Global teams, human hours
Timeglue is time zone scheduling software that finds sane cross-region meeting windows while honoring work hours, holidays, and focus blocks. Built for remote team leads at startups and agencies, it ends time zone math and back-and-forth: paint acceptable hours on a draggable timeline, share smart links, and prevent after-hours invites.
Subscribe to get amazing product ideas like this one delivered daily to your inbox!
Explore this AI-generated product idea in detail. Each aspect has been thoughtfully created to inspire your next venture.
Detailed profiles of the target users who would benefit most from this product.
- Age 30–38; open-source maintainer and part-time developer advocate. - Lives in Berlin; collaborators span North America, APAC, Africa. - Remote-first; core team 6 maintainers, 80+ contributors. - Tech stack GitHub, Slack, Zoom; income supplemented by sponsorships.
Started as a contributor fixing docs during grad school; now leads weekly triage and monthly roadmap calls. Past burnout from late-night meetings drives insistence on humane scheduling and protected focus blocks.
1. Cluster triage calls within global humane overlap. 2. Auto-respect contributors’ local holidays and hours. 3. Share role-specific booking links per workstream.
1. Late-night triage draining volunteer motivation. 2. Confusing daylight savings wrecks recurring meetings. 3. Juggling ad-hoc contributors’ sporadic availability.
- Champions contributor well-being over velocity. - Obsessed with transparent, asynchronous-first collaboration. - Pragmatic; hates manual time zone math. - Values community rituals and predictable cadence.
1. GitHub Discussions — daily 2. Slack — project 3. Twitter/X — updates 4. Discord — community 5. Email — newsletter
- Age 35–50; Principal Investigator or program manager. - Based in Toronto; collaborators in EU, India, Australia. - University setting; grants-funded; team 12–30 researchers. - Tools: Google Workspace, Zoom, Slack, ResearchGate.
Former postdoc who lost grant time to calendar wrangling. A failed multi-site meeting due to daylight savings spurred tools that respect academic calendars and teaching blocks.
1. Encode teaching and lab schedules as hard no-go. 2. Batch cross-lab reviews into humane windows. 3. One link per committee with preset rules.
1. Clashes with teaching hours and lab experiments. 2. Semester breaks misaligned across institutions. 3. Last-minute Doodle polls waste precious time.
- Protects deep work and lab time fiercely. - Data-driven; favors reproducible, auditable processes. - Seeks fairness across time zones. - Minimizes administrative overhead with zeal.
1. Google Calendar — daily 2. Slack — department 3. Zoom — recurring 4. ResearchGate — updates 5. Email — faculty
- Age 27–40; event or field marketing manager. - Based in Austin; audience and speakers globally. - B2B SaaS; team 3–8 marketers. - Tools: HubSpot, Zoom Webinar, LinkedIn Live, Google Calendar.
Cut teeth running virtual summits during lockdowns, juggling 30+ speakers. A botched rehearsal at 2 a.m. cemented a no after-hours policy and reliance on guardrails.
1. Pre-build rehearsal windows per speaker region. 2. Lock booking inside business hours only. 3. One-click reschedule respecting all constraints.
1. Speakers booking outside agreed rehearsal windows. 2. Daylight savings shifting live event times. 3. Conflicts with executive calendars last minute.
- Fanatic about speaker experience and punctuality. - Operates with color-coded, checklist-driven precision. - Embraces automation; distrusts manual scheduling. - Cares about brand professionalism deeply.
1. LinkedIn — daily 2. Zoom — hosting 3. HubSpot — emails 4. Slack — team 5. YouTube — research
- Age 29–45; freelance PM/producer with multi-client portfolio. - Based in Lisbon; clients in US, UK, APAC. - Works from co-working spaces; income mid–high variability. - Tools: Notion, Trello, Google Workspace, Slack.
Left agency life after calendar chaos and burnout. Built a boundary-driven practice where automation blocks scope creep, including meetings encroaching on evenings.
1. Client-specific smart links with guarded hours. 2. Auto-detect and exclude client holidays. 3. Batch recurring check-ins across clients.
1. Clients booking into protected focus blocks. 2. Conflicting holidays across regions cause cancellations. 3. Context-switching across calendars is exhausting.
- Time sovereignty is non-negotiable, always. - Optimizes for fewer, higher-quality meetings. - Values clear expectations and predictable routines. - Pragmatic; chooses tools that save minutes daily.
1. LinkedIn — prospecting 2. Upwork — sourcing 3. Slack — client 4. Email — primary 5. Notion — docs
- Age 32–48; localization program manager. - Based in Singapore; stakeholders across EMEA, AMER, LATAM. - Company size 200–1,000; multi-product SaaS. - Tools: Smartling, Jira, Slack, Google Calendar.
Started as a translator; promoted after rescuing a release derailed by mismatched time zones. A missed sign-off delayed a launch—now plans review windows ruthlessly.
1. Locale-based windows tied to release milestones. 2. Automatic holiday rules per country. 3. Role-specific links for translators vs reviewers.
1. Reviewers unavailable during critical freeze windows. 2. Vendor calls slipping into midnight hours. 3. National holidays breaking sprint cadence.
- Obsessed with on-time releases and handoffs. - Seeks harmony between vendors and internal teams. - Risk-averse; prefers guardrails over guidelines. - Data-minded; tracks cycle times religiously.
1. Slack — localization 2. Jira — workflows 3. Smartling — vendor 4. Email — approvals 5. LinkedIn — community
- Age 26–38; program coordinator/manager. - Based in Nairobi; partners across MENA, South Asia, LATAM. - Organization size 20–150; hybrid/remote. - Tools: WhatsApp, Zoom, Google Workspace, Airtable.
Learned coordination during disaster response deployments where timing meant impact. After repeated after-hours calls strained partner relationships, adopted strict scheduling norms.
1. Schedule trainings within mutually humane overlap. 2. Respect religious and national holidays automatically. 3. Offline-friendly invites and reminders.
1. Partners refuse late-night or weekend meetings. 2. Unstable connectivity requires fewer reschedules. 3. Holiday mismatches derail donor check-ins.
- Empathy-led; prioritizes partner and community well-being. - Seeks equitable participation across regions. - Frugal; favors value over flash. - Mission-driven, outcomes-focused, accountable to stakeholders.
1. WhatsApp — primary 2. Email — formal 3. Zoom — sessions 4. LinkedIn — networking 5. Google Calendar — invites
Key capabilities that make this product valuable to its target users.
Assign per-role, seniority, or stakeholder weights so rotations distribute outside-normal-hour burden equitably—not just equally. Give candidates, customers, or protected roles lighter weights while keeping transparency with a team-visible rationale. FairShare uses the weights to pick next slots that stay within work-hour guardrails and preserve overall balance.
Introduce a configurable weighting system that assigns relative participation coefficients to roles, seniority bands, stakeholder types, teams, and individual overrides. Weights default to 1.0 and can range from 0.1 to 2.0, with validation to prevent zero or negative totals within a rotation pool. Effective weights are normalized per rotation pool and computed after applying exemptions (e.g., protected roles, candidates, customers), local holiday calendars, work-hour guardrails, focus blocks, and PTO. Support versioned weight profiles with effective-dating, fallback rules when metadata is missing, and caps on maximum after-hours assignments per user per period. Integrate with Timeglue’s org directory and role/seniority mappings, ensure idempotent updates, and provide deterministic calculations resilient to partial data. The outcome is a consistent, equitable baseline that downstream scheduling can rely on to distribute outside-normal-hour burden fairly while respecting hard constraints.
Provide an admin-facing interface to create, view, and edit weights using sliders and numeric inputs, with presets and templates per role/seniority/stakeholder. Display calculated effective weight, normalization impacts, and constraint warnings (e.g., exceeds caps or violates guardrails) in real time. Require a short, team-visible rationale note on any non-default weight, and surface these rationales in team views for transparency. Support bulk-edit, search/filter, undo/redo, draft versus published changes, and change previews showing projected burden shifts before saving. Place the UI under Team Settings > Rotations and make it responsive, accessible (WCAG AA), and keyboard-navigable.
