← Back to home

Privacy Policy

Last update: April 2026

Introducing our Privacy Policy

By accepting this Privacy Policy, the user (hereinafter, the "User") is informed that the personal data provided through the web page located at the URL www.meeting.surf (hereinafter, the "Website"), will be processed by MEETING.SURF, as well as the data derived from your browsing and any other data you may provide in the future.

The User must read carefully this Privacy Policy, which has been written in a clear and simple way, to facilitate its understanding, being able the User to determine, in a free and voluntary way if he/she wishes to provide his/her personal data to MEETING.SURF.

  • Data Controller: Meeting.surf (hereinafter, "MEETING.SURF")
  • Data Protection Officer (DPO): privacy@meeting.surf

Privacy Policy Table of Contents

  1. Obligation to provide the data
  2. Origin of the Data
  3. For what purpose will Meeting.surf process the user's data?
  4. What user data will Meeting.surf process?
  5. With which recipients will the user's data be shared?
  6. International Transfers
  7. Commercial and promotional communications
  8. User's responsibility
  9. Exercise of rights
  10. Security Measures
  11. Changes
  12. Acceptance and Consent
  13. Contact Information

Obligation to provide the data

The data requested in the forms on the Website are, in general, mandatory (unless otherwise specified in the required field) to fulfill the purposes for which they are being collected. Therefore, if the User does not provide them or does not provide them correctly, the User's requests cannot be fulfilled, notwithstanding the fact that he/she may freely view certain contents of the Website.

Origin of the data

The data processed by MEETING.SURF for the purposes listed in the following section come from the User himself/herself through the various forms on the Website, from the use of the Website by the User, from his/her browsing of the Website (through cookies or data storage and retrieval devices), and from the Google account the User connects in order to display surf forecasts inside Google Calendar, in accordance with the consents granted by the User to MEETING.SURF.

For what purpose will Meeting.surf process the user's data?

MEETING.SURF will process the User's data for the following specific purposes:

  • Insert surf forecasts into your Google Calendar: connect to the Google Calendar account authorized by the User in order to create, update and remove calendar events that display surf forecast data for the surf spots selected by the User.
  • Provide surf forecast data: retrieve forecast information for the surf spots chosen by the User (including spots referenced from third-party sources such as Surfline.com, with which Meeting.surf is not affiliated) and format it for display inside the User's calendar.
  • Respond to issues raised by the User: manage, process and support requests, incidents, complaints or queries made by the User through the various communication channels made available.
  • Manage the User's account and subscription: manage registration, authentication, and any subscription, including communications related to the service and the attention to possible requests or incidents derived from the same.
  • Sending of commercial communications: manage the sending of products and services marketed by MEETING.SURF related and/or unrelated to the Website.
  • Comply with legally established obligations when the processing is necessary to comply with a legal obligation that may be applicable to MEETING.SURF.
  • Preparation of reports, statistics and internal analysis to improve the services of the Website, in any case using aggregated information.

What user data will Meeting.surf process?

The User's personal data will be kept by MEETING.SURF for the following periods:

  • Google Calendar integration data: kept as long as the User keeps the integration connected or has not withdrawn his/her consent. Once disconnected or revoked, the data will be deleted, unless they must be kept blocked for the time necessary to meet possible legal liabilities.
  • Selected surf spots and preferences (e.g. whether to surface only the best forecasts, or to mask events as fake meeting names): kept while the User's account remains active.
  • Data used to respond to questions: kept for the period necessary to process and respond to the request and, once completed, during the limitation period of legal actions arising from it.
  • Account/subscription data: kept while the User keeps his/her subscription active. Once cancelled, the data may be kept, duly blocked, for the periods necessary to meet possible legal or contractual responsibilities.
  • Commercial communications data: processed in accordance with this purpose until the User revokes consent.
  • Legal obligations data: kept during the legally established terms.
  • Reports, statistics and analysis data: used in aggregate form during the period necessary to prepare them, and afterwards during the limitation period of any related legal actions.

With which recipients will the user's data be shared?

