Privacy Policy

Last updated: March 2026

1. Information We Collect

When you use RainCheck?, we may collect the following information:

  • Google Account Data: When you sign in with Google OAuth, we receive your name, email address, and profile picture.
  • Google Calendar Data: With your permission, we access your upcoming calendar events to enable poll creation. We read event titles, times, and attendee lists.
  • Anonymous Votes: When someone votes on a poll, we store a hashed token to prevent duplicate votes. Individual votes cannot be traced back to a specific person.
  • Cookies: We use essential cookies for authentication sessions and voter tokens. We also use cookies set by third-party advertising services (see Section 6).

2. How We Use Your Data

  • To authenticate your identity and manage your session.
  • To display your upcoming Google Calendar events so you can create cancellation polls.
  • To process and tally anonymous votes on polls you create or participate in.
  • To automatically cancel Google Calendar events when a poll threshold is met.
  • To improve and maintain the service.

3. Data Sharing

We do not sell your personal data. We share data only with the following third-party services as necessary to operate RainCheck?:

  • Google: For OAuth authentication and Google Calendar API access.
  • Google AdSense: For serving advertisements (see Section 6).
  • Database Provider: Your account and poll data is stored in our hosted database.

4. Data Retention

We retain your account data for as long as your account is active. Poll data (including anonymous vote tallies) is retained indefinitely for record-keeping. You may request deletion of your account and associated data at any time by contacting us.

5. Data Protection & Security

We implement the following measures to protect your sensitive data, including Google Calendar information and OAuth credentials:

  • Encryption in Transit: All data transmitted between your browser and our servers is encrypted using HTTPS/TLS.
  • Encryption at Rest: Your data is stored in a managed PostgreSQL database that encrypts all data at rest using AES-256 encryption.
  • OAuth Token Security: Google OAuth refresh tokens are stored securely in our encrypted database and are never exposed to the client. Tokens are used only server-side to access Google Calendar on your behalf.
  • Minimal Scope Access: We request only the Google Calendar scopes necessary to read events and cancel them when a poll threshold is met. We do not request broader access to your Google account.
  • Anonymous Vote Storage: Voter identities are hashed using SHA-256 before storage, ensuring individual votes cannot be traced back to a specific person.
  • Session Security: Authentication sessions are signed with a secure secret and protected against tampering. Session cookies are HTTP-only and use the Secure flag.
  • Access Controls: Only authenticated users can access their own calendar data and polls. API endpoints enforce authorization checks to prevent unauthorized access.

6. Google AdSense & Advertising

RainCheck? uses Google AdSense to display advertisements. Google AdSense may use cookies and web beacons to serve ads based on your prior visits to this and other websites. Specifically:

  • Google uses cookies (such as the DART cookie) to serve ads based on your visits to this site and other sites on the Internet.
  • You may opt out of personalized advertising by visiting Google Ads Settings.
  • Third-party vendors, including Google, use cookies to serve ads based on your prior visits. You can opt out of third-party vendor cookies at the Network Advertising Initiative opt-out page.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and receive a copy of your personal data.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Withdraw consent for data processing.
  • Opt out of personalized advertising.

8. Children's Privacy

RainCheck? is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us so we can delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page with an updated date.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at the email address associated with the service.

← Back to home