Enhance the FairShare scheduling algorithm to consume effective weights and produce rotation assignments that honor work-hour guardrails, holidays, and focus blocks while preserving long-term balance. Implement drift detection and correction to steer actual burden toward weighted targets over time, with tie-breakers (e.g., least recent assignment, lowest after-hours count) for deterministic outcomes. Support backfill logic when a candidate is unavailable, and maintain performance for large pools (O(n log n) target) with concurrency-safe operations. Emit trace data explaining assignment decisions to enable user-facing transparency and auditability.
Deliver a dashboard that visualizes target versus actual burden distribution by person, role, team, and time window, including after-hours counts, deviation percentages, and trend lines. Provide drill-downs to individual assignment histories with explanation traces (“why you were selected”) sourced from the scheduler. Offer configurable alerts when deviation from target weights exceeds thresholds, and exportable reports (CSV/PDF) for leadership and clients. Ensure data retention aligns with org policy and supports comparison across time zones and holiday calendars.
Expose secure REST/GraphQL endpoints to create, read, update, and delete weights at role, team, and user levels, with bulk operations, optimistic concurrency, and granular scopes. Provide CSV import/export for quick edits and a mapping layer to sync role/seniority from HRIS/SCIM, including idempotent upserts and validation feedback. Publish webhooks for weight and policy changes so downstream systems and audits remain current. Enforce rate limits and input validation to maintain integrity across large organizations.
Implement role-based permissions that restrict who can view or modify weights, with configurable approvers for sensitive changes (e.g., protected roles). Require mandatory rationale notes for non-default changes, capture full change history (who, what, when, why), and support effective-dated changes with scheduled activation and rollback. Notify impacted teams on publishing, and provide read-only visibility of rationales to all rotation members to maintain transparency. Align logs with compliance retention policies and provide export for audits.
Offer a sandbox where leads can adjust weights and preview the next 30–90 days of assignments across time zones, holidays, and focus blocks without affecting live schedules. Display projected after-hours counts per user, deviation from targets, and risk flags (e.g., cap breaches) for each scenario. Enable side-by-side comparison of multiple scenarios and one-click promotion of a chosen scenario to production, with automatic creation of a change set and rationale prompt.
Track each person’s cumulative after-hours minutes across series and automatically propose “payback” rotations that restore balance. See a clear debt/credit bar for every attendee and get auto-suggestions that nudge future meetings toward those with lower burden. Reduces resentment and eliminates manual tallying.
Compute per-attendee after-hours minutes for every meeting occurrence by comparing event times to each person’s configured working hours, time zone, holidays, focus blocks, and exceptions. Support recurring series, partial overlaps, and daylight-saving transitions; recalculate deltas when availability rules change. Provide idempotent processing from calendar sources, handle retroactive backfills, and expose normalized outputs (minutes, weighted minutes, reason codes) for downstream features. Ensure performance for near real-time updates and correctness across cross-region scenarios.
Maintain a durable ledger that aggregates after-hours accruals into per-user debt/credit totals at series and global scopes. Record line items per event occurrence with timestamps, minutes, weights, and source references. Support configurable rules: weighting for early/late windows, caps per day/week, decay/expiration, and grace buffers. Enable manual adjustments with audit trails and comments. Provide consistent APIs for querying current balances, history, and projections, with transactional integrity and backfill safety.
Deliver an accessible UI component that renders each attendee’s current debt/credit as a horizontal bar with color-coding, numeric totals, and tooltips. Embed in series pages, the scheduler, and participant profiles. Support drill-down to show contributing meetings and adjustments, and preview how a proposed time changes the bar (delta view). Ensure keyboard navigation, WCAG AA contrast, localization of units/labels, and responsive layouts. Cache summaries for fast load while keeping details fresh.
Incorporate debt/credit scores into Timeglue’s slot-scoring engine to nudge proposed windows toward lower-burden participants while honoring all hard constraints (work hours, holidays, focus blocks). Provide tunable bias strength and guardrails to avoid extreme or unfair outcomes. Expose explanation metadata (e.g., “preferred due to Alice’s high debt”) in the UI and API. Support A/B toggles and per-series configuration, with performance optimizations to keep search responsiveness under SLA.
Generate fair rotation plans for recurring meetings that assign inconvenient times in a balanced sequence to reduce accumulated debt. Simulate future occurrences, preview impact on each attendee’s balance, and propose adjustments when participants join/leave or are on holiday. Allow organizers to accept, edit, or apply the rotation to the series, with change tracking and rollback. Export rotation summaries to calendar descriptions/notes and provide API endpoints for automation.
Deliver configurable in-product and email/Slack notifications that alert users and organizers when debt thresholds are crossed, when payback rotations are ready for review, or when a proposed time increases a specific attendee’s debt. Include pacing and batching to prevent spam, quiet hours, and role-based recipient rules. Each notification should provide clear context and deep links to the relevant view (ledger, proposal, or scheduler). Respect user preferences and org policies.
Implement granular permissions and privacy settings defining who can view individual debt metrics, aggregated team views, or anonymized summaries. Offer per-user consent, opt-out for sensitive contexts, and data retention windows. Enforce permission checks across UI, exports, and APIs; log and audit manual adjustments and access to sensitive data. Provide secure exports with PII controls and comply with regional privacy requirements while preserving feature utility for leads.
When an upcoming rotation collides with a participant’s holiday or culturally sensitive period, FairShare automatically offers the next fair slot or a cross-swap that preserves the longer-term equity curve. No manual replanning, no surprise late nights before or after time off.
Integrate public holiday calendars by country/region and culturally sensitive periods with company calendars and personal PTO sources (Google Calendar, Microsoft 365, ICS). Normalize events into a unified, time zone–aware “availability exclusions” service mapped to each participant. Support full- and partial-day observations, multi-day periods (e.g., Ramadan, Lunar New Year), and half-days. Provide admin controls to select recognized sources, override or add custom dates, and set refresh cadence. Include privacy controls for personal PTO (visibility as “busy/holiday” only) and fallback manual inputs for users without connected calendars. Expose an API for other Timeglue services to query holiday/PTO windows during scheduling and swap computation.
Continuously scan upcoming rotation instances for each meeting series to detect overlaps with recognized holiday/PTO windows. Run both event-driven (on new holiday/PTO events or schedule changes) and scheduled jobs (e.g., hourly/daily) within a configurable lookahead horizon (e.g., 90 days). Respect guardrails such as work hours, focus blocks, and blackout days. Flag collisions when overlap exceeds a configurable threshold (minutes or percent of meeting duration). De-duplicate multi-participant conflicts and consolidate into a single incident. Surface incidents in the Timeglue UI and emit domain events to trigger the swap proposal flow.
Compute the next fair slot or cross-participant swap that preserves the longer-term equity curve for rotating meetings. Respect constraints: participant work hours, focus blocks, holiday windows, duration, and earliest/latest bounds per region. Simulate fairness impacts across a defined horizon to choose the minimal-disruption option. Provide deterministic tie-breakers, respect participant availability preferences, and avoid creating after-hours burdens before/after time off. Produce a rationale (inputs, constraints, fairness deltas) alongside proposals. Return one or more ranked options for consent/policy evaluation.
Provide a policy engine and UX to determine when proposed swaps auto-apply versus require participant consent. Support per-team and per-series rules (e.g., auto-apply for ±30 minutes changes, require consent for cross-day moves). Define response windows, reminders, escalation to team leads, and fallback behavior if no response (keep original, cancel, or apply best-effort safe alternative). Offer one-click accept/decline via email and Slack with in-app detail view and option to propose alternatives within guardrails. Respect DND/quiet hours and localization for notifications.
Apply confirmed swaps by updating calendar events for all attendees across Google Workspace and Microsoft 365 without creating duplicates. Preserve meeting links/rooms and series association by using exceptions where possible. Ensure time zone–correct updates, idempotent operations, rollback on partial failures, and consistent attendee notifications. Maintain Timeglue smart link integrity (same URL, updated metadata). Emit webhooks and activity events for integrations (e.g., Slack threads, project trackers).
Record a tamper-evident audit trail for each detected collision and applied/declined swap, including timestamps, actors, proposed options, selected outcome, fairness scores before/after, and policy decisions. Provide an in-app dashboard to visualize the equity curve over time, highlight impacts of holidays, and export data (CSV/JSON) for compliance or retros. Include configurable retention and privacy redaction for personal PTO details.
