Enterprise Security Review

Last Modified: May 13, 2026

Summary

Sundial is a Chrome extension that enhances scheduling efficiency in Google Calendar. See how it works here.

This page outlines Sundial’s security and compliance approach for enterprise review. For inquiries, contact support@trysundial.ai.

• SOC 2 Type II: Completed November 2025; Live controls status.
• Independent Security Testing: Regular third-party penetration testing. Latest certification available here.
• Enterprise Integration: Supports SAML 2.0 SSO.
• Data Minimization: No passive tracking. Only accesses calendar when user-initiated. No Google Calendar event content retained. Poll data (title, proposed times, guest emails, votes, optional notes) is encrypted at rest and permanently deleted 90 days after the poll closes.
• Data Control: Users and enterprises can delete data anytime via dashboard or by request.
• AI: No storage or training. Customer data is not used to train AI models, and subprocessors are bound by obligations that prohibit such use.

Table of Contents

• 1. Permissions & Data Access
• 2. Data Security & Storage
• 3. Authentication & User Identity
• 4. Application Architecture
• 5. Compliance & Privacy Considerations
• 6. Security Governance
• 7. Business Continuity & Disaster Recovery

---

Access Required

To view the full security review, email support@trysundial.ai asking for access.