Privacy Policy

What we collect

CLOCKREX collects the minimum data necessary to provide the service: your email address and password hash (bcrypt), connected account credentials (encrypted at rest with AES-256 envelope encryption), and calendar event metadata (subject, time, organiser — never message bodies).

What we never do

• × Read the body or subject of your emails beyond calendar invite payloads.
• × Sell or share your data with third parties for advertising.
• × Store email message bodies — only metadata (time, organiser, subject) is persisted.
• × Mark messages as read on your IMAP account — your other email clients are unaffected.

Sub-processors

AWS (hosting, KMS encryption keys), MailHog/SES (transactional email). No advertising or analytics sub-processors.

Your rights (LGPD / GDPR)

You have the right to access, rectify, export, or delete your data at any time. Email privacy@clockrex.com or delete your account from Settings. Deletions are processed within 30 days.

Contact

TYREXCO — CLOCKREX product team.
legal@clockrex.com