Zum Inhalt springen
Unabhängig verifiziert · Quartalsweises Re-Audit
EU VETTED

Cal.com

VERIFIZIERT
Terminbuchung · United States
Gegründet 2021 · cal.com ↗

US-incorporated open-source Calendly alternative (Cal.com Inc, SF) founded by EU developers; production code moving closed-source in 2026.

Kurzfassung

Cal.com aus der Kategorie Terminbuchung wird von einem US-Unternehmen betrieben und unterliegt damit direkt dem CLOUD Act.

Bewertungsnotizen

Cal.com is US-incorporated as Cal.com, Inc. (San Francisco) despite its EU-founder origin (Peer Richelsen + Bailey Pumfleet, 2021): Delaware-style US corporation, US$32M VC-funded, and the privacy policy explicitly states data is transferred to and maintained in the US. Sub-processors are heavily US (Stripe, Twilio, Daily.co) plus PostHog (UK). No public DPA; no sub-processors list beyond general privacy-policy disclosure. In 2026 Cal.com began moving its production codebase behind closed doors with only a stripped community edition (Cal.diy, MIT) remaining open-source, so the historical 'open-source Calendly alternative' positioning is degrading. The hosted SaaS carries direct CLOUD Act exposure as a US-incorporated entity (US-owned, US-hosted, no public DPA) and should not be the procurement-grade choice for strict EU buyers; the self-host path via Cal.diy on EU infrastructure (EU-hosted, no CLOUD Act exposure for that path) is the only structurally clean option. Alternatives in the category (SuperSaaS NL, Reservio CZ, Doodle CH, Cronofy UK) are all structurally cleaner from an EU-sovereignty perspective.

CLOUD ACT
OWNERSHIP
SUB-PROCS
8 · 8 US
CLOUD Act je nach Betrieb

Die Exposition hängt davon ab, wie Sie dieses Produkt betreiben.

Gehostetes SaaS (Standard)

Anbieterbetrieben: die unten genannten Unterauftragsverarbeiter gelten.

Selbst gehostet (Open Source)

Auf eigener EU-Infrastruktur betreiben: Sie kontrollieren Hosting und jeden Unterauftragsverarbeiter.

Geprüfte Signale
Jurisdiktion
  • EU-/Angemessenheits-Hosting
  • EU-/Angemessenheits-Betreiber
  • Keine US-CLOUD-Act-Exposition
Transparenz
  • Öffentlicher AVV
  • Unterauftragsverarbeiter offengelegt
  • Open-Source-Clients
  • Zertifizierung durch Dritte
JUMP TO
OVERVIEW

Über Cal.com

Cal.com is one of the most-cited "open-source Calendly alternative" SaaS products of the past few years, founded in 2021 by Peer Richelsen (German) and Bailey Pumfleet (UK), with the commercial entity incorporated as Cal.com, Inc. in San Francisco, California despite the EU-founder origin. The company has raised approximately US$32M in venture funding and the GitHub repository (calcom/cal.com) has accumulated more than 41,000 stars since launch. The product replaces Calendly's hosted scheduling experience with a self-hostable, AGPLv3-licensed open-source codebase plus a managed SaaS (cal.com), a model that was the directory's reference "EU founders bringing US-style SaaS open-source pressure" story until 2026.

The 2026 strategic shift complicates the listing. Per public reporting and direct corporate communication, Cal.com is moving its production codebase behind closed doors during 2026, leaving only a stripped community edition called Cal.diy under the more-permissive MIT licence, while rewritten authentication, data-handling, and commercial systems become proprietary. This narrows the structural "fork-if-anything-changes" guarantee that historically distinguished Cal.com from Calendly. For procurement-grade EU buyers the picture is now: (a) the hosted Cal.com SaaS is US-incorporated under Cal.com, Inc. and subject to US extraterritorial law by default, direct CLOUD Act exposure under our strict-ownership stance; (b) the privacy policy explicitly confirms data transfers to the United States, with US sub-processors Stripe, Twilio, and Daily.co alongside PostHog (UK); (c) the Cal.diy MIT community edition on EU infrastructure (Hetzner, OVHcloud, Scaleway) remains a legitimate self-host option but with reduced feature parity vs the proprietary hosted product.

