Privacy Policy

Effective 10 May 2026

Who we are

Let's Meet Soon is a product of Beautiful Ship Pte. Ltd., a Singapore-registered private limited company (UEN: 202206144D). When we say “we”, “us”, or “our” in this Policy, we mean Beautiful Ship Pte. Ltd. We operate the Let's Meet Soon scheduling service at letsmeetsoon.link. You can reach us any time at hello@letsmeetsoon.link.

This Privacy Policy explains what data we collect when you use Let's Meet Soon, why we collect it, who we share it with, and the choices you have. We've tried to write it in plain language; the short version is right below.

The short version

  • We collect the bare minimum needed to run a group scheduling service: your display name, the time slots you paint on a meetup, and (if you sign in) your Google profile basics.
  • If you connect Google Calendar, we read your busy times so we can render them on your meetup. We never sell, share, or analyze that data, and we never train AI models on it.
  • Anyone in your meetup can see your painted availability and chat messages — that's the point of the product.
  • You can delete your data, ask what we hold, or get in touch any time at hello@letsmeetsoon.link.

What we collect

If you use Let's Meet Soon as a guest (no account)

  • The display name you choose for a meetup.
  • The color you pick to identify yourself in the overlap grid.
  • An opaque random session ID we set in an HTTP-only cookie called lms_sid, with a backup copy in your browser's localStorage under letsmeetsoon:identity:guest. This lets you keep your meetups across page loads and devices that share the cookie.
  • The time slots you paint on each meetup you join.

If you sign in with Google

  • Your name, email, and profile photo URL — we request only the OpenID email and profile scopes.
  • An HTTP-only Convex Auth session cookie that keeps you signed in.

If you sign in with a magic link

  • Your email address and a short-lived 8-digit code we send via Resend.

If you connect Google Calendar (optional)

  • A Google refresh token, encrypted at rest.
  • The email of the Google account you connected.
  • The busy windows we receive from Google's freebusy.query API for the date range of meetups you participate in. We store these as availability slots tagged source: "google" along with the source event ID so we can update them on the next sync.
  • We do not receive — and never store — event titles, descriptions, attendees, or locations.

Through your participation

  • Chat messages you send within a meetup.
  • Bookings confirmed by your group.
  • Timestamps of when you last visited.

If you upgrade to a premium plan

  • Your Stripe customer ID, subscription ID, status, and renewal date.
  • We never receive your card number — Stripe handles all payment data directly.

What we do not collect

  • IP-based geolocation, device fingerprints, or behavioural advertising identifiers.
  • Third-party analytics events.
  • Any social graph data beyond the Google profile basics above.

How we use what we collect

We use your data only to:

  • Render the meetup overlap grid and let you paint your availability.
  • Send booking and cancellation emails to meetup members.
  • Authenticate you (sessions, OTPs, OAuth).
  • Bill you if you upgrade to a premium plan.
  • Investigate abuse and debug errors when reported.

What we do not do:

  • Sell your data.
  • Share it with advertisers or data brokers.
  • Build user profiles for marketing.
  • Use your content to train AI or machine-learning models, or allow our sub-processors to do so.
  • Read your calendar for any purpose other than rendering your own busy slots back to you.

Google Calendar — our explicit promise

Because calendar data is sensitive, we want to be specific:

  • We request only the https://www.googleapis.com/auth/calendar.readonly scope.
  • We use only the freebusy.query endpoint, which returns busy/free windows. We do not see — and have no way to see — your event titles, attendees, descriptions, or locations.
  • We use that data only to populate the “busy” overlay on meetups you participate in. Nothing else.
  • We do not export, sell, share, or mine this data. We do not use it to train any AI or machine-learning system, and we contractually require our sub-processors not to either.
  • You can disconnect Google Calendar at any time from your account page; doing so deletes the refresh token and stops further reads.
  • Our use of Google user data is governed by Google's API Services User Data Policy, including the Limited Use requirements.

Who can see your data

  • Other members of a meetup can see your display name, color, painted availability, and chat messages. That visibility is the core feature.
  • The host of a meetup can see who's in it, remove members, and delete the meetup. Deleting a meetup permanently removes all chat, availability, bookings, and member records tied to it.
  • We do not show your data to anyone outside the meetup.

Sub-processors

We use a small number of trusted third parties to operate the service. Each only receives the data it needs for its purpose.

Convex (USA)
Primary database and realtime backend; stores everything described in “What we collect”.
Google LLC (USA)
OAuth identity; optional Calendar freebusy reads.
Resend (USA)
Sends booking confirmation, cancellation, and magic-link OTP emails.
Stripe (USA)
Payment processing for premium subscriptions (when launched) — we never receive card data.
Vercel (USA)
Hosts the Let's Meet Soon Next.js frontend.

Cookies and local storage

We use only what's strictly necessary to run the service:

  • lms_sid — HTTP-only, secure, SameSite=Lax. Your guest session ID. Lets you keep your meetups across page loads.
  • A Convex Auth session cookie — HTTP-only. Keeps you signed in if you have an account.
  • letsmeetsoon:identity:guest — A localStorage key holding a backup copy of your guest session ID, in case the cookie is cleared.

We do not currently use analytics, advertising, or tracking cookies. If we add analytics later, we will update this Policy and (where required by your local law) ask for consent.

Data retention

  • Free-tier meetups are auto-archived 30 days after the booked date and deleted shortly after.
  • Guest sessions with no activity for 90 days and no associated meetups are deleted weekly.
  • Chat messages are stored until the meetup is deleted, after which they are cascade-deleted along with availability slots, bookings, and member records.
  • Stripe billing records are retained as required by tax and accounting law.
  • You can ask us to delete your account or specific data at any time by emailing hello@letsmeetsoon.link.

Your rights

Regardless of where you live, we honor the following rights for everyone:

  • Access — ask for a copy of the data we hold about you.
  • Correction— ask us to fix data that's wrong.
  • Deletion — ask us to remove your data.
  • Portability — get your data in a machine-readable format.
  • Objection — opt out of any processing you disagree with.

To exercise any of these, email hello@letsmeetsoon.link. We aim to respond within 30 days. We do not discriminate against you for exercising these rights.

Security

  • All data is encrypted in transit using TLS.
  • Convex provides managed encryption at rest for our database.
  • Google refresh tokens are encrypted at the application layer.
  • Session cookies are HTTP-only and Secure.
  • Passwords for password-gated meetups are hashed before storage.

No system is perfect. Please don't put genuinely sensitive information (financial details, medical information, etc.) into meetup chat or descriptions.

Children

Let's Meet Soon is not directed at children under 13 and we don't knowingly collect data from them. If you believe a child under 13 has signed up, email us at hello@letsmeetsoon.link and we'll delete the account.

International data transfers

Our sub-processors are located in the United States. By using Let's Meet Soon you understand that your data may be processed in the US under standard contractual safeguards.

Changes to this Policy

If we make material changes, we'll email signed-in users at least 14 days before the changes take effect. For non-material changes we'll update the “Effective” date at the top of this page.

Contact us

hello@letsmeetsoon.link