Privacy policy

Updated Date: March 1, 2025
1. Entity Information
Shenzhen Shiyu Technology Co., Ltd. conducts business under the name of Zicalstar Calendar and is committed to protecting the privacy of website visitors and users of its products and services. This policy applies to its websites, mobile applications, smart calendars, and other related services.
2. Data Collection and Use
i. Collection Methods:
It includes both active provision (such as filling out forms) and automatic collection (when accessing, using, or interacting). The main purposes of collection are to operate, maintain, optimize, and provide service functions. Some information provision is voluntary, while some is necessary for using the services.
ii. Use Purposes:
The data is used for providing and monitoring services, managing contacts, replying to inquiries, sending communications related to products and services (with user consent), as well as analyzing user trends and preferences, improving services, developing new products, and investigating illegal activities.
3. Photo Handling
Photos are stored on secure cloud - hosted servers and transmitted to devices via encrypted protocols. They will only be shared when the user gives explicit instructions (such as sharing with family members), strictly protecting user privacy.
4. Third - Party Services
When connecting to third - party services, Zicalstar Calendar uses the collected information for authentication, service provision, and data transfer. However, Zicalstar Calendar's privacy policy does not apply to the data processing activities of third parties. Users are advised to review the privacy policies of third parties.
5. Logs and Analytical Data
When using the services, log data generated by the device (such as IP address, device name, etc.) and device analytical data (such as browser type, access time, etc.) are collected. These are used to record website statistics, provide analytical insights, improve the user experience, and enhance product offerings.
6. Cookies and Similar Technologies
Technologies such as cookies and web beacons are used to monitor user usage to optimize services. Users can delete and disable cookies through browser settings, but this may affect some service functions.
7. Data Disclosure
i. Third - Party Vendors:
Order data is shared with external shipping companies for delivery, and payment card processing companies are used to collect fees (credit card payment information is not retained). Third - party hosting and infrastructure providers are also relied on to provide services. These vendors only use data to complete orders and assist with services.
ii. Third - Party Service Associations:
If users associate third - party services (such as online calendars), information will be provided to third parties according to the settings to enable interoperability.
iii. The Process of Synchronization Data From Google Calendar:
The Zicalstar Calendar app is a calendar application that requires users to synchronize and import their private data (calendars and events) from Google Calendar. To enable future real-time bidirectional synchronization, the app uses OAuth to obtain user consent and authorization before calling Google Calendar API interfaces — including sensitive APIs that involve reading private user data from Google Calendar — to synchronize data into the app. The OAuth authorization process works as follows:

a) When the user clicks the "Sync" button in the app, the app opens the Google Calendar login page via a browser.

b) The user logs in with their email and password, explicitly reviews all permissions required for the import operation, and grants authorization.

c) After authorization, the app receives an authorization code from Google and redirects back to the app.

d) The app exchanges this code for an access token and uses the token to call Google Calendar APIs, importing the user’s private data into the app.

iv. Why restrictive scopes (e.g., read-only) are insufficient:
Full data import and real-time bidirectional sync require read-write permissions for calendars and events. For example: The https://www.googleapis.com/auth/calendar scope is necessary to modify, share, or delete calendars. The https://www.googleapis.com/auth/calendar.events scope is required to create, update, or delete events across all calendars. Narrower scopes like calendar.readonly or calendar.events.readonly only allow viewing data, which cannot support write operations (e.g., syncing changes from the app back to Google Calendar).
v. Legal Requirements or Necessary Circumstances:
Information may be shared when required by law, to protect property, prevent fraud, respond to legal proceedings, cooperate with law enforcement, and protect users or others from harm, as well as to establish legal rights.
8. Data Security
Physical, technical, and organizational security measures are taken to protect data. Access to data is restricted on a "need - to - know" basis. However, since absolute security cannot be guaranteed for Internet transmission and electronic storage, users also need to protect their personal information (such as passwords) themselves.
9. Children's Privacy
The services are not intended for people under 13 years old, and no personal information of this group will be collected intentionally. If parents or guardians find that their children have provided information, they can contact Zicalstar Calendar for handling.
10. Legal Basis for Data Processing
i. Data Retention:
Data is retained for the time required to provide services and as required by law and record - keeping requirements.
ii. Data Subject Rights:
According to the General Data Protection Regulation (GDPR), users have the rights to access, correct, delete data, restrict processing, the right to data portability, etc. They can also object to data processing (such as processing for direct marketing purposes). These rights can be exercised through account settings or by email. Users have the right to withdraw their consent without affecting the legality of previous processing and can also file a complaint with the regulatory authority.
iii. User Choices:
Without providing personal data, services cannot be provided. Failure to provide certain information may impact specific service functions.
iv. Profiling Analysis:
When providing services, automated decision - making including profiling analysis will not be used in a way that has a legal or significant impact.
11. International Data Transfers
Personal information is usually stored in the United States. Staff in other countries may access it via a secure connection when necessary for services such as replying to support requests and providing maintenance.
12. Supplementary Information for California Residents
i. Details of Data Processing:
It lists in detail the sources of collection, usage purposes, and disclosure recipients of various types of personal information such as contact information, financial and transaction information.
ii. User Rights:
According to the California Consumer Privacy Act (CCPA), California residents can request to be informed about the collection, disclosure, etc. of their personal information, access and delete personal information, and learn about information on financial incentives. They will not be discriminated against for exercising their rights. Note that some information is restricted, and requests will be processed after identity verification.
iii. Other Provisions:
The "Shine the Light" law gives residents the right to obtain information on the sharing of their personal information for third - party direct marketing purposes. Zicalstar Calendar will not share such information without explicit consent. Regarding browser "do not track" signals, at present no action is taken due to unclear industry standards.
13. Policy Changes
This policy may be updated from time to time. The changes will take effect upon publication. In case of significant changes, a prominent notice may be provided or consent may be obtained as required by law.
14. Account Information Management
Users can send an email to [email protected] to update, correct, or delete personal data and preference settings. However, Zicalstar Calendar may retain some information due to legal obligations or reasonable reasons.
15. Contact Channels
If you have any questions or suggestions about the privacy policy, you can contact Zicalstar Calendar via [email protected].

Loading