Privacy Policy

Last updated: May 12, 2026

Harigs LLC ("we," "us," or "our") operates Justharigs.com and its products — Seatable and PureStrength Coach (collectively, the "Services"). This Privacy Policy explains what information we collect, how we use it, and your rights. By using any of our Services you agree to this policy.

1. Information We Collect

Account Information

• Your name and email address, provided when you register or sign in with Google or Yahoo OAuth.
• Profile details you choose to add.

Service Data

• Seatable: Events, guest lists, participant records, table layouts, and seating arrangements you create.
• PureStrength Coach: Client records, training session logs, exercise details, progress notes, and messages.

Payment Information

• Billing is handled entirely by Stripe. We never store your card number, CVV, or full payment details. We store only your Stripe customer ID and subscription status.

Calendar Data (when calendar sync is enabled)

• When you connect Google Calendar or Yahoo Calendar, we store only the calendar event IDs we create (to update or delete them later). We do not read, store, or process any pre-existing personal calendar events.

Usage & Technical Data

• Server logs: IP address, browser type, pages visited — retained for up to 30 days for security and debugging, then automatically deleted.
• We do not use analytics tracking, advertising pixels, or session-recording tools.

2. How We Use Your Information

We use your information solely to:

• Provide and operate the Services.
• Sync events or training sessions to your connected calendars (Google or Yahoo).
• Process subscription payments and manage your billing.
• Send transactional emails: account confirmations, password resets, session reminders, billing notifications.
• Respond to support requests.
• Improve reliability and fix bugs using anonymized logs.

We do not sell, rent, or share your personal information with third parties for marketing or advertising.

3. Calendar Integration — Detailed Disclosure

Google Calendar

Our Services' use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

• Scope requested: https://www.googleapis.com/auth/calendar.events — create, read, update, and delete calendar events.
• What we access: Only events created by our Services (identified by a private metadata tag). We do not read or store your existing personal events.
• What we write: Event title, date, start/end time, and optional location/notes for each event or session.
• What we do NOT do: We do not read, store, share, or use any pre-existing Google Calendar events, contacts, Drive files, Gmail messages, or any other Google account data.
• Data transfer: Google Calendar data is not transferred to any third party.
• AI/ML: Google Calendar data is never used to train AI or machine-learning models.
• Revoke access: Disconnect from your account settings within the app, or visit your Google Account Permissions page.

Yahoo Calendar

Our Services' use of information received from Yahoo APIs adheres to the Yahoo Developer Network Terms of Use. We do not use data obtained from Yahoo APIs for advertising, profiling, or monetization purposes.

• Scopes requested: sdct-r and sdct-w (Yahoo Calendar read and write access — displayed to users on the Yahoo consent screen as "Access your Calendar").
• What we access: CalDAV endpoints to create, update, and delete calendar events corresponding to events or sessions in our Services. We also read event UIDs we have previously written to avoid duplicates.
• What we write: Event title, date, start/end time, and optional location/notes.
• What we do NOT do: We do not access Yahoo Mail, Yahoo Contacts, Yahoo Finance, or any other Yahoo services. We do not read personal events not created by our Services.
• Data transfer: Yahoo Calendar data is not transferred to any third party.
• AI/ML: Yahoo Calendar data is never used to train AI or machine-learning models.
• Revoke access: Disconnect from your account settings within the app, or visit your Yahoo Account Security page and remove the app.

4. Third-Party Services

• Stripe — payment processing. Payment records retained by Stripe for up to 7 years for financial compliance. Governed by Stripe's Privacy Policy.
• Google — optional sign-in (OAuth) and optional calendar sync. Governed by Google's Privacy Policy.
• Yahoo — optional sign-in (OAuth) and optional calendar sync. Governed by Yahoo's Privacy Policy.
• Amazon Web Services (AWS) — infrastructure provider. Data is stored in AWS DynamoDB in the US-East-2 (Ohio) region. Governed by the AWS Privacy Notice.
• Anthropic (Seatable AI assistant only) — when you use the AI assistant in Seatable, your typed commands and any attached CSV data are sent to Anthropic's Claude API. This may include event names, dates, and guest names you include in your message. Governed by Anthropic's Privacy Policy. Do not include sensitive personal information in AI assistant messages.

5. Data Retention

• Account & service data: Retained while your account is active. You can delete your account at any time from account settings, which removes your personal data within 30 days, except where retention is required by law.
• Billing records: Stripe retains payment history for up to 7 years for tax and financial compliance.
• Calendar event IDs: Deleted from our database when you disconnect your calendar or delete the associated event/session.
• Server logs: Retained for up to 30 days, then automatically deleted.

6. Data Security

We implement industry-standard security measures including HTTPS/TLS encryption in transit, encrypted storage for OAuth tokens, and access controls. However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security and are not liable for unauthorized access beyond our reasonable control.

7. Your Rights

Depending on your location, you may have the right to:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data (subject to legal retention requirements).
• Portability: Request your data in a machine-readable format.
• Objection: Object to certain processing of your data.

To exercise any of these rights, contact us at support@justharigs.com. We will respond within 30 days.

8. Children's Privacy (COPPA)

Our Services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has created an account, contact us at support@justharigs.com and we will delete the account and associated data promptly.

9. Email Communications

We send transactional emails only — account confirmations, password resets, notifications, and billing receipts. We do not send marketing emails. To stop receiving transactional emails, you may delete your account or contact us.

10. Cookies

We use a single authentication token (stored in localStorage or a session cookie) to keep you signed in. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

11. Changes to This Policy

We may update this Privacy Policy periodically. If we make material changes, we will notify you by email or by posting a notice in the application. Continued use of our Services after the effective date constitutes acceptance of the updated policy.

12. Contact

For privacy questions or data requests, email us at support@justharigs.com.