Pricing for the hosted SaaS is freemium with paid Team and Enterprise tiers; specific entry-tier EUR figures were not captured at audit. Best fit: developers and product builders who specifically want the Cal.com API surface and accept US-incorporation; teams comfortable with the new MIT/Cal.diy self-host path on EU infrastructure for sovereignty. Procurement-grade EU-only buyers needing a structurally EU-incorporated alternative should choose Doodle (CH, TX Group), SuperSaaS (NL, founder-owned), or Reservio (CZ, ABUGO Group) instead; all listed elsewhere in this category.

SUB-PROCESSORS

Unterauftragsverarbeiter-Karte · 8

Quelle ↗
  • Amazon Web Services (S3) US
    United States

    Encrypted storage of video recordings

  • Daily.co US
    United States

    Video conferencing and recording API

  • GitHub US
    United States

    CI/CD: code hosting, review, build

  • Google Analytics US
    United States

    Website performance and navigation analytics (non-EU visitors)

  • Intercom US
    United States

    Customer support and communication

  • PostHog US
    United States

    Product analytics; feature testing and observability

  • Stripe US
    United States

    Payment processing

  • Twilio US
    United States

    Email and SMS booking reminders/notifications

8 von 8 Unterauftragsverarbeitern sind in den USA registriert. CLOUD-Act-Risiko anwendbar.
CERTIFICATIONS

Rahmenwerke & Zertifizierungen · keine gelistet

Wir haben die Website des Anbieters und die Register der Zertifizierungsstellen geprüft. Keine aktiven Zertifizierungen gefunden zum Zeitpunkt der letzten Prüfung (2026-05-11).
FEATURES

Funktionsmatrix

Zahlungserfassung Ja
White-Label Ja
Kalender-Sync Ja
Round-Robin / Team Ja
Gruppenbuchungen Ja
Video-Integration Ja
Automatische Erinnerungen Ja
Gratis-Tarif Ja
INTEGRATION & ZUGRIFF
REST API Yes
SSO (SAML / OIDC) Yes
COMPLIANCE & GOVERNANCE
Audit log Yes
Self-host / on-prem option Yes
PRICING

Preise & Tarife

FREEMIUM
Individuelle Preise

Kontaktieren Sie den Anbieter für Staffel- oder Mengenpreise.

Preisseite ansehen ↗
PUBLIC DOCUMENTS

Öffentliche Dokumente

Anbieter veröffentlicht keinen öffentlichen AVV. Ohne öffentlich zugänglichen Auftragsverarbeitungsvertrag können kleine EU-Kunden den Verarbeitervertrag nicht selbst abschließen. Dies wird als fehlender öffentlicher AVV vermerkt (siehe So prüfen wir).
  • Auftragsverarbeitungsvertrag (AVV)
    — fehlt
    fehlt
  • Liste der Unterauftragsverarbeiter
    cal.com/privacy…
    Öffnen ↗
  • Nutzungsbedingungen
    cal.com/terms…
    Öffnen ↗
ALTERNATIVES

Alternativen in dieser Kategorie

Cronofy
United Kingdom · Gegründet 2013
EU-GEHOSTET

Nottingham UK developer-API-first calendar / scheduling platform (Cronofy, founded 2013), ISO 27001 + SOC 2; Wise / GoCardless / Indeed customers.

Öffentl. AVV Subprozessoren Open Source
FROM
CLOUD ACT
MATERIAL
Doodle
Switzerland · Gegründet 2007
EU-ANSäSSIG

Swiss group-scheduling pioneer (Doodle AG, Zurich, 2007), owned by TX Group (SIX-listed Swiss media holding); SOC 2 + GDPR + HIPAA.

Öffentl. AVV Subprozessoren Open Source
FROM
CLOUD ACT
MINOR
Reservio
Czechia · Gegründet 2012
EU-ANSäSSIG

Brno-based Czech booking platform (Reservio s.r.o., ABUGO Group), 500k+ businesses, freemium with branded customer apps.

Öffentl. AVV Subprozessoren Open Source
FROM
CLOUD ACT
MINOR