This policy describes the information we (Shortbar,
Inc.) collect to operate Interval, and how we use it. Though this policy is a required document,
we hope it will convince you of our trustworthy stewardship of your data.
In general, the world of software is one of great choice and variety for customers. Because software is a competitive industry,
in addition to the language of the policy itelf, we think it's critical to ask whether the spirit of privacy, and respectful
use of user data, is likely to help a company's commercial prospects, or hinder them. Consider carefully how the business
earns revenue. Attorneys who break confidences get disbarred; a business that makes money from the sale of user data
may not be as discerning. Also, remember that software businesses (including customer data) experience frequent changes
of control—they are bought and sold—and that any claims made by prior managements may not be honored if different
people are put in charge.
There are two very important reasons you, as a customer, should trust your data to Interval. First, customer subscriptions
are our sole source of revenue—period. We do not sell data, advertise, or use your data for any other purpose than
helping faciliate bookings. Second, Shortbar, Inc is controlled exclusively by its employees, without
third-party investment. We believe these two facts put us in a unique position to make choices about your data that
other companies can't, or won't, make. We simply don't need the pointless reputational and legal risk inherent in poor
choices about customer data.
What we collect
In general, we endeavor to collect only information that is directly relevant to your use of our service:
- Payment card details: We collect all details necessary to receive payment for our services,
including cardmember name, CVV, expiry, and account number. Payment data is immediately sent to our payment processor, who
stores it and returns a "token" for our future use. We do not store your payment data; it merely passes through our
system on the way to our processor, and is always encrypted using industry-standard strong cryptography (TLS 1.0 or higher)
when in transit.
- Customer information: We collect and store information submitted by our customers, including
first and last names, email addresses, and schedule names, for the purposes of communicating with you, using
your data to render the user interface of our product, and for customer support. We may use your email address
for bulk marketing email; if we do this, there will always be a permanent one-click unsubscribe available, which
will immediately cease bulk marketing communication. Some forms of communication will be mandatory based on your use
of our service, including payment information (receipts, problem notifications), subscription changes, and other
event-driven, transactional communication in response to your use of our service.
- Scheduling information: We store information about your appointments, including the time and description
of appointments, and names and contact information of those we schedule. If a user connects his calendar to Interval, we publish
information about the user's appointments to his calendar; we do not index or otherwise store any information about user
calendars in Interval. We will not disclose this information except as described in the next section.
- Communication transcripts: We log all communication via our system for customer support purposes,
and to improve the quality of our service. These transcripts will never be disclosed except as described in the next section.
- Website technical information: We use browser-based cookies because it's impossible to provide a modern
web service without them.
- Third-party services: We use Mixpanel for customer analytics. We do not send any customer, scheduling,
or communication transcripts to Mixpanel. We communicate scheduling information via SMS via Twilio, which is passed to
the scheduled party via their telecom operator. All facebook messenger communication occurs via facebook. We obtain and store
user credentials, including OAuth access tokens, for third-party services. While we take all reasonable precautions to prevent
the disclosure of these tokens, a data breach could allow a malicious third party to obtain improper access to customer data.
Our use of data
Primary control of your data rests with shortbar, Inc., a California corporation. In particular, this means:
- We will allow only employees (not contractors) access to your data. All employees are US-based and subject to strict non-disclosure
agreeements enforceable under United States and California law. We endeavor to keep all customer data isolated in our production
environment, to which access is granted on a strict need-to-know basis, and not for day-to-day product development.
- We reserve the right, in our sole discretion, to comply with lawful orders of any competent legal authority, such as court orders,
- We reserve the right to disclose all personal information about any person to that person when requested, or to their designated
For any inquiries relating to the information above, please email us at email@example.com or call us at the number listed below.