The Sounding Board Platform is used by coaches, coachees, mentors, and mentees to schedule virtual sessions. To make this process seamless, Sounding Board has partnered with Cronofy to allow syncing between the Platform and the end user’s calendar(s). For more in-depth details about the end-user experience and why integrating with Cronofy is so impactful for users, see Calendar Syncing and User Experience.
Note: Companies utilizing the Sounding Board Platform may or may not choose to approve the Cronofy integration for users. If you have any questions, you can contact your Admin, Sponsor, or the Sounding Board Support Team.
Integration Overview
Cronofy will allow users to sync one primary calendar, and then as many “secondary” calendars as they’d like.
Primary calendars are the calendars that session invites will be sent to and created on; this will happen automatically.
Primary and “secondary” calendars are all used to show availability for booking sessions via the Sounding Board Platform. This means if in either the primary or a secondary calendar, there is an event blocked, users will not be able to book sessions during those times to avoid double-booking.
Note that if you have a separate calendar overlayed on any of your calendars, those are NOT blocked; you can see more details here: Calendar and Scheduling Troubleshooting.
Syncing your calendar(s) through Sounding Board and Cronofy is optional, but it is highly encouraged to optimize the experience. Users who do not sync their calendar(s) must manually review session availability between the Sounding Board Platform and their calendars when scheduling.
All users receive email notifications from Sounding Board with the details when sessions are booked. If a user does not have a calendar synced via Cronofy, this email will have a .ics attachment to manually add the event from their email account onto their calendar.
Security Overview
As a Sounding Board Business Partner, Cronofy must adhere to our policies as if they were part of the Sounding Board Platform. In addition, Cronofy has its own SOC 2 Type II certification. Since it is an integrated part of our solution, it was certified as part of our SOC 2 Type II.
This White Paper from Cronofy outlines some of their internal and external policies. On page 10, Cronofy notes the following:
Calendar Data Permissions
Cronofy uses the permissions schemes provided by the calendar service providers to access the end-user calendar. See below as a screenshot from the linking process:
When using Cronofy with your calendar, you might come across a message that says it's asking for full access to your calendar and emails. However, it's important to understand that in our specific situation with Cronofy, it doesn't actually have complete access to everything.
Cronofy only needs certain permissions for our specific needs. It can only see if your calendar events are marked as free or busy, and it can add new events to your calendar when necessary.
It's worth noting that Cronofy doesn't have access to all the detailed information in your calendar or any of your email and contacts. It's designed this way to prioritize your privacy and make sure that only the necessary information is shared with our application.
Cronofy provides a permission scheme to application providers that allows them to only request the level of access required to deliver the functionality they need.
For example, an application can request only free-busy access to existing events but can write additional events to the end-user’s calendar. This means that only the minimum data required transits to the application.