This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of
Your information when You use the Application, Website, or Service and tells You about Your privacy rights and how the law
protects You. The Application collects anonymous Usage Data and performance metrics which are transmitted to Sentry for monitoring and improvement purposes only.
By using the Service, You agree to the handling of information in accordance with this Privacy Policy.
1. Interpretation and Definitions
1.1 Interpretation
The words of which the initial letter is capitalized have meanings defined under the following
conditions. The following definitions shall have the same meaning regardless of whether they appear
in singular or in plural.
1.2 Definitions
For the purposes of this Privacy Policy:
- You means the individual accessing or using the Application, Website, or Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Application, Website, or Service, as applicable.
- Developer (referred to as either "the Developer", "We", "Us" or "Our" in this Agreement) refers to WindowSill's owner and development team.
- Application or App refers to the WindowSill software application for Windows devices.
- Website refers to WindowSill's website, accessible from https://getwindowsill.app
- Service refers to the Application, Website, Dashboard, and API collectively.
- Country refers to: Washington, USA.
- Extensions means third-party software components that enhance or extend the functionality of the Application.
- Date Extension means the official WindowSill calendar Extension developed by the Developer that connects to third-party calendar providers (Microsoft Outlook, Google Calendar, and Apple iCloud via CalDAV) to display Your calendars, events, and meetings within the Application.
- WindowSill+ refers to premium features, subscriptions, or licenses available for the Application.
- WindowSill Pro refers to premium features, subscriptions, or licenses available for the Application for enterprise organizations.
- Microsoft Store refers to Microsoft's digital distribution platform for Windows applications.
- AI Service Providers means third-party artificial intelligence service providers such as OpenAI, Anthropic, Azure OpenAI, Google (Gemini), xAI, OpenRouter, or other AI companies whose services are integrated with the Application.
- Sentry refers to Sentry.io, a third-party error tracking and performance monitoring service used by the Application to collect anonymous usage data and performance metrics.
- Stripe refers to Stripe, Inc., a third-party payment processor used by the Website and Service to handle subscription billing for enterprise organizations.
- Dashboard refers to the web-based interface accessible through the Website where users can manage their accounts, organizations, billing, and settings.
- Remote Settings refers to configuration settings managed through the Dashboard that are synchronized to the WindowSill desktop Application for enterprise deployments.
- Device Token refers to an authentication token created by organization administrators that enables silent sign-in for the WindowSill desktop Application in enterprise deployments.
- Subscription refers to a recurring payment arrangement for WindowSill+ or WindowSill Pro features, either through the Microsoft Store (for individuals) or Stripe (for enterprise organizations).
- Service Provider means any natural or legal person who processes the data on behalf of the Developer. It refers to third-party Service Providers or individuals who facilitate the Service, provide the Service on behalf of the Developer, perform services related to the Service, or assist the Developer in analyzing how the Service is used.
- Personal Data is any information that relates to an identified or identifiable individual.
- Non-Personal Data is any information that does not relate to an identified or identifiable individual.
- Device means any device that can access the Service such as a computer, cellphone, or digital tablet.
- Usage Data refers to anonymous data collected automatically by the Application and transmitted to Sentry for performance monitoring and improvement purposes (for example, application crash reports, error logs, performance metrics, and feature usage statistics).
2. Information We Collect
2.1 Anonymous Usage Data and Performance Information
The Application automatically collects anonymous Usage Data and performance information which is transmitted to Sentry,
a third-party error tracking and performance monitoring service. This data is collected for the purpose of Application
performance monitoring, reliability improvement, and error detection. The collected data includes:
- Application crash reports and error logs (anonymized)
- Performance metrics (startup time, memory usage, response times)
- Feature usage statistics (which features are used and how often)
- Device information (operating system version, hardware specifications)
- Application version and configuration information
Anonymous Data Collection: All Usage Data transmitted to Sentry is anonymous and does not contain
any Personal Data. The Developer cannot identify individual users from this data. Your files, clipboard content,
text You type, or any personally identifiable information is never collected or transmitted.