Deliver an admin/settings interface to configure Holiday Swap behavior: recognized holiday sources, cultural periods, fairness model parameters, eligible swap windows, blackout days, auto-apply rules, and notification preferences. Support per-team and per-series overrides with role-based access. Include a simulation/preview tool to test upcoming rotations under different policy settings and see projected equity outcomes before saving.
Balance fairness across multiple recurring meetings, not just within one series. Link standups, retros, and reviews so the same person isn’t repeatedly penalized across different cadences. FairShare coordinates rotations to keep each person’s total off-hour impact in a healthy range.
Enable users to group multiple recurring meetings (e.g., standups, retros, reviews) into a single balance group that shares a fairness policy. Provide UI to select series, map participants across series, and define group-level settings such as weighting per meeting type and maximum allowable off-hour impact. Persist groups, support edits and deletion, and enforce permissions so only authorized organizers can link or unlink series. Ensure identity resolution when attendees differ by calendar account or alias, and maintain an audit trail of membership and policy changes.
Implement a FairShare scoring engine that computes per-person off-hour impact across all series in a balance group. Account for working hours, focus blocks, holidays, weekends, time zone offsets, DST changes, meeting duration, and start-time penalties using a configurable severity curve. Recalculate scores incrementally when schedules, attendees, or policies change and expose results via API to the scheduler and UI. Handle partial attendance and required/optional roles, provide deterministic results, and degrade gracefully when inputs are missing or stale.
Create an optimization routine that proposes and schedules upcoming meeting times across all linked series to keep each participant’s cumulative off-hour impact within a configurable tolerance band. Respect hard constraints (work hours, holidays, focus blocks, required attendee presence) and support soft preferences with weights. Provide preview and commit flows, swap suggestions when conflicts arise, freeze windows to avoid late changes, and partial attendance handling. Upon commit, write back updates to connected calendars, ensure idempotency, and notify stakeholders of changes and rationale.
Ingest and normalize availability signals and policies from connected calendars and org settings, including working hours, focus blocks, PTO, and regional holidays. Support per-user preferences, team-level defaults, and group-level overrides for balance groups. Keep data fresh within a defined latency budget, reconcile conflicts between sources, and provide privacy controls to respect visibility scopes. Expose a consolidated availability model to the Fairness Score Engine and scheduler.
Provide a workflow for manual overrides when automatic balancing cannot satisfy all constraints. Allow organizers to set one-time exceptions, lock specific occurrences, and capture reasons for auditability. Generate next-best suggestions with quantified fairness trade-offs, and trigger automatic rebalancing of future instances to compensate where possible. Maintain an immutable audit log, support rollback, and send targeted notifications to affected attendees.
Deliver a dashboard and exports that visualize fairness over time across balance groups, including cumulative off-hour minutes per participant, upcoming risk hot spots, and forecasted impact under current rotations. Provide alerts via email/Slack when thresholds are breached, weekly digests summarizing fairness status, and CSV/JSON exports for leadership reporting. Surface actionable recommendations to reduce imbalance (e.g., adjust weights, expand acceptable windows).
Let attendees propose one-off slot trades within fairness constraints, with automatic recalculation of debt/credit. Approvals are one click and the ledger updates instantly, keeping the long-term rotation plan intact while accommodating real-life conflicts.
Provide an in-product flow to propose a one-time slot trade directly from the draggable timeline and event detail panes. The composer lets an attendee pick a requested slot, select one or more offered slots to trade, add an optional note, and preview validity against work hours, holidays, and focus blocks in real time. Hard guardrails prevent proposing swaps that violate team policies or create after-hours assignments. The UI surfaces affected participants, local times across regions, and the fairness impact before submission. Proposals are packaged into a lightweight object that can be shared via smart link or sent as an in-app notification, integrating seamlessly with Timeglue’s scheduling and timeline painting model.
Implement a policy-driven engine that evaluates swap eligibility and computes fairness impact. The engine enforces configurable rules such as maximum weekly after-hours burden, rolling-window credit/debit caps, holiday weighting, time-zone offset severity scoring, and blackout periods. It returns a pass/fail decision with human-readable reasons and a normalized fairness delta used to update the ledger. Policies are team-configurable by admins and evaluated consistently during proposal, approval, and reversion. The service is stateless, versioned for auditability, and exposes APIs for the UI, notifications, and rotation planner.
Create a per-member fairness ledger that tracks credits and debits resulting from completed swaps, expirations, and reversions. The ledger supports weighted scoring by slot severity (e.g., late-night, weekend, holiday), rolling windows, and configurable decay. It recalculates instantly when a proposal is accepted or withdrawn, and exposes current balance, recent transactions, and reasons to both individuals and admins for transparency. The ledger integrates with the rotation planner to keep long-term plans intact while reflecting one-off trades.
Enable recipients (and optional approvers) to approve or decline a swap in one click from in-app notifications or emails. Upon approval, the system atomically updates the event ownership/assignment, applies fairness deltas to the ledger, and updates all affected calendars. Approvals support expiry windows, dual consent, optional manager overrides, and auto-approval when policies permit. The workflow includes optimistic locking and conflict handling to prevent race conditions, and emits webhooks for downstream integrations.
Integrate swap outcomes with connected calendars (Google Workspace, Microsoft 365) to update invitations, ownership, and attendee lists while preventing double-booking. On approval, the system releases the original slot, holds the new slot, and commits changes only if both calendars confirm. It respects privacy settings, maintains ICS consistency for external guests, and backfills failed syncs via retry queues. Pre-approval validation checks for conflicts across work hours, focus blocks, and existing events to avoid creating overlaps.
Maintain an immutable audit log for the lifecycle of each swap, including proposals, validations, approvals, declines, expirations, and ledger adjustments. Provide admin tools to revert a swap with a reason, automatically reversing ledger effects and restoring calendar state when possible. The audit trail is filterable, exportable (CSV/JSON), and redacts sensitive details per role. Event-sourced records ensure traceability for compliance and allow reconstruction of historical fairness balances.
Offer ranked suggestions for viable counter-slots and participants based on fairness relief, availability within work hours, timezone fit, and policy compliance. When a user selects a conflict slot, the system computes candidate trades, scores them, and presents a short list with predicted ledger impact and local-time previews. Supports filters (e.g., exclude holidays, prefer same-day) and gracefully degrades when limited options exist. The service is designed to support future multi-party chains but initially limits to two-party swaps for simplicity.
Build locale labor rules and rest-period requirements into rotations, blocking suggestions that risk non-compliance. FairShare surfaces safe alternates and explains the rule that applied, giving leads confidence that fairness never violates policy or law.
Centralized, extensible repository of jurisdiction-specific labor constraints (maximum daily/weekly hours, mandatory rest windows, night work limits, on-call recovery, weekend rules) with effective dates and version history. Rules are scoped by country, state/province, and union/contract where applicable, and mapped to each participant’s employment locale in Timeglue. Supports rule composition, precedence, and exceptions, and ships with curated defaults plus admin-defined custom rules. Integrates with Timeglue’s working hours, holidays, and focus blocks to compute combined constraints, and exposes a rules catalog and metadata (IDs, citations, summaries) for downstream enforcement and explainability.
Deterministic rule engine that evaluates proposed meetings and rotations against the active rule set and blocks non-compliant suggestions in real time. Hooks into the draggable timeline, smart link suggestions, and rotation generators to validate rest periods, hour caps, and protected time before slots are displayed or confirmed. Provides consistent evaluation across UI and API, handles time zone conversions and DST, and returns structured violation payloads (rule ID, severity, interval, participants) for UI messaging and logging.
When a candidate slot is blocked, the system computes and ranks compliant alternates that preserve fairness across participants and respect work hours, holidays, and focus blocks. Uses a constraint solver to search adjacent windows and rotation offsets, balancing equity metrics (time-of-day distribution, off-hours burden) while guaranteeing legal compliance. Integrates into the timeline and smart links, presenting up to N best options with minimal disruption to existing plans.
