← Back to home

Privacy Policy

Last updated: March 28, 2026

1. Overview

ER Schedule ("we", "our", or "us") is a shift scheduling platform built for emergency medicine organizations. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application at erschedules.com.

2. Information We Collect

  • Account data: Name, email address, role, and organization affiliation provided at sign-up.
  • Shift data: Schedules, locations, and notes entered by administrators and managers.
  • Google Calendar integration: If an admin connects a Google account, we store OAuth tokens (access token, refresh token) and the associated Google Calendar ID for your organization. We only request the minimum scopes required: calendar and userinfo.email.
  • Usage data: Log data such as IP addresses, browser type, and pages visited for security and performance monitoring.

3. How We Use Your Information

  • To provide and operate the scheduling platform.
  • To sync published shifts to your organization's Google Calendar (only when explicitly connected by an admin).
  • To send shift-related email notifications via Resend.
  • To respond to support requests and improve the product.

4. Google API Data

ER Schedule's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

We only use Google account data to create and manage a shared organization calendar for shift events. We do not sell, share, or use this data for advertising purposes. Admins can disconnect Google Calendar at any time from the Settings page, which immediately revokes our access.

5. Data Sharing

We do not sell your personal information. We may share data with:

  • Google LLC — for calendar integration (only when connected by admin).
  • Resend — for transactional email delivery.
  • Hosting providers — for infrastructure and database services.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide services. You may request deletion of your account and associated data by contacting us.

7. Security

We implement industry-standard security measures including encrypted connections (HTTPS), hashed passwords, and restricted database access. OAuth tokens are stored encrypted in our database.

8. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, or delete your personal data. To exercise these rights, contact us at the email below.

9. Contact

For privacy-related questions, contact us at: muhammad@erofmesquite.com