Privacy Policy

This page describes how Broker Zoom Call Scheduling (the «Bot») handles data collected while assisting real-estate brokers and their prospective clients.

1. Data we collect

• From clients who message us via WhatsApp or Telegram: chat-platform identifiers (chat id, phone number, public name where surfaced by the platform), the text of messages sent to the Bot, and metadata such as message timestamps.
• From brokers who connect their Google Calendar and/or Zoom accounts: the OAuth refresh token issued by the provider, the email address and account type reported by the provider, and busy/free time spans for the dates we ask about. We also create, update, and cancel calendar events on the broker’s primary calendar for the meetings the Bot schedules. We never read the content of the broker’s existing events and never access any other calendar.
• Bookkeeping: timestamps and outcomes of scheduled meetings (start time, duration, broker assigned, video join URL).

2. How we use it

Solely to operate the Bot for the broker's qualification of incoming property inquiries: matching client questions to broker availability, scheduling a video call, and reminding both parties shortly before it begins.

3. How we store it

Postgres on a private virtual server. OAuth refresh tokens are encrypted at rest using AES-128-CBC + HMAC-SHA256 (the Fernet scheme). Access tokens are kept in memory only. Backups are encrypted and held for 30 days.

4. How we share it

We do not sell or share data with third parties for marketing purposes. Data is transmitted to the OAuth providers (Google, Zoom) only as needed to create/read/cancel calendar events and meetings under the broker's own account. Aggregated, anonymised counts may be shared with the property agencies that operate the Bot for their internal reporting.

5. Google user data — Limited Use

Broker Zoom Call Scheduling’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Information obtained from the Google Calendar API is used solely to provide the scheduling features described above — it is not used for advertising, is not sold, and is not transferred to third parties except as needed to operate those features.

6. Retention & deletion

Conversation transcripts are retained for the duration of the client’s engagement plus 90 days. OAuth refresh tokens are retained until the broker disconnects or revokes access through their provider's account settings. To request deletion of your data, write to support@tumanov.group identifying the chat-platform id or broker email — we'll confirm deletion within 7 business days.

7. Your choices

• Clients may stop interacting with the Bot at any time; existing transcripts remain until the retention window expires unless deletion is requested.
• Brokers may disconnect Google Calendar or Zoom from their own account dashboard (Google / Zoom); on the next operation we detect the revocation and purge our stored refresh token automatically.

8. Contact

Questions: support@tumanov.group.