Human-readable explanations that show which rule triggered, why it applied, and how to resolve, including jurisdiction, effective dates, citation, and impacted intervals. The UI highlights the conflicted span on the timeline, displays the rule summary and next compliant windows, and supports localization. The API returns machine-readable details for integrations, enabling audit trails and user notifications.
Controlled workflow for authorized admins to request one-time or bounded overrides with mandatory justification, configurable approval steps, and risk acknowledgment. Overrides are time-limited, granular to participant and rule, and never bypass critical hard-stop rules where prohibited. All actions are recorded with timestamps, actors, and diffs, with exportable logs and alerts to compliance stakeholders.
Administration tools and APIs to assign employment locale and legal profile to users and teams, including hierarchy defaults and per-user exceptions. Supports HRIS import and periodic sync, travel/temporary assignments with start/end dates, and resolution rules when locale differs from current timezone. Ensures enforcement aligns with employment contracts while maintaining correct time zone math in Timeglue.
Before you lock a recurring series, simulate the next quarter’s rotations and see projected fairness scores by person and region. Tweak cadence, duration, or weights and watch equity and compliance outcomes update instantly, so you ship a plan everyone can live with.
Implement a deterministic simulation engine that expands recurring-meeting rules (cadence, duration, start anchors) over the next quarter to produce projected occurrences per participant and region while honoring Timeglue constraints (work hours, holidays, focus blocks, and existing calendar conflicts). Compute multi-dimensional fairness metrics, including distribution of early/normal/late local-time bands, after-hours exposure, rotation balance by person and region, adherence to target participation weights, maximum consecutive unfavorable slots, and skip-gap limits. Support configurable weights per person and region, hard vs. soft constraints with penalty scoring, tie-break strategies, and seedable randomness for reproducibility. Output a normalized 0–100 fairness score with detailed per-entity breakdowns, violations, and recommendations, available to the UI and via internal service APIs.
Provide interactive controls (sliders, inputs, and toggles) to tweak cadence (weekly/biweekly/monthly), meeting duration, anchor timezone, allowed windows, participant/region weights, and constraint strictness with instant recomputation of outcomes. Use debounced, incremental recompute to keep updates sub-second, show loading states and confidence deltas, and preserve UI responsiveness. Include preset templates (Follow the Sun, Region Rotation, Weight by Role), undo/redo of parameter changes, and reset-to-baseline. Persist the current parameter set in the URL for sharable, reproducible simulations.
Model and enforce organization and regional policies during simulation, including local working-hour windows, country/state holidays, daylight savings transitions, maximum weekly after-hours occurrences, minimum recovery gaps between unfavorable slots, weekly hour caps, and required rest periods. Support both hard constraints (block scheduling) and soft constraints (penalize in scoring) with clear surfacing of violations and suggested remedies. Ingest policies from Timeglue org settings and regional calendars; allow per-person overrides with audit trails.
Deliver interactive visualizations that make equity legible: per-person heatmaps across local time bands, bar charts of early/late counts, region-level fairness summaries, and trend lines across the quarter. Highlight outliers and violations with tooltips that explain contributing constraints and weight effects. Provide an explainer panel that shows how the overall fairness score is calculated, including component weights and penalties, with accessible color palettes, keyboard navigation, and screen-reader-friendly descriptions. Support exporting charts as PNG/SVG for stakeholder reviews.
Enable saving named scenarios that capture input parameters, seeds, and results, with baseline tagging and timestamps. Provide side-by-side comparison of scenarios, showing deltas in fairness scores, violations, and distribution metrics at person and region levels. Generate shareable, permissioned links for view-only access and export PDF/CSV reports summarizing assumptions, constraints, and projected outcomes for sign-off.
Meet non-functional targets required for instant feedback: recompute results in under 1.5 seconds for up to 100 participants across 10 regions over 13 weeks with at least three candidate windows per week. Implement incremental diff recomputation, memoization, and worker-thread offloading to avoid UI jank, with graceful fallback to background jobs if thresholds are exceeded. Provide telemetry for compute time, cache hit rates, and constraint-violation density, and set guardrails for memory usage and concurrency to support simultaneous simulations.
Reserve premium booking windows for approved roles and account tiers while directing others to off‑peak options. Slots reveal dynamically based on SSO groups and account tier, protecting team focus time and prioritizing top customers without manual policing.
Integrate with enterprise identity providers via SAML/OIDC to ingest user identity and group membership, and map billing/CRM account tiers into an internal access level used by Prime Hour Shield. Support SCIM for automated group sync, domain-based heuristics for guests, and a policy mapping table (group/tier → prime access rule). Provide short-lived caching with graceful degradation when identity is unknown and admin tools to test mappings and resolve conflicts. Enforce data handling standards (SOC 2, GDPR) and least-privilege access to identity data.
An admin UI and backend model to define prime booking windows per team, host, and calendar. Policies support days of week, time ranges in the host’s time zone, optional daily/weekly quotas, blackout dates, and per-role/tier eligibility. Include validation to prevent overlapping or contradictory rules, inheritance from workspace defaults, versioning with effective dates, and change logs. Policies must layer on top of existing work hours, holidays, and focus blocks and never expand availability beyond baseline constraints. Provide preview and “simulate as role/tier” capabilities to verify outcomes before publishing.
The booking experience must dynamically reveal or withhold prime-time slots based on the viewer’s authenticated identity, SSO group membership, and account tier. Support a seamless flow where off-peak is shown by default and prime slots are revealed after sign-in or token verification without a full reload. Hidden slots must be non-enumerable and protected by server-side authorization, signed link tokens, and client-side guards. Implement edge caching keyed by authorization state to maintain low latency under load.
When a viewer lacks prime access, automatically route them to off-peak options with contextual messaging and CTAs tailored to their tier (e.g., “Request prime time,” “Upgrade for priority access”). Support customizable copy, localization, and per-link configuration. Respect the viewer’s time zone, surface the earliest acceptable off-peak times, and avoid after-hours in the booker’s region. Emit events for impressions, clicks, and conversions to support ongoing optimization.
Provide a lightweight approval workflow to grant temporary prime access for specific invitees or events. Include one-time access tokens, expirations, and Slack/email notifications to approvers. Approved access should immediately unlock prime slots on the recipient’s booking page and be fully auditable. Support bulk exceptions, revocation, and safeguards against token sharing by binding tokens to email identity and short TTLs.
Capture metrics such as prime slot exposure rate, bookings by tier/role, blocked attempts, override usage, and time protected. Provide workspace dashboards, CSV export, and webhook/BI integrations. Maintain immutable audit logs for policy changes, access decisions, and token grants to meet compliance needs and facilitate incident investigation.
Integrate Prime Hour Shield with the availability engine so that prime windows are computed as an overlay on baseline availability, which already honors work hours, holidays, and focus blocks. Implement deterministic conflict resolution to ensure prime windows never expose times blocked by the host’s calendar. Add robust tests across time zones, DST transitions, and multi-host meetings, plus guardrails and admin warnings if constraints eliminate all slots.
Auto-sync roles, account tiers, and entitlements from your IdP/HRIS/CRM (e.g., Okta, Azure AD, Salesforce) into Gatekeeper policies. Rules update in real time as people change teams or accounts upgrade, eliminating manual list maintenance and preventing misrouted bookings.
Deliver prebuilt, configurable connectors for Okta, Azure AD/Microsoft Entra, Google Workspace, and Salesforce to ingest users, groups, org units, roles, account tiers, and entitlements into Timeglue. Support SCIM 2.0 and vendor REST APIs with OAuth 2.0/OIDC auth, least-privilege scopes, secure secret storage, pagination, delta queries, and rate-limit/backoff handling. Enable multi-tenant isolation, field selection, and initial full import with resumable checkpoints and retries. Normalize identities across sources and emit a canonical profile for Gatekeeper consumption.
Process near real-time updates by subscribing to provider event streams (e.g., Okta Event Hooks, Microsoft Graph change notifications, Salesforce CDC) and SCIM provisioning calls. Ensure idempotent, ordered application of events via a durable queue, with de-duplication keys and out-of-order handling, targeting sub-5-minute end-to-end propagation. Provide periodic reconciliation jobs as fallback, plus exponential retry, dead-letter queues, and backpressure to maintain freshness and resilience.
