Caliyo’s stance
What we do. What we won’t.
Two columns, plain English. If we ever change either side, it goes in the changelog before it goes in the product.
What Caliyo does
- Encrypt everything at rest (AES-256) and in transit (TLS 1.2+).
- Encrypt your OAuth tokens with a dedicated AWS KMS key before they ever touch a database.
- Scope OAuth to the minimum: calendar read/write and read-only contacts. No Gmail. No Drive.
- Run AI on AWS Bedrock inside our own cloud environment — prompts and outputs are not used to train models.
- Verify webhook and internal traffic with HMAC-SHA256 signatures, constant-time comparison, and replay protection.
- Delete your data within 30 days when you ask — the same commitment as our privacy policy.
What Caliyo won't
- Train any AI model on your calendar data — we don’t build models, and Bedrock doesn’t train on customer content.
- Sell or share your calendar data with third parties for marketing. Ever.
- Read your email or your files — our OAuth scopes can’t reach them.
- Claim certifications we don’t have. No SOC 2 badge until we’ve actually earned one.
- Hide what the assistant did — every change lands on your calendar where you can see it and undo it.
- Keep your data after you leave.
Data lifecycle
Where your data goes — every step.
STEP 01
Connect
OAuth flow grants Caliyo least-privilege calendar scopes. You can revoke at any time from your provider settings.
STEP 02
Read
We sync the fields scheduling actually needs — event titles, times, attendees, and free/busy windows. We can’t see your email or files; the scopes don’t allow it.
STEP 03
Process
Assistant reasoning runs on AWS Bedrock inside Caliyo’s cloud environment. Prompts and outputs are not used to train models and are not shared with the model provider.
STEP 04
Write
Caliyo writes to your calendar only for actions you or your assistant confirm. Every change appears on your calendar immediately — nothing happens out of sight.
STEP 05
Forget
Disconnect a calendar and our access ends immediately — you can also revoke Caliyo from your Google or Microsoft settings. Delete your account and we remove your data within 30 days.
Vendor-eval framework
Eight questions every SaaS team should ask any AI vendor.
Including us. Our answers are in the right column — if another vendor’s answers don’t hold up beside them, that’s the answer.
Best practices for SaaS teams
Six habits that prevent the bad headlines.
None of these are specific to Caliyo. They’re what a competent security org does with every AI vendor in 2026.
Pilot with a low-stakes team first
Run AI tools through a non-critical team for 4 weeks. Audit the access log weekly. Promote to the full org only after the log looks boring.
Keep a written AI vendor inventory
Name, scope, region, data classification, expiration of the contract. Review quarterly. Most "shadow AI" lives in tools nobody remembered approving.
Rotate keys and re-consent annually
OAuth grants don’t expire automatically. Make a calendar event to revoke + re-grant once a year. It surfaces drift you didn’t know about.
Treat AI output as untrusted by default
Pipe AI-generated text through the same review you’d give a junior’s draft. Auto-publishing AI output to customers is how brands get embarrassed.
Train the team on prompt hygiene
No PII in prompts to general-purpose tools. No client names. No financials. Build a one-page do/don’t and put it in onboarding.
Get the DPA before procurement signs
A Data Processing Addendum is non-negotiable for any vendor handling customer or employee data — including AI vendors. No DPA, no purchase.
Honest about limits
Three things even Caliyo can’t promise.
- We don’t build the modelsAssistant reasoning runs on Anthropic Claude models via AWS Bedrock, inside our AWS environment. Bedrock's terms mean prompts and outputs aren't used for training and aren't shared with the model provider — but we don't build the models ourselves. If those terms ever changed, we'd re-evaluate and tell you.
- Calendar providersCaliyo can only be as private as the calendar it connects to. If your Google Workspace admin has audit logging configured, we read what they read. We can't make Google forget your events — only ours.
- Humans existWe're a small team. When you ask us to debug something, an engineer may see the affected data while helping you. Access is limited to the engineering team over authenticated AWS access and used for support — we won't pretend software does all of it.
FAQ