delete your account, all personal data is permanently removed within 30 days.
7. Your Rights
Under the GDPR, you have the following rights:
  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent at any time (Art. 7(3) GDPR)
To exercise your rights, contact us at privacy@prfd.app. You also have the right to lodge a complaint with a supervisory authority (e.g., the Berliner Beauftragte für Datenschutz und Informationsfreiheit).
8. Cookies
We use essential cookies required for authentication and session management. These are strictly necessary for the service to function and do not require consent under Art. 5(3) of the ePrivacy Directive. Analytics cookies (if used) are only set with your consent.
9. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of significant changes by posting a notice on the website. The current version is always available at prfd.app/privacy.