Offer an admin UI to map external attributes (groups, roles, plans, entitlements) to Timeglue roles and Gatekeeper policy attributes. Include transformation functions (normalization, regex, list ops, conditional expressions), default values, and lookup tables for CRM plan-to-tier mapping. Provide versioned configurations, change previews, validation, and sample-payload testing with dry-run results before applying to production.
Enable per-attribute source authority and merge strategies when multiple systems supply overlapping data. Support ordered precedence lists, last-write-wins with timestamp tolerance, staleness TTLs, and explicit overrides. Detect and prevent cyclical updates between systems, annotate records with provenance, and expose effective values to Gatekeeper with reasoning metadata for transparency and troubleshooting.
Automatically add or remove users from Gatekeeper policies and entitlements based on synced attributes, updating booking permissions, meeting lengths, time windows, and after-hours protections. Apply changes atomically to avoid transient access, backfill missing enrollments, and immediately deprovision on termination or tier downgrade with optional grace periods. Emit user and admin notifications for impactful changes and ensure policy evaluations are consistent across web and API.
Record immutable logs for every sync and policy-affecting change, including source system, event type, actor/system, timestamps, before/after values, applied mappings, and precedence decisions. Provide searchable UI and exportable APIs, scheduled compliance reports, and integrations for Slack/email digests. Enforce retention policies and access controls to meet audit and regulatory requirements.
Provide a consolidated console showing connector status, last successful sync, lag, throughput, and error rates per source. Include manual test sync, reprocess from checkpoint, dead-letter inspection, and secrets rotation. Surface alerts via email/Slack/webhook for failures or excessive drift, and expose operational metrics (latency, queue depth, webhook failures) for observability and on-call readiness.
Enforce per-account booking quotas with real-time counters, soft/hard limits, and configurable grace periods. Display remaining quota in-link, forecast depletion, and throttle or reroute requests before SLAs are at risk—preventing overcommit and protecting team bandwidth.
Implements atomic, low-latency counters that track bookings per account, team, and user across all Timeglue entry points (links, embed, API). Supports fixed and rolling windows, sub-quotas by booking type, and multi-region consistency with idempotent increments and concurrency control. Integrates into the scheduling decision pipeline to evaluate remaining capacity before slot confirmation, with cached reads and write-through updates under a strict latency budget. Provides graceful degradation (read-only mode, sticky partials) and emits structured metrics for observability. Ensures reset cadences (daily/weekly/monthly) and holiday-aware windows align with Timeglue work hours and focus blocks.
Delivers a policy engine and admin UI to define per-plan and per-resource quota rules, including soft vs. hard limits, grace period durations, burst allowances, and reset schedules. Policies can be scoped to account, team, or booking type and include exceptions for holidays and maintenance windows. Validates configurations, supports versioning and safe rollbacks, and propagates updates without downtime. Integrates with billing/plan tiers and maps policy outcomes to user-facing messages and HTTP responses.
Surfaces remaining quota, percent used, and time-to-reset directly within public scheduling links and embedded widgets. Provides a branded, accessible UI (A11y labels, color contrast) with optional progress bars and discreet badges. Localizes reset times, respects privacy settings (hide exact counts when configured), and degrades gracefully if data is temporarily unavailable. Emits analytics events (impressions, clicks) and ensures sub-150ms add-on latency to preserve conversion.
Forecasts quota depletion using recent consumption trends to estimate the date/time remaining under current velocity. Supports configurable alert thresholds (e.g., 80%, 95%, T-3 days) and channels (email, Slack, webhooks), with noise suppression, digests, and one-click plan upgrade prompts. Exposes forecasts and alert state in the account health dashboard and API, including confidence ranges and rationale for transparency.
Introduces pre-commit backpressure when approaching or exceeding limits: token-bucket throttling, short-lived request queues with TTL, and rerouting logic to alternative hosts or slots with available quota. Enforces fairness across concurrent requests, returns structured user messaging for soft-limit scenarios, and integrates with SLA guardrails to avoid after-hours or overcapacity bookings. Provides observability (rates, drops, reroutes) and configurable per-plan behaviors.
Creates an immutable, searchable log of quota evaluations, decisions (allow, soft-warn, throttle, block), and policy changes with actor, timestamp, request ID, and contextual metadata. Supports retention policies, export to CSV/SIEM, fine-grained access controls, and links from booking records for end-to-end traceability. Enables filters by account, team, time window, and outcome to expedite investigations and compliance reviews.
Provides authenticated endpoints (REST/GraphQL) to retrieve current usage, remaining quota, window reset times, and forecast data, plus management endpoints for policy inspection. Emits webhooks for threshold crossings, policy updates, and forecast changes with idempotency keys and retry semantics. Includes OAuth scopes, pagination, rate limits, versioning, SDKs, and comprehensive docs to support partner and internal integrations.
Apply conditional attendee caps by segment (internal vs. external), tier, region, or time of day. Automatically waitlist overflow, suggest smaller-group alternates, and enforce the right mix of attendees so sessions stay productive and compliant.
Provide a configurable rules engine that lets organizers and admins define attendee caps by segment (internal vs. external), customer tier, region, role, and custom tags. Rules can be attached to meeting types and templates, with precedence and conflict resolution when multiple rules apply. At booking time, the engine evaluates invitee metadata from directory/CRM integrations to compute allowable seats per segment and total caps. The system surfaces inline validation, clear error messages, and guidance when a booking would exceed caps, and logs decisions for auditability. This integrates with Timeglue’s existing availability and template model so caps are enforced consistently across smart links and direct bookings.
Enable organizers to paint cap bands directly on the draggable scheduling timeline, varying caps by time of day and day of week. Bands can lower caps during focus hours or raise them during open office windows, and can be repeated via recurrence rules. The UI layers cap bands alongside work hours, holidays, and focus blocks, with visual cues for where caps differ. The booking engine interprets these bands in real time, ensuring the correct cap for the specific time slot is applied. Bands are saved within meeting type templates for reuse across smart links.
When a session reaches its configured cap, additional registrants are placed on an ordered waitlist with policies for ordering (FIFO, segment or tier-based priority). On cancellations or capacity changes, the system automatically promotes waitlisted attendees, sends confirmations via email/Slack, and updates calendar invites. Organizers can override, re-order, or lock the waitlist, with full audit trails. The waitlist state is exposed in the booking UI and via API so stakeholders always see current capacity and queue position.
Allow admins to define mix constraints such as minimum internal facilitators, maximum externals without corresponding internals, regional representation requirements, or ratios by tier. The system validates these constraints during booking and updates, offering hard blocks or soft warnings with justifications. Real-time checks run against attendee lists, resources, and role assignments, and continue to enforce constraints when attendees are added or removed post-booking. Violations generate alerts and are captured in compliance logs for reporting.
When caps are exceeded or mix rules cannot be satisfied, suggest alternate times that meet capacity and policy constraints, or propose auto-splitting into multiple smaller sessions optimized around attendees’ overlap windows. Provide ranked suggestions with predicted attendance fit, one-click creation of alternates, and automatic distribution of waitlisted or overflow attendees. Suggestions respect work hours, holidays, focus blocks, and existing cap bands, and preserve organizer preferences such as required attendees or presenters.
Introduce reusable cap policy templates that encapsulate segment caps, mix rules, and time-window bands. Templates can be versioned, approved, and assigned by workspace, team, or meeting type, with role-based access controls. Provide API endpoints and webhooks to read, validate, and apply policies, plus SCIM/HRIS and CRM mappings to keep segment, tier, and region attributes current. All changes are tracked with audits and effective dates to ensure consistent governance across Timeglue.
Generate a tamper-evident, exportable log for every gate decision—who booked, why they were allowed/blocked, which rule version applied, SSO attributes used, quota state, and approver. One-click CSV/JSON exports satisfy audits and build trust with stakeholders.
Implement an append-only event store for all scheduling gate decisions that forms a tamper-evident chain via cryptographic hashes. Each entry must reference the previous entry’s hash and include its own canonicalized payload hash to prevent undetected modification or reordering. Writes are triggered synchronously by the booking/gating pipeline and include retries and idempotency keys to ensure exactly-once recording without impacting booking latency. The ledger partitions by workspace to scale horizontally and supports time-ordered pagination with stable identifiers. Storage enforces logical immutability (WORM semantics) at the application layer and validates chain continuity on write. Operational tooling exposes chain health metrics and alerts on gaps, forks, or integrity check failures.
