Google API Services Privacy Policy

Last updated: March 6, 2026

Overview

This policy describes how Mesh ("we," "us," or "our") accesses, uses, stores, and shares Google user data when you connect your Google Calendar to our platform. This policy supplements our general Privacy Policy.

Mesh's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

1. What Google Data We Access

When you connect your Google Calendar, we request the following OAuth scope:

  • Google Calendar (read-only): We access your calendar event details including event titles, dates, times, attendees, meeting links, and descriptions. We use the calendar.events.readonly scope.

We do not request write access to your calendar. We cannot create, modify, or delete your calendar events.

2. How We Use Google Data

We use your Google Calendar data exclusively for the following purposes:

  • Meeting Scheduling: Displaying your upcoming meetings within the Mesh dashboard so you can manage recording and preparation.
  • Meeting Preparation: Using meeting details (attendees, agenda) to generate AI-powered meeting prep briefs with relevant client context.
  • Participant Identification: Matching calendar attendees with your existing contacts and clients to provide context during meetings.

We do not use Google Calendar data for advertising, market research, or any purpose unrelated to providing the Mesh service to you.

3. How We Store Google Data

  • Calendar event data is stored in our secure, encrypted PostgreSQL database with row-level security isolating each organization's data.
  • OAuth tokens (access and refresh tokens) are stored encrypted and are used only to maintain your calendar connection.
  • We retain calendar data only for as long as your Google Calendar connection is active. When you disconnect, we delete your stored calendar data and revoke the OAuth tokens.

4. How We Share Google Data

We do not sell, rent, or share your Google Calendar data with third parties, except:

  • AI Processing: Meeting details (such as attendee names and agenda topics) may be sent to our AI/LLM providers solely to generate meeting preparation briefs. No full calendar exports are shared — only the minimum data needed for the specific meeting being prepared.
  • Infrastructure Providers: Our hosting and database providers process data on our behalf under strict contractual obligations and do not have independent access to your data.

We do not allow any third party, including AI/LLM providers, to use your Google data for purposes other than providing the Mesh service to you.

5. Limited Use Disclosure

Mesh's use of Google Calendar data complies with Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google data to provide and improve the user-facing features of Mesh that are visible to you.
  • We do not transfer Google data to third parties except as necessary to provide the service, as required by law, or with your explicit consent.
  • We do not use Google data for serving advertisements.
  • We do not allow humans to read your Google data unless you have given affirmative consent for a specific purpose (e.g., support request), it is necessary for security purposes, or it is required by law.

6. Revoking Access

You can disconnect your Google Calendar at any time by:

  • Going to Settings in your Mesh dashboard and disconnecting the Google Calendar integration.
  • Removing Mesh from your Google Account permissions.

When you revoke access, we delete your stored calendar data and OAuth tokens within 30 days.

7. Contact Us

If you have questions about how we handle your Google data, please contact us:

See also our general Privacy Policy for full details on how Mesh handles all user data.