Security Overview
Last updated: July 10, 2026
Security principles
Awase is built for scheduling workflows that depend on Google Calendar data. We use administrative, technical, and organizational measures designed to protect that information while you import, sync, share, and book time through the product.
Encryption and transport
- All traffic between your browser and Awase is encrypted in transit using HTTPS.
- Sensitive credentials such as Google refresh tokens are encrypted at rest.
- Shared pages and booking flows are served over the same secure transport standards as the rest of the application.
Access controls
- Workspace permissions control what assistants and collaborators can manage.
- Privacy defaults and redaction rules determine what event details can appear on shared calendar and booking pages.
- Google Calendar access uses OAuth with the read-only scope you authorize.
Google Calendar data handling
Awase uses Google Calendar data only to provide calendar import, sync, privacy filtering, assistant collaboration, and shared availability. The use of raw or derived user data received from Google Workspace APIs adheres to the Google User Data Policy, including the Limited Use requirements.
We do not sell Google user data, use it for advertising, or train generalized AI/ML models on it. See our Privacy Policy for full details.
Operational security
- Standard server logging supports abuse investigation and reliability work.
- Authentication cookies and session handling keep signed-in access scoped.
- You can disconnect Google Calendar or sign out at any time from the dashboard.
Report a concern
If you believe you have found a security issue or have a question about our data practices, contact us at hello.webdev@dsbureau.co.