All personal data provided by the User through the Website may be communicated to:

  • Public Administrations, in the cases provided by law, based on the fulfillment of a legal obligation.
  • Courts and Tribunals, in the cases provided by law, based on the fulfillment of a legal obligation.
  • Third party service providers that may have access to the User's personal data and which will process it on behalf of MEETING.SURF in order to provide services. MEETING.SURF follows rigorous supplier selection procedures in order to comply with its data protection obligations, including signing the corresponding data processing contracts in accordance with art. 28 of the GDPR.
  • Google LLC: in order to read and write events in the User's Google Calendar, strictly limited to the scope authorized by the User during the OAuth flow.
  • Surf forecast data sources (such as Surfline.com — Meeting.surf is not affiliated with Surfline) in order to fetch publicly available forecast information for the spots the User chooses to follow.

International Transfers

Although the User's personal data may be hosted on servers located within the European Union ("EU"), some services are operated from the United States ("U.S."), so certain User data may be accessed from the U.S. by MEETING.SURF and its service providers.

To ensure an adequate level of protection, MEETING.SURF carries out these transfers on the basis of appropriate safeguards, in particular by signing Standard Contractual Clauses (SCCs) adopted by the European Commission pursuant to Article 46.2(c) of the GDPR. These clauses contractually oblige the recipient of the data to provide a level of protection equivalent to that required in the EU. Additional technical and organizational measures have been implemented to protect the User's personal data against unauthorized access, loss, alteration or improper disclosure.

The User can consult the updated Standard Contractual Clauses at: commission.europa.eu.

Categories of recipients include:

  • Service Providers: hosting, technology and communication providers; security and fraud prevention consultants; support and customer service vendors.
  • Advertising Partners: ad networks and marketing providers.
  • Analytics Partners: companies that track how users found or interact with the Services.
  • Business Partners with whom we offer joint promotional opportunities.
  • Parties the User authorizes, accesses or authenticates with.

Commercial and promotional communications

One of the purposes for which MEETING.SURF treats the personal data provided by the Users (if they have authorized it or have not objected to the processing) is to send them commercial communications with information related to products, services, promotions, offers, events or news (own and, if applicable, third parties), relevant to the Users. In the event that the User wishes to stop receiving commercial or promotional communications from MEETING.SURF, he/she may request cancellation by sending an email to privacy@meeting.surf or by clicking the unsubscribe link at the bottom of the commercial communications sent.

User's Responsibility

The User guarantees that he/she is over fourteen (14) years of age and that the data provided to MEETING.SURF are true, exact, complete and updated. To these effects, the User is responsible for the veracity of all the data communicated and will keep the information conveniently updated. The User likewise guarantees that he/she has informed any third parties whose data he/she provides, and obtained their authorization. The User shall be liable for any false or inaccurate information provided through the Website and for any damages, direct or indirect, that this may cause to MEETING.SURF or third parties.

Exercise of rights

As the owner of the data, the User may contact MEETING.SURF by email at privacy@meeting.surf at any time and free of charge. If MEETING.SURF should have reasonable doubts in relation to your identity, it may request a copy of an identity document in order to exercise the following rights:

  • Right of Access to your personal data and information about its processing.
  • Right of Rectification of inaccurate data concerning you.
  • Right of Suppression of personal data when the legal requirements are met.
  • Right to limit processing in certain circumstances.
  • Revocation of consent previously given.
  • Total or partial opposition to the processing when based on legitimate interest (including direct marketing and profiling).
  • Portability of your data in a structured, common and machine-readable format.
  • Automated individual decisions: the right to obtain human intervention, to express your point of view and to challenge the decision.
  • Other: the right to file a complaint before the competent data protection authority.

Security Measures

MEETING.SURF will treat the User's data at all times in an absolutely confidential manner and keeping the mandatory duty of secrecy, in accordance with the applicable regulations, adopting the necessary technical and organizational measures to ensure the security of the data and avoid its alteration, loss, processing or unauthorized access, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed.

Google API Services User Data Policy

Meeting.surf's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Changes

MEETING.SURF reserves the right to revise its Privacy Policy at any time it deems appropriate, in which case it will be communicated to Users. We ask the User to regularly check this privacy statement to read the most recent version.

Acceptance and Consent

The User declares to have been informed of the conditions on personal data protection, accepting the content of this Privacy Policy.

Contact Information

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your Personal Data or your choices and rights regarding such collection and use, please do not hesitate to contact us at privacy@meeting.surf.