Last updated: July 17, 2026
Privacy Policy
This policy explains how Salas Abax accesses, uses, stores, protects and deletes personal information and data obtained through Google APIs.
1. Controller and scope
Salas Abax is Grupo Abax's meeting-room booking application. This policy applies to people who use the system and, optionally, connect a Google Account to synchronize their bookings with Google Calendar.
For privacy questions or data-deletion requests, contact info@grupoabax.com.
2. Information processed by Salas Abax
The application may store:
- Name, sign-in email, role, identifying color and theme preference.
- Created or assigned bookings: title, room, date, times and optional notes.
- Technical records required for security, operation and error resolution.
3. Google user data we access
When a user voluntarily connects a Google Account, Salas Abax accesses:
- The email address of the selected Google Account.
- The OAuth authorization required to synchronize while the user is offline.
- Identifiers and synchronization status for events created by Salas Abax.
To create a calendar event, Salas Abax sends Google Calendar the booking title, room, location, date, start and end times, and any notes entered by the user.
Salas Abax does not import, list or analyze unrelated events. It operates only on calendar events created from the connected user's Salas Abax bookings.
4. Purpose of Google user data use
Google user data is used exclusively to:
- Identify and display the Google Account selected by the user.
- Create an event when the user creates a room booking.
- Update that event when the booking changes.
- Delete that event when the booking is canceled.
- Display synchronization status and retry temporary failures.
Google user data is not used for advertising, commercial profiling, credit decisions, lending or artificial-intelligence model training.
5. Storage and security
Operational data is stored in a protected MySQL database. OAuth refresh tokens are encrypted before storage, communications use HTTPS, and Google credentials are kept outside the application's public directory.
We apply reasonable controls against unauthorized access, loss, alteration and disclosure. No system can guarantee absolute security.
6. Sharing and disclosure
We do not sell, rent or transfer Google user data to advertisers, data brokers or information resellers. Data is disclosed only to Google Calendar to perform the synchronization requested by the user and to technical providers strictly necessary to host and operate the service under confidentiality obligations.
Information may also be disclosed when required by law, to protect the service or its users, or to investigate abuse.
7. Retention and deletion
Google authorization is retained while the account remains connected. When a user selects “Disconnect” in Integrations, Salas Abax requests token revocation and deletes the stored authorization and associated synchronization references.
Calendar events already created may remain in the user's Google Calendar after disconnection and can be deleted there. Operational booking data is retained while necessary to provide the service or meet legitimate obligations. Users can request deletion by emailing info@grupoabax.com.
8. User control and revocation
Google connection is optional. A user may disconnect it from Salas Abax Integrations or revoke access in their Google Account connections. Revocation stops future synchronization but does not delete room bookings stored in Salas Abax.
9. Google API Services User Data Policy
Salas Abax's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Google user data is used only to provide the user-facing Google Calendar synchronization requested by the user.
Read the Google API Services User Data Policy .
10. Policy changes
We may update this policy to reflect legal, technical or functional changes. The current version date appears at the top. Material changes to Google user data use will be communicated and new consent requested when required.