2.2 Sentry Integration
The Application uses Sentry.io for error tracking and performance monitoring. Anonymous Usage Data is transmitted to
Sentry's servers located in the United States. This integration allows the Developer to:
- Monitor application performance and stability
- Identify and fix bugs and crashes
- Understand how features are being used
- Improve overall application quality
Sentry's data processing is subject to Sentry's Privacy Policy
and their data processing agreements. Sentry is certified under various privacy frameworks and implements appropriate
security measures for data protection.
Data Location: Usage Data transmitted to Sentry is stored on servers located in the United States.
Sentry implements industry-standard security measures and complies with applicable data protection regulations.
2.3 Website Analytics
The Website may use standard web analytics tools to understand how visitors interact with the Website.
This helps the Developer improve the Website experience and includes Non-Personal Data such as page views,
referral sources, and general geographic regions. This is separate from the Application and applies only to Website usage.
2.4 Website Cookies
The Website uses cookies to provide and improve the user experience. We use two types of cookies:
- Essential Cookies: These are necessary for the Website to function properly and cannot be disabled. They enable basic functions like page navigation and access to secure areas of the Website.
- Analytics Cookies: These cookies help us understand how visitors interact with the Website by collecting and reporting information anonymously. They are used with Google Analytics to measure Website performance and user engagement. These cookies are only set with your explicit consent.
Cookie Consent: When you first visit our Website, you'll see a cookie consent banner.
You can choose to accept all cookies, decline optional cookies, or manage your preferences.
Your consent choices are stored locally in your browser and you can change them at any time.
For analytics cookies, we use Google Analytics which is subject to
Google's Privacy Policy.
We have configured Google Analytics to anonymize IP addresses and use secure, strict cookie settings.
2.5 Account Data
When You create an account through the Dashboard, the Developer collects and stores the following Personal Data:
- Email address - Used for account identification, authentication, and communication
- Display name - Your chosen name displayed within the Service
- Account type - Whether Your account is Individual or Enterprise
- Account timestamps - When Your account was created and last login time
- IP address - Temporarily stored when verification codes are requested, for security purposes
Passwordless Authentication: The Service uses passwordless authentication via email verification codes.
No passwords are stored. Verification codes expire after 15 minutes (for sign-in) or 24 hours (for registration)
and are automatically deleted after use.
2.6 Organization Data
If You create or join an organization through the Dashboard, the Developer collects and stores:
- Organization name - The display name of Your organization
- Domain - The email domain associated with Your organization (e.g., company.com)
- Member information - List of organization members and their roles (Admin or Member)
- Billing identifiers - Stripe customer and subscription IDs for payment processing
- Remote Settings - Configuration settings that sync to the WindowSill desktop Application
- Device Tokens - Authentication tokens for enterprise deployment (stored encrypted)
- AI provider API keys - If configured, Your AI provider API keys are stored with AES encryption
2.7 Payment Processing
The Service uses different payment processors depending on Your subscription type:
For Individual Users (B2C): WindowSill+ subscriptions and lifetime licenses purchased through the
Microsoft Store are processed entirely by Microsoft. The Developer does not have access to Your payment card
information or billing details for these purchases.
For Enterprise Organizations (B2B): WindowSill Pro subscriptions and lifetime licenses are processed through Stripe.
The Developer stores only Stripe identifiers (customer ID, subscription ID) and billing event history.
Your payment card information is handled directly by Stripe and is never stored on the Developer's servers.
Stripe's data processing is subject to Stripe's Privacy Policy.
Stripe is certified under various privacy frameworks including SOC 2 and implements appropriate security measures for payment data protection.
3. Third-Party AI Services
The Application integrates with various AI Service Providers to offer text assistance features. When You use AI-powered features,
Your text may be sent to these third-party AI Service Providers for processing:
Note: You can also use local AI models for enhanced privacy. When using local models,
Your data never leaves Your Device.
AI features and Your calendar data are strictly separated. AI Service Providers — including
OpenRouter, OpenAI, Anthropic, Azure OpenAI, Google (Gemini), and xAI — only ever receive the text You
explicitly submit to the AI text-assistance features. They never receive any data obtained from
Google APIs or from any connected calendar account. Calendar data handled by the Date Extension (described in
Section 5) is processed only on Your Device to display Your events and is categorically excluded from all AI
processing. There is no feature, workflow, or code path that transfers Google User Data, or any calendar data, to
an AI Service Provider.
