Privacy Policy

Last updated: April 30, 2026

DialDeck ("we", "us") is a private CRM and dialer used by a single solar lead-generation team (NEM3.CA). This policy explains what data we handle and how we treat data accessed through Google APIs.

What we collect

Account data: name, email, role, and authentication state for users we invite to the platform.
Lead and pipeline data: contacts, properties, call dispositions, follow-up tasks, and notes that team members enter or import.
Google Calendar data (only if you connect): the OAuth refresh and access tokens needed to read your upcoming events and create new ones on your primary calendar.

How we use Google user data

DialDeck requests the calendar.events scope only. We use this scope to:

Read upcoming events on your primary Google Calendar so we can show your schedule alongside in-app appointments.
Create events on your primary Google Calendar when you book an appointment from inside DialDeck.

We do not sell, share with third parties, use for advertising, or train any AI/ML model on Google user data. Calendar data is fetched on demand for the signed-in user and is not stored on our servers beyond the minimum needed for display.

How we store and protect data

Hosted on Supabase (Postgres) and Vercel. Row-level security restricts each user's data to their own account.
Google OAuth tokens are stored encrypted at rest in our database and are only used by server-side edge functions.
All traffic is TLS-encrypted.

Disconnecting and deletion

You can disconnect Google Calendar from DialDeck at any time on the Profile page; we immediately delete the stored tokens. You can also revoke access from your Google Account permissions page. To delete your DialDeck account and associated data, email nem3.ca@gmail.com.

Limited Use compliance

DialDeck's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Contact

Questions: nem3.ca@gmail.com