Privacy policy

Last updated: 16 April 2026

We keep this short on purpose. If something here doesn't read straight, email us at [email protected] and we'll fix it.

What we collect

When you sign in with Google

• Your Google account email, name, profile picture
• A Google OAuth refresh token, encrypted at rest with AES-256-GCM before it touches our database
• Read-only access to your calendar events — only for the next 60 minutes, only events with at least two Late Jar members on the invite. No titles, bodies, attachments, or transcripts are stored beyond the event summary.

When you tap “I'm here”

• The timestamp of your tap
• Which calendar event you tapped in for
• Computed “minutes late” (scheduled start vs your tap time)

When you become a Donator (coming soon)

• A Stripe payment-method token — the card details themselves live with Stripe, never on our servers. Our PCI scope is SAQ-A.
• Your chosen charity (currently TIACS only)

Everything else

• Privacy-respecting analytics via Cloudflare Web Analytics: aggregated IP, browser type, referral page. No cookies. No cross-site tracking.
• Emails we send you (monthly tally, upgrade nudges). You can unsubscribe from either — one-click, from the email.

Where it lives

• Account + meeting data: Neon Postgres, encrypted at rest, SSL in transit
• Emails: Resend (transactional + audience)
• Payment methods (when live): Stripe
• Analytics: Cloudflare Web Analytics, aggregated
• We never sell, share, or trade your data. Full stop.

How long we keep it

• Arrivals + sessions: kept until you ask us to delete them
• OAuth refresh tokens: deleted the second you sign out via Google's connected-apps page, or when you ask us to delete your account
• Session cookies: 30 days, rolling on use

Your rights

• Access: email [email protected] for a dump of the data we hold on you
• Delete: same address — one email, we nuke your account, arrivals, tokens, and Stripe customer. Confirmation back inside 7 days.
• Revoke Google access: do it any time at myaccount.google.com/permissions. Our stored refresh token immediately stops working.
• Unsubscribe: one-click link in every email we send

Meeting non-members

If a Late Jar member adds a guest (someone who wasn't signed in) to a session they attended, that guest gets oneemail from us explaining what Late Jar is. That's it — we never add non-members to marketing or recurring sends without them explicitly signing up. Every email has an unsubscribe link.

Australian Privacy Principles

We operate under the Australian Privacy Act 1988. Queries about APP compliance or to raise a concern, write to us at the address below. We aim to respond within 30 days.

Contact

Antoine Ryan — [email protected] — Queensland, Australia

Changes

We'll post material changes here with a new date, and email signed-in users before any change that affects how your data is used.