Define and implement a versioned event schema that captures who initiated the booking, the target, workspace/team, link or flow ID, decision outcome (allowed/blocked/pending), and a structured rationale. Record the ruleset and rule version applied, evaluation trace identifiers, and any SSO attributes or policy claims used at decision time with field-level sensitivity classifications. Include quota state snapshots (before/after counters and window identifiers), approver identity and channel (if applicable), timestamps, correlation/request IDs, and external calendar IDs. Sensitive attributes are encrypted at rest and redacted in views based on caller permissions. Provide forward- and backward-compatible schema evolution with migrations and a dictionary of fields/semantics. Validate events at ingestion to ensure completeness and consistency across all decision sources.
Add UI and API endpoints to generate audited exports of ledger entries with one click, supporting CSV and JSON formats. Exports allow filtering by date range, workspace/team, decision outcome, link ID, user, and rule version, and let users select columns to minimize PII exposure. Large exports run asynchronously as jobs, provide progress status, and deliver expiring, access-scoped download URLs with optional compression. Each export includes a manifest containing record counts, file checksums, and the ledger chain tip hash at export time. Export processes respect retention, redaction, and access policies and are rate-limited to protect system stability. Notifications inform requesters upon completion, and errors include actionable remediation hints.
Introduce granular RBAC and ABAC for viewing, searching, and exporting the audit ledger, with permissions scoped by workspace, team, and time window. Distinct capabilities include View Summary, View Sensitive Fields, Export, and Manage Ledger Settings, each assignable to roles such as Admin, Owner, and Auditor. Integrate with SSO (SAML/OIDC) and optional SCIM to map identity attributes to permissions and apply field-level masking for sensitive SSO attributes. All access attempts and export actions are themselves logged to a separate administrative audit stream. Provide administrative UI and APIs to grant, review, and revoke access with reason tracking and expiry. Deny-by-default posture ensures least-privilege and reduces compliance risk.
Provide end-to-end integrity verification by offering cryptographically signed exports and chain verification tools. Each export bundle is signed with a managed platform key and includes a public key reference and checksums to enable independent verification by stakeholders. Expose an API/CLI that recomputes the hash chain over a selected range and reports anomalies, with a UI indicator showing the latest verified chain tip. Periodically anchor the chain tip to an external timestamping service to make tampering externally detectable. On verification failures, block new exports and surface alerts to administrators. Documentation and samples enable auditors to validate integrity without Timeglue console access.
Implement configurable retention policies per workspace to automatically purge or pseudonymize ledger records after defined periods while preserving evidentiary integrity via salted hashes or tokens. Support legal holds that suspend purging for specified scopes with audit trails capturing who applied the hold and why. Enable field-level redaction of sensitive SSO attributes in stored events and exports, marking redacted fields in manifests for transparency. Ensure data residency options and encrypted backups align with compliance requirements, and use object locking or logical WORM to prevent premature deletion. Provide admin UI and APIs to manage retention, redaction templates, and holds, and surface policy evaluations in export job summaries. All lifecycle actions are themselves auditable and reversible only within allowed policy windows.
Offer blocked visitors a streamlined override request with reason and context. Route to the right owner with SLAs, enable time-bounded approvals, and record the exception automatically—unblocking edge cases without weakening your guardrails.
Display a streamlined override request form on the block screen when a proposed meeting violates guardrails (after-hours, holidays, focus blocks). Capture reason, desired time window, urgency, and contact details; pre-fill context from the shared link (meeting type, organizer, invitee email if known). Ensure responsive, accessible, and localized UI. Validate and persist submissions, then hand off to routing while preserving original guardrail settings. Allow link/team-level configuration of required fields and custom prompts.
Automatically route incoming access requests to the correct owner based on link, organizer, meeting type, and workspace rules (team owners, delegates, on-call). Deliver notifications via in-app inbox, email, and Slack with fallbacks and business-hours awareness. Support round-robin for team-owned links and attach full context so approvers can decide quickly. Provide workspace and link-level routing configuration integrated with Timeglue’s user, team, and permissions models.
Allow admins to define response SLAs per team or link (e.g., respond within 4 business hours). Start timers on submission, show countdown in approver UI, send reminders, and escalate to backup approvers when thresholds are breached. Auto-decline with a customizable message if SLA expires. Track all events for reporting and include SLA adherence in analytics.
Enable approvers to grant narrowly scoped overrides: one-time slot, limited date range, recurring window, or limited count; optionally constrain by participants. Set automatic expiry and revocation. Apply overrides that temporarily relax only the necessary guardrails (e.g., extend work hours by 30 minutes) without changing baseline settings. Enforce constraints during scheduling and link the exception to the resulting meeting.
Provide actionable notifications and a compact approval UI in Slack, email, and the web app to approve/deny with one click, preview conflicts, propose alternative windows, and add notes. Sync actions in real time across channels and automatically update the requester with the outcome and next steps. Include safety checks that highlight after-hours or focus-block impacts before approval.
Record an immutable audit trail for each request: requester, approver, timestamps, reason, context, constraints applied, outcome, and notifications sent. Store exceptions as first-class records linked to users, links, and meetings. Provide an admin view with filters, search, and export, and surface metrics such as volume, approval rate, and SLA adherence. Respect workspace data retention policies.
Protect the request surface with rate limiting, CAPTCHA, email/domain verification, and spam heuristics. Redact sensitive data in notifications by default with opt-in reveal for approvers. Enforce least-privilege access to request data, encrypt data in transit and at rest, and honor retention and deletion policies. Provide a block-list for abusive senders and throttle repeated denials.
AI‑assisted painting that snaps your rough strokes to the safest overlap blocks automatically. It expands or trims selections to minimize after‑hours impact and respect work hours, holidays, and focus blocks—so you get optimal windows in seconds without pixel‑perfect tinkering.
Implements the core AI optimization that expands or trims a user’s rough painted strokes into the safest overlap windows across participants. The engine ingests each participant’s work hours, holidays, and focus blocks from Timeglue’s availability model, applies configurable penalties for after-hours impact, and returns contiguous time blocks that meet minimum duration and buffer constraints. It must handle multi-region scenarios, resolve daylight saving shifts, and prioritize windows that minimize total off-hours minutes. Outputs are deterministic for identical inputs, support tie-breaking rules (e.g., fewest people partially impacted), and return confidence scores to downstream UI components. The engine exposes an internal API used by the timeline canvas and smart link generation, enabling consistent behavior across create/edit flows.
Provides sub-200ms interactive snapping as the user paints on the draggable timeline. As the pointer moves, the UI calls the constraint engine with incremental selections, rendering a preview overlay that shows the exact snapped block boundaries, duration, and impact chips (e.g., +0 after-hours, 1 minor conflict). Includes smooth animations, hover tooltips, and keyboard nudge controls for fine adjustments. If network latency spikes, the component falls back to local heuristics and reconciles when the authoritative result returns. Integrates with existing timeline zoom levels and supports both single and multi-day ranges.
Adds user-configurable controls that influence Smart Fill decisions: acceptable after-hours tolerance per participant role, minimum/maximum meeting duration, required buffers before/after, earliest/latest local times, and preference presets (e.g., "Zero After-Hours", "Balanced", "EU-Friendly"). Preferences can be saved at workspace, team, and link-template levels, and are respected by Smart Links. Validation prevents contradictory settings and surfaces conflicts proactively. The UI exposes sliders and toggles, while the engine consumes a normalized policy object for consistent application.
Synchronizes the data Smart Fill relies on: working hours, holidays, OOO events, and focus blocks from connected calendars (Google, Microsoft) and Timeglue workspace policies. Includes deduplication and precedence rules (e.g., explicit OOO overrides working hours), time zone resolution, and daylight saving handling. Provides a caching layer with freshness indicators and graceful degradation if a source is temporarily unavailable. Emits a normalized availability graph consumable by the constraint engine and exposes audit logs for debugging unexpected suggestions.
