A popular feature of the ChurnZero application is the ability to synchronize calendar events for which ChurnZero users and their contacts are both attendees. This works when users authorize ChurnZero to act on their behalf to collect and store relevant calendar event data. The purpose of this document is to describe the different integration services available, the scopes we use when a user agrees to the consent form, and how we store the data we collect.
Available Services for Integration
We support both Google Calendar and Microsoft Outlook 365 for calendar integration within ChurnZero. The processes for authorizing and synchronizing calendar events are almost identical, the notable exception being the API that is called for each.
Benefits of Calendar Integration
ChurnZero provides an all-in-one platform for interacting with your customers to ensure they get the attention they need for onboarding, engagement and overall success in using your product. Customer meetings are an essential part of this process. As your Customer Success team schedules meetings with your customers, each meeting is made available in ChurnZero to provide a more complete picture to your team. ChurnZero links each synchronized calendar event to the contacts within the system, giving your team a holistic view of each contact and account.
When authorizing ChurnZero to synchronize calendar data on your behalf, you are agreeing to let ChurnZero read your calendar for the purpose of collecting and storing meeting data between you and your customers. For this, ChurnZero requests the following API Scopes:
Google Sign-In: Authenticate using OpenID Connect
Google Sign-In: View your email address
Google Sign-In: View your basic profile info
See and download any calendar you can access using your Google Calendar - no write operations
More Information: OAuth 2.0 Scopes for Google APIs
Microsoft Outlook 365
Read events in user calendars
Maintain access to data you have given it access to
More Information: Microsoft Graph Calendar Permissions Reference
Sync Process & Data Storage
OAuth 2.0 is used for both Google Calendar and Outlook 365. When users authorize their account within ChurnZero, both an OAuth Token and a Refresh Token are generated and stored. All tokens are encrypted with AES 256 bit encryption and stored in an on-disk database that is also encrypted at rest.
Once the sync process begins, ChurnZero queries the appropriate API to retrieve each participating user's calendar event data for a limited date range. All calendar events within the date range are processed, but only those that are found to match at least one contact's email address in the ChurnZero system are retained.
Calendar events that are retained are stored either in an on-disk database or an in-memory cache store, or both. Calendar event data stored in an on-disk database is encrypted at rest.
ChurnZero retains only the minimum amount of calendar event data necessary to support its feature set. The retained data points for each calendar event include:
- Visibility (e.g. private vs non-private)
- Start and end dates/times
- References to users and contacts in ChurnZero that are identified as event attendees