Privacy Policy

Last updated: 20 June 2026

This policy explains how Skedly (the “bot”, available on Telegram as @skedlyBot) handles your data, including information obtained through Google APIs.

What data we process

• Message content you send (text, forwarded posts, and screenshots/images). We process it only to extract the event details (title, date/time, location, description).
• Extracted event details. Parsed results may be cached to speed up repeat requests. The cache is not linked to your identity.
• Usage metadata. Your Telegram user ID and request timestamps, used to operate the service and enforce usage limits.
• Approximate location & timezone. If you share a location, we store only a coarse country/city and an IANA timezone. Precise coordinates are never stored.
• Google account data (only if you connect): your account identifier (openid, email) for sign-in, the calendar.events scope, and the calendar.settings.readonly scope (to read your calendar time zone).

What Google data we access

If — and only if — you choose to connect your Google account, the bot requests:

• https://www.googleapis.com/auth/calendar.events — to create and delete calendar events (see “How we use it” below);
• https://www.googleapis.com/auth/calendar.settings.readonly — to read your calendar's default time zone, so timed events are created at the correct local time;
• openid, email — your basic account identifier, for sign-in.

The bot does not request access to read or list your existing calendar events.

How we use it

Calendar access is used solely to create the events you submit to the bot in your Google Calendar, and to delete an event you previously added when you cancel it. We do not use this access for any other purpose.

Sharing & third-party processors

We do not sell your data, do not share it with third parties for their own purposes, and do not use it for advertising or to train AI/ML models. Message content you send is processed by automated AI systems solely to extract the event details; it is not used to train those models. We rely on the following providers strictly to operate the bot:

• Telegram — the messaging platform the bot runs on.
• Google — to create/delete events in your calendar when you connect your account.

How we protect your data (security)

Security procedures are in place to protect the confidentiality of your data, including data obtained through Google APIs. We use encryption to protect your information, with the following measures:

• Encryption in transit: all connections to the bot's web endpoints and all calls to Google APIs use HTTPS/TLS.
• Encryption at rest: your Google OAuth access and refresh tokens, and your account email, are stored using symmetric authenticated encryption (Fernet, AES-128 + HMAC-SHA256). They are never stored or transmitted in plaintext.
• Restricted access & no logging of secrets: credentials are used only by the bot to perform the actions above; they are never written to logs, shared, or exposed to third parties.
• The service runs on an access-controlled server.

Limited Use disclosure

Skedly’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Data retention & deletion

Retention. We retain your personal information, including Google user data, only for the length of time needed to provide the service, and no longer. In practice we keep Google user data only while your account stays connected:

• Your Google OAuth tokens and account email are retained only while your account is connected: they are deleted immediately when you disconnect, and they are also deleted automatically whenever a token is revoked or expires — at which point the bot asks you to reconnect. (During the app's current testing phase, Google refresh tokens expire after 7 days.)
• Message content you send is processed only to extract the event and is not retained as Google user data; any cached extraction result is not linked to your identity or your Google account.

Deletion. You can delete your data at any time:

• Send /disconnect (or use Disconnect in the bot's Settings). This immediately revokes the token at Google and deletes the stored credentials and email from our database.
• You can also revoke access from your Google Account permissions.
• You may also request for your data to be deleted by contacting us at invilink@gmail.com (or @invilink on Telegram); we will delete it promptly.

Contact

Questions: message @invilink on Telegram.

Terms of Service

Skedly is provided as-is, free of charge, with no warranty. It extracts event details from messages you send and, if you connect Google Calendar, adds those events to your calendar.

You may stop using the service and revoke calendar access at any time with /disconnect. The service may change or be discontinued without notice.

See also the Privacy policy. Contact: @invilink on Telegram.