Surfaces the rationale behind each snapped window so users trust and adjust results. The UI shows per-participant local times, after-hours minutes avoided vs. alternatives, conflicts resolved, and which constraints drove the selection (e.g., holiday avoidance, focus block protection). Provides a side-by-side comparison panel for up to three candidate windows and a "Why not earlier/later?" drill-down. All explanations are derived from the same policy and availability data to ensure consistency with final outcomes and are available in both the editor and Smart Link previews.
Allows users to override Smart Fill by manually reshaping or trimming a snapped block while preserving constraint visibility. Users can lock selected segments to prevent re-optimization, and use undo/redo to step through changes. The system marks overridden areas and recalculates impact metrics in real time so trade-offs are clear. Overrides are persisted to the scheduling artifact (event draft or link template) and honored by subsequent Smart Fill operations unless unlocked.
Save multiple canvas scenarios (A/B/C) and compare coverage, after‑hours minutes, legal risk, and fairness impact side by side. Choose the best plan with clear metrics, then publish it to links or series with one click.
Enable users to save multiple named snapshots of the scheduling canvas (e.g., A/B/C) with immutable state, including team lineup, time zone assumptions, work hours, holiday calendars, focus blocks, and selected constraints. Provide cloning to iterate from an existing snapshot, tagging for organization, and automatic versioning with creator, timestamp, and notes. Ensure snapshots capture all dependent configuration so results remain consistent despite subsequent global setting changes, and support deduplication and storage quotas. Enforce permissions so only authorized editors can create, update notes, clone, or archive snapshots, while viewers can access read-only details. Handle DST boundaries and future holiday updates by persisting effective calendars at snapshot time. Provide reliable persistence, quick retrieval, and conflict-safe operations.
Compute standardized metrics for each snapshot and their deltas side by side, including total team coverage window, participant-specific after-hours minutes, conflict counts with focus blocks, holiday conflicts, legal/policy risk score based on organization rules, and fairness impact indices (e.g., distribution of off-hour burden across time zones). Support configurable weights and thresholds, baseline selection for delta calculations, and normalization across team size and role criticality. Accurately account for DST changes, regional holidays, and individual work-hour exceptions. Provide caching and incremental recomputation to keep comparisons fast on large teams, with clear definitions and tooltips for each metric. Expose a stable API to the UI, include validation, and record metric computation versions for auditability.
Present up to N snapshots in a responsive, accessible grid with metric cards that align by category and highlight best values and negative trade-offs. Allow sorting by any metric, toggling between absolute values and deltas from a chosen baseline, and expanding a snapshot to see participant-level breakdowns. Provide color-coded indicators, tooltips with metric definitions, and quick filters (e.g., hide snapshots exceeding risk thresholds). Enable renaming, tagging, and notes inline, and preserve the compare view state in the URL for easy sharing. Ensure keyboard navigation, screen-reader labels, and performant rendering for large metric sets.
Allow selection of a winning snapshot from the compare view and publish it with one click to Smart Links or recurring series, syncing to connected calendars (e.g., Google Workspace, Microsoft 365) while honoring work hours, focus blocks, and holiday constraints. Perform pre-publish validation for conflicts and policy thresholds, present a concise confirmation summary, and provide automatic notifications to participants. Support rollback to the prior plan, idempotent retries, and audit logging of publish events. Update any existing shared links to point to the new plan while preserving historical access to archived snapshots.
Provide organization-level controls to configure weights and thresholds for legal/policy risk and fairness metrics used in comparisons. Offer recommended presets by region and company size, allow team-level overrides with permissions, and show real-time impact of changes on computed scores in the compare view. Version and timestamp policy configurations and associate them to snapshots for reproducibility. Support import/export of policy settings and guardrails to prevent publishing snapshots that exceed mandatory thresholds.
Introduce role-based permissions for creating, comparing, and publishing snapshots, with optional approval workflows when risk thresholds are exceeded or cross-team schedules are impacted. Maintain an audit trail capturing snapshot creation, edits, metric versions, comparisons, approvals, and publish actions with actor, timestamp, and changes. Provide exportable logs and retention controls aligned with organizational policies. Ensure sensitive participant-level metrics are masked for viewers without appropriate access.
Generate read-only compare reports that can be shared via expiring links and exported to PDF or CSV for offline review. Include key metrics, deltas, visual highlights, assumptions, and snapshot notes, with options to redact sensitive fields. Support embedding a live compare widget in internal wikis, preserve accessibility in exports, and watermark documents with snapshot IDs and timestamps for traceability.
Drop in a candidate, customer, or partner by email or time zone to preview their hours and holidays on the heatmap—without changing your team setup. Generate an ephemeral share to validate choices before sending a formal invite.
Allow users to add an external participant by entering an email address or selecting/providing an IANA time zone. Validate inputs, resolve the guest’s local time zone when explicitly provided, and default to a selectable region if only partial information is available. The guest is treated as a transient session entity and is not persisted to the team roster or calendar integrations. Provide clear UI affordances to add, replace, or remove the guest with immediate feedback. This enables fast, low-friction previews of a guest’s availability context without altering team settings, supporting the "drop-in" workflow central to Guest Overlay.
Render the guest’s working hours, off-hours, and holidays as an overlay on the existing team heatmap using distinct colors, patterns, and legend labels. Harmonize scales and time axes so that team members and the guest are aligned visually. Provide hover tooltips with local-time rollovers for all parties and keyboard-accessible focus states. Respect existing Timeglue rules (work hours, focus blocks) for the team while applying the guest’s constraints in parallel. Ensure smooth performance for timeline drag, zoom, and paint operations with the overlay active. The result is an at-a-glance visualization that reveals mutual sane windows without modifying team configuration.
Determine and apply the guest’s public holidays based on their selected time zone and, when available, a user-confirmed country/region. Provide sensible defaults when only a time zone is known and allow manual override of country/holiday calendar. Fetch holiday calendars from a reliable source, cache them, and handle yearly rollovers. If no holiday data is available, clearly indicate that the overlay excludes holidays. This ensures the heatmap accurately reflects non-working days for the guest and avoids proposing impractical dates.
Create a secure, time-bound share link that encodes the current overlay state (guest context, proposed windows, timeline position) for external validation. Links should be tokenized, revocable, and configurable with TTL and view limits. The shared view must be read-only, require no Timeglue account, and present minimal necessary context (no team internals). Support deep-linking back to the editor for the owner and capture basic open metrics. This enables recipients to review candidate windows before any formal invite is sent, reducing back-and-forth.
Ensure the Guest Overlay workflow does not persist external PII beyond what is required for the session and ephemeral shares. Mask guest emails in UI and links where possible (e.g., first/last character reveal), encrypt tokens at rest, and avoid writing guest data to team settings or calendar providers. Provide explicit retention rules (e.g., auto-expire share links and associated session data after a short period) and surface a clear privacy notice. Log access events for security auditing without storing full identifiers. These safeguards maintain trust and compliance while enabling collaboration.
Allow users to promote a validated overlay state into a formal Timeglue invite in a single action. Pre-fill attendees, mutually acceptable windows, and constraints while re-checking against team work hours, focus blocks, and the guest’s time zone and holidays. Provide conflict detection and suggest nearest compliant alternatives if a chosen slot is no longer valid. Hand off to the existing invite flow (including ICS generation and calendar integration) without duplicating configuration. This streamlines handoff from preview to commit, reducing errors and steps.
Tune the canvas to today’s priorities with adjustable weights for factors like focus blocks, after‑hours tolerance, holidays, and prime‑hour protection. The heatmap recalculates instantly, revealing the best windows for launch weeks vs. steady state.
Provide an intuitive control panel with sliders/toggles to adjust weights for key scheduling factors (focus blocks, after‑hours tolerance, holidays, prime‑hour protection, travel buffers). Changes apply to the active canvas and persist per user profile. Include default values, inline help/tooltips describing each factor’s effect, and reset-to-default. Controls must be keyboard-accessible, support screen readers, and work on desktop and mobile. Settings sync across sessions and devices and are scoped to workspace when applicable.
