CLOCKWISE SECURITY

How we secure your workday

When you use Clockwise, you trust us with your most valuable resources: your time and the data that comes with it. We take that responsibility seriously, which is why we put security and privacy first in everything we do.

We minimize our access to maximize your security

This idea is core to our security strategy. It’s why we don’t ask for any calendar permissions beyond the bare minimum—even if that means engineering things the hard way. It’s also why we don’t interact with anything on your computer outside of your browser (more on sandboxing from Google).
 
To move meetings on your behalf and free up time in your day, we ask for four key permissions. Here’s what we need, and why:
See, edit, share, and permanently delete all the calendars you can access using Google Calendar.
This allows us to see your calendar and move events on your behalf to make more time in your day. 
View users on your domain.
This helps us make sure that the meeting times we suggest work for your teammates, too.
See and download your contacts.
This lets us show your teammates’ names and profile images in your events.
View calendar resources on your domain.
This shows us conference room availability for your meetings.

We set a high security bar for ourselves and our partners

We protect your data from the moment you create your account. We use Google’s OAuth service to securely connect your Clockwise account with your work email and use TLS and AES encryption to protect your data in transit and at rest.

Clockwise is SOC 2 Type I and Privacy Shield certified, and GDPR and CCPA compliant. Our infrastructure and payments partners also all meet or exceed these strict requirements. 

Advanced privacy options for enterprise use cases

Clockwise customers can choose to not share meeting descriptions with Clockwise so that they are never stored in our database. This provides an additional layer of security for organizations with strict privacy and/or regulatory requirements.

Learn more about the Enterprise plan

Clockwise and our customers take security seriously

RESPONSIBLE DISCLOSURES

See something?
Let us know.

We have dedicated teams working proactively to identify potential vulnerabilities and emerging threats. But building a safer web takes all of us. To encourage our community to contribute, we pay out Bug Bounty awards to people who are able to find vulnerabilities in Clockwise.

If you believe you have identified a vulnerability, please email our team to submit it for review.
CONTACT SECURITY
Time management for remote teams