4. Extensions
The Application supports third-party Extensions that may enhance its functionality. From a privacy perspective:
4.1 Extension Data Handling
Extensions operate independently from the Application and may have their own data collection, processing,
and privacy practices. The Developer has no control over or visibility into:
- What data Extensions may collect from You or Your Device
- How Extensions process or store Your information
- Whether Extensions transmit data to external servers
- Extension compliance with privacy laws and regulations
Important Privacy Notice: Each Extension may have its own privacy policy and data handling practices.
The Developer strongly recommends reviewing each Extension's privacy policy before installation and use.
4.2 Developer's Responsibility Regarding Extensions
The Developer does not:
- Monitor or control Extension data collection practices
- Have access to data collected by Extensions
- Validate Extension privacy policies or practices
- Accept responsibility for Extension privacy violations
- Provide support for Extension-related privacy issues
4.3 Your Privacy Rights with Extensions
When using Extensions, You should:
- Review each Extension's privacy policy before installation
- Understand what permissions and data access Extensions require
- Contact Extension developers directly for privacy-related concerns
- Remove Extensions if You are uncomfortable with their privacy practices
- Monitor Extension behavior and data usage on Your Device
5. Connected Calendar Accounts (Date Extension)
The official WindowSill Date Extension lets You optionally connect calendar accounts to display Your
upcoming events, meetings, and schedule within the Application. Connecting an account is entirely optional and only
occurs when You explicitly sign in to a provider and grant consent. The supported providers are Microsoft Outlook,
Google Calendar, and Apple iCloud (via CalDAV).
5.1 Read-Only Access
The Date Extension requests read-only access to Your calendars. It reads Your list of calendars and
Your event details for the sole purpose of displaying them to You inside the Application. WindowSill does not create,
edit, delete, move, or otherwise modify any calendars or events in Your connected accounts.
5.2 Google Calendar Data and OAuth Scopes
When You connect a Google account, WindowSill authenticates using Google OAuth and requests only the following
read-only scopes:
https://www.googleapis.com/auth/calendar.calendarlist.readonly — read-only access to the list of calendars on Your Google account, used so You can choose which calendars to display.
https://www.googleapis.com/auth/calendar.events.readonly — read-only access to the events on Your selected Google calendars, used to display Your upcoming events.
WindowSill requests no other Google scopes. It has no write access, no sharing access, no contacts access, and no
access to any Google data beyond the read-only calendar information described above. Google's handling of Your data
is also subject to Google's Privacy Policy.
Google API Services Limited Use: WindowSill's use and transfer of information received from Google APIs
to any other app adheres to the
Google API Services User Data Policy,
including the Limited Use requirements. Google Calendar data is used only to provide the calendar features You
request, is never sold or transferred to others, is never used for advertising, and is never used to develop,
improve, or train generalized or personalized AI or machine-learning models. In particular, Google Calendar data
is never sent to, or used by, any third-party AI Service Provider — including OpenRouter — that powers
WindowSill's separate AI text-assistance features. Those AI features operate only on text You explicitly submit and
have no access to Google User Data.
5.3 Microsoft Outlook and Apple iCloud
For Microsoft Outlook, WindowSill authenticates through Microsoft's sign-in (MSAL) and accesses Your calendars for
display only; Microsoft's handling of Your data is subject to the
Microsoft Privacy Statement.
For Apple iCloud, WindowSill connects over the CalDAV protocol using an app-specific password that You provide,
and reads Your calendar data for display only.
5.4 Where Calendar Data Is Stored
All OAuth tokens, app-specific passwords, account details, and cached calendar data handled by the Date Extension are
stored locally on Your Device, encrypted using Windows Data Protection (DPAPI) scoped to Your user account. This
information is never transmitted to, or stored on, the Developer's servers. Calendar data is exchanged only between
Your Device and the respective calendar provider (Google, Microsoft, or Your iCloud/CalDAV server).
5.5 Revoking Access
You can disconnect a calendar account at any time from within the Application, which deletes the locally stored
credentials and cached data for that account. You may additionally revoke WindowSill's access to Your Google account
at any time through Your Google Account permissions page.
6. Microsoft Store Integration
The Application is distributed through the Microsoft Store. Microsoft handles all purchase transactions,
subscription management, and payment processing for WindowSill+ subscriptions and lifetime licenses.
