TD Manager

This Privacy Policy explains how THREE DOTS STUDIO S.C (“we”, “us”, or “our”) collects, uses, stores, and protects personal data in connection with TD Manager. It also explains how we access and use Google user data when a workspace administrator connects Google Calendar through Google OAuth.

1. Operator and contact details

THREE DOTS STUDIO S.C operates TD Manager from Spain.

Registered address: Partida La Hoya, Pol 1, N30 P1. 03204, Elche, Alicante.

For privacy, data protection, or account-related questions, contact us at hola@threedots.studio.

2. What data we collect

Depending on how you use the service, we may collect and store:

• account information such as name, email address, and internal role;
• workspace and project data, including project names, client references, task names, scheduling metadata, deliverable data, notes, lyrics, and technical production information;
• audit and activity information related to actions performed inside the application;
• authentication, session, and security data needed to operate the service; and
• Google Calendar connection data when an administrator connects a Google account.

3. Google Calendar data and Google API Services disclosure

TD Manager uses Google OAuth and Google Calendar API access to connect a single shared Google account chosen by the workspace operator. The application requests Google Calendar access so it can create, update, and delete calendar events that mirror records already managed in TD Manager.

The application may create or update Google Calendar events that include task names, project names, filming dates, due dates, publish dates, scheduling times, and links back to the relevant record inside TD Manager.

TD Manager stores the minimum connection and synchronization data needed to maintain that integration, such as the connected Google account email, encrypted refresh token, temporary access token, selected calendar identifier, event link identifiers, and synchronization status metadata.

TD Manager treats its own database as the source of truth. Google Calendar is used as a synchronized downstream calendar surface.

In the current version of the service, inbound synchronization from Google Calendar to TD Manager is disabled. Changes made directly in Google Calendar are not automatically pulled back into the application in this version.

TD Manager’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements where applicable.

4. Why we use personal data

We use personal data and workspace data to:

• provide project planning, scheduling, production tracking, and delivery workflows;
• authenticate users and protect accounts;
• connect and maintain Google Calendar synchronization requested by the workspace operator;
• notify users about operational events, selections, deliveries, and account-related actions;
• maintain service security, prevent misuse, and troubleshoot issues; and
• comply with legal obligations and enforce our terms.

5. Legal bases and permitted use

Where applicable, we process data to provide the service requested by the workspace operator, to pursue legitimate interests in operating and securing the service, and to comply with applicable law. We do not use Google Calendar data for advertising, data brokerage, or unrelated profiling.

6. Data sharing

We do not sell personal data or Google user data. We may share data only as needed with service providers that help us operate infrastructure, storage, authentication, email, or API integrations, and only for the purpose of providing or securing the service. We may also disclose data where required by law or to protect legal rights and security.

7. Retention

We retain account, workspace, project, and synchronization data for as long as needed to operate the service, maintain business records, resolve disputes, and meet legal obligations. Google connection data is retained until the integration is disconnected or replaced, after which tokens and related connection details are removed or invalidated as part of the disconnect process.

8. Security

We use reasonable technical and organizational measures to protect data in transit and at rest. This includes authenticated access controls, encrypted secret storage for sensitive credentials such as refresh tokens, and operational safeguards intended to reduce unauthorized access, disclosure, alteration, or loss.

9. User choices, revocation, and deletion

Workspace administrators can disconnect Google Calendar access from inside TD Manager. Users may also revoke Google access from their Google account permissions settings. If Google access is revoked or disconnected, the application will no longer be able to maintain synchronization with Google Calendar until the integration is reconnected.

To request access, correction, deletion, or other data protection actions related to your data, contact hola@threedots.studio.

10. International use

If users access the service from outside Spain, their data may be processed in the jurisdictions where the service or its providers operate. By using the service, users acknowledge that data may be transferred and processed for the purposes described in this policy.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or product changes. When material changes are made, we will update the effective date and, where appropriate, provide additional notice.