Security & calendar access

Couply requests read-only calendar permissions only. We can see the calendars you connect — we can never create, edit or delete your events. The connection is one-way, into Couply.

• You pick which calendars to connect — not all of them by default.
• You control which parts of your day are shared with your partner.
• Events marked private in your calendar appear to your partner only as “Busy”, with no title or details.

Couply connects to Google Calendar and Microsoft / Outlook via their official, read-only sign-in, and to iCloud and other calendars via CalDAV. We follow each provider's API rules and request the minimum scopes needed.

• All traffic is encrypted in transit over HTTPS.
• Provider access tokens are encrypted at rest.
• Access to data is restricted to what's needed to run the service.

You can disconnect a calendar from within Couply at any time. You can also revoke Couply's access directly from your provider:

• Google: Google Account → Security → Your connections to third-party apps
• Microsoft: Microsoft Account → Privacy → Apps and services

Unpairing stops sharing your snapshot with your partner immediately. Deleting your account removes your personal data and revokes stored tokens — see the Privacy Policy for details and timelines.

Found a security issue? We'd genuinely like to hear from you. Email hello@couply.co.uk with details and we'll respond as quickly as we can. Please give us reasonable time to fix issues before disclosing them publicly.