The Developer does not have access to Your payment information or Personal Data from Microsoft Store purchases.
For subscription management, refunds, or billing inquiries, please refer to:
7. Data Security
The security of Your anonymous Usage Data is important to us. The following security measures apply:
- Only anonymous, non-personal data is transmitted from the Application
- No Personal Data is collected or transmitted by the Application
- Access to Usage Data is restricted to authorized personnel for application improvement purposes only
Note: This section applies only to data transmitted by the Application to Sentry. Extensions and AI Service Providers
may have different security practices over which the Developer has no control.
8. Data Retention
The Developer retains different types of data for different periods based on operational and legal requirements:
- Account Data: Retained until You request account deletion. Upon deletion request, Your data will be removed within 30 days, except where retention is required by law.
- Verification Codes: Automatically expire (15 minutes for sign-in, 24 hours for registration) and are deleted after use or expiration.
- Organization Data: Retained while the organization is active. When a member leaves an organization, their membership data is deleted, except for billing event records.
- Billing Events: Retained for approximately 30 days after organization departure for operational purposes, and up to 7 years for tax and audit compliance where required by law.
- Anonymous Usage Data (Sentry): Retained according to Sentry's data retention policies. Since this data is anonymous and cannot be linked to individual users, it is used solely for application improvement purposes.
Note: Extensions may have their own data retention policies that are independent of the Application.
Please consult individual Extension privacy policies for their data retention practices.
9. Your Rights and Choices
9.1 Privacy Choices
Regarding data management and privacy choices, You have the following options:
- Anonymous Data: Since all Usage Data transmitted to Sentry is anonymous, the Developer cannot identify or modify data associated with individual users
- Local AI Only: Choose to use only local AI models to ensure all AI processing remains on Your Device
- Cookie Management: You can manage your cookie preferences for the Website through the cookie consent banner or by clearing your browser's cookies. Analytics cookies are only set with your explicit consent and can be declined at any time
- Extension Control: You can install, uninstall, or disable Extensions at any time through the Application's settings
- Contact Developer: Contact the Developer if You have questions about the Application's data handling or would like to request information about the types of data collected
9.2 Data Subject Rights (GDPR/CCPA)
Depending on Your location, You may have certain rights under data protection laws such as the General Data Protection
Regulation (GDPR) or the California Consumer Privacy Act (CCPA). These rights may include:
- Right to Access: Request a copy of the Personal Data the Developer holds about You
- Right to Rectification: Request correction of inaccurate Personal Data
- Right to Erasure: Request deletion of Your Personal Data (subject to legal retention requirements)
- Right to Data Portability: Request Your data in a structured, commonly used format
- Right to Restriction: Request limitation of processing of Your Personal Data
- Right to Object: Object to processing of Your Personal Data for certain purposes
To exercise any of these rights, please contact the Developer at
support@getwindowsill.app.
The Developer will respond to Your request within 30 days and may require verification of Your identity.
Account Deletion: To request deletion of Your account and associated data, contact the Developer at
support@getwindowsill.app. Your data will be deleted within 30 days,
except for billing records retained for legal compliance.
Extensions Privacy: For privacy choices related to Extensions, You must contact each Extension developer directly.
The Developer cannot control or modify Extension privacy settings.
10. Children's Privacy
The Application does not knowingly collect Personal Data from children under 13. The anonymous Usage Data collected
through Sentry cannot be linked to individual users, including children. If You are a parent or guardian and have
concerns about Your child's use of the Application, please contact the Developer.
Extensions Warning: Extensions may have different age restrictions and privacy practices regarding children.
Parents should review each Extension's privacy policy before allowing children to use them.
11. Changes to This Policy
The Developer may update this Privacy Policy from time to time. The Developer will notify users of any material changes
through the Application or on the Website. Your continued use of the Service after
changes become effective constitutes acceptance of the updated policy.
12. Contact Information
If You have any questions about this Privacy Policy or the Developer's privacy practices, please contact the Developer:
Extension Privacy Questions: For privacy questions related to specific Extensions,
please contact the Extension developers directly. The Developer cannot provide support for Extension privacy matters.
13. Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of the jurisdiction
where the Application is developed and maintained.
For the most up-to-date version of this Privacy Policy, please visit the Website regularly.