Recompute and redraw the availability heatmap in near real time when factor weights change, without page reloads. The scoring engine must combine participant work hours, focus blocks, holidays, and prime-hour protections using the current weights and update visible slots within 150 ms for up to 12 participants across 8 time zones. Use debounced input, off-main-thread computation (e.g., Web Workers), and incremental rendering to avoid UI jank. Maintain correctness with partial data and show a lightweight loading state when recomputation exceeds threshold. Log performance metrics for ongoing tuning.
Offer curated presets (e.g., Launch Week, Steady State, All‑Hands, Customer Call) that preconfigure factor weights for common scenarios. Allow users to create, name, save, and update custom profiles, set a default profile, and switch with one click. Support workspace-level shared presets managed by admins and personal presets for individuals. Provide import/export of profiles as JSON for portability and versioning with change history.
Enable smart links that capture the current weight configuration (or selected preset) and apply it for recipients when opening the scheduling canvas. Support optional parameters: read-only vs. allow-copy, expiry, and workspace scoping. Ensure secure encoding of settings, respect recipient permissions, and display a banner indicating the active shared configuration with an option to adopt or revert.
Provide an on-hover or tap panel that explains a time slot’s score by factor (e.g., +8 prime hours, −5 after-hours penalty, −3 focus block conflict, +2 holiday alignment). Highlight the top contributors and blockers, and link to the relevant calendar items or policies when possible. Allow copying the breakdown to clipboard for async decision-making. Ensure the explanation mirrors the exact scoring formula to build trust.
Allow workspace admins to define min/max bounds and defaults for weights (e.g., cap after-hours tolerance, enforce prime-hour protection) at workspace or team level. Display guardrails in the UI and prevent users from exceeding policy limits, with clear messaging. Include an audit log of changes to policies and overrides, and apply policies to presets and shareable links.
Expose REST endpoints to list presets, read/update user or workspace weight settings, and compute scored availability windows given participants and a weight profile. Support signed deep links for external tools. Add webhooks for events such as preset applied, weights changed, and link opened. Include OAuth scopes, rate limits, and idempotency to integrate safely with calendars, CRMs, and internal tools.
Click any high‑risk area to see exactly what’s blocking it—who’s after hours, which holiday applies, or which focus block conflicts—plus one‑click alternates that resolve the issue with minimal shift.
When the user clicks any red (high‑risk) zone on the scheduling timeline, open a contextual detail panel that enumerates each blocking factor with precise attribution: participant(s) outside work hours (with local time and work window), applicable holiday (country/region and holiday name), and conflicting focus block (source calendar and block title). The panel anchors to the selected time range, displays the user’s chosen slot, and highlights which attendees are impacted and why. Integrates with Timeglue’s timeline, participant profiles, and calendar sync to fetch real-time constraints. Provides clear, scannable tags for each cause, links to underlying source (e.g., calendar event), and non-color indicators to ensure clarity for all users. Expected outcome: users instantly understand why a time is unsafe without manual time‑zone math or back‑and‑forth messaging.
Consolidate multiple overlapping constraints into a single explanation with ranked root causes. Apply a deterministic ranking model (e.g., policy overrides required > hard holiday > outside work hours > focus block) and show the top cause prominently with expandable secondary causes. Group identical conflicts (e.g., 4 attendees after hours) and present counts with drill‑down to individuals. Ensure the ranking model is configurable at the org level and supports localization of labels. Expected outcome: users see the most material blocker first and can drill down only as needed, reducing cognitive load.
Offer one‑click suggestions that minimally shift the selected time to resolve conflicts (e.g., “+30m resolves after‑hours for 3 attendees”). Compute nearby viable windows using participants’ constraints, showing up to 3 closest options with a per‑option impact summary (who becomes compliant, who remains conflicted). Allow direct actions: replace selection, copy as smart link, or open in invite composer. Integrates with Timeglue’s suggestion engine and smart link sharing, honoring all policies and preferences. Expected outcome: users can fix conflicts with a single click, minimizing schedule churn.
Honor org policies (e.g., no after‑hours meetings, holiday observance) and personal settings (work hours, focus blocks) in both explanations and alternates. If a suggested time requires an exception, clearly label the policy to be overridden and provide a guided override flow with required justification and optional approval routing (role‑based). Pull preferences from Timeglue profiles and synced calendars; reconcile conflicts by org policy precedence. Expected outcome: compliance by default, with auditable, intentional exceptions when necessary.
Ensure the conflict detail panel and alternates are fully accessible: keyboard operable (tab order, shortcuts to open/close and navigate causes), screen‑reader friendly (ARIA roles, labels for cause tags and buttons), and perceivable without color (icons/text patterns in addition to red shading). Maintain WCAG 2.2 AA contrast ratios and provide focus visible states on the timeline. Expected outcome: all users, including those using assistive technologies, can discover and act on conflict reasons efficiently.
Deliver conflict details within 200 ms for typical meetings (≤20 participants, ≤5 rule types) by precomputing common constraints, caching participant profiles, and using holiday/lookups in memory. Debounce repeated clicks and progressively render details (primary cause first, then expand). Fall back gracefully when data is stale or unavailable, indicating which elements may be outdated. Expected outcome: a snappy, uninterrupted experience that encourages investigation instead of avoidance due to latency.
Track structured events for red‑zone views, cause expansions, alternate selections, and overrides (with anonymized participant counts and policy types). Store an audit trail on who overrode what rule and why, respecting privacy and regional data regulations (configurable retention, GDPR/CCPA controls). Provide basic dashboards or export to the existing analytics pipeline. Expected outcome: product and ops teams can measure feature adoption, identify common blockers, and improve policies over time.
Scrub a duration slider (15–120+ minutes) to watch safe windows stretch or shrink in real time. Avoid overruns that cross into after‑hours and quickly pick the longest viable window for your agenda.
Dynamically recompute and render cross-time-zone “safe windows” as the duration slider is adjusted, honoring each attendee’s working hours, holidays, and focus blocks. The client requests or derives precomputed availability intervals and intersects them, filtering out any start times whose end time would violate constraints for the selected duration. Visual updates must occur within 150 ms per interaction for up to 20 attendees across 8 time zones, with debounced input and incremental recalculation to maintain 60 fps animations. Handles DST transitions, overlapping constraints, and multi-day spans, and gracefully degrades on slow networks with a loading state and coarse updates. Integrates with the availability engine, timeline renderer, and conflict explanation service to keep UI, booking validation, and share links consistent.
Prevent selection of durations that would cause a proposed meeting to overrun into disallowed time for any participant. When an overrun is detected, visually indicate the overflow on the timeline and snap the selection to the longest valid subwindow within the same segment. Provide clear rationale (e.g., “Ends during Alice’s focus block”) via tooltip and inline messaging. Enforce the same validation at booking time to eliminate mismatches between preview and final scheduling. Supports host override policies and per-attendee guardrail visibility rules, and respects minimum/maximum duration limits set at the event type level.
Compute and display the maximum duration that fits all constraints for the currently selected date range, offering a one-click chip (e.g., “Max: 95 min”). Present per-day maximums in the calendar scroller and update suggestions in real time as attendees, constraints, or duration settings change. When no common window exists, show an actionable zero-state with options to expand hours, relax constraints, or propose multiple shorter sessions. Expose this computation via a lightweight endpoint for server-rendered previews and share-link unfurls.
Implement a responsive duration control with presets (15, 30, 45, 60, 90, 120) and custom input up to at least 240 minutes, supporting mouse, touch, and wheel interactions. The slider drives the timeline visualization, stretching/shrinking safe-window overlays and updating counts of viable start times. Persist the last-used duration per event type and encode it in the URL state to support refresh and share flows. Provide smooth animations, clear numeric labels, and step granularity of 5 minutes, with guardrails for min/max duration defined at the template level. Internationalization-ready formatting and theming are required for consistent look and feel across the app.
Ensure the Duration Sweep experience is fully accessible: ARIA-compliant slider role with labelled value, keyboard increments (arrow keys for step, Shift+arrow for 15-minute jumps), and a polite live region announcing the new duration and count of viable windows after each change. Provide sufficient color contrast for safe/unsafe states, focus rings, and a non-color indicator for overrun. Support screen readers on desktop and mobile, reduced-motion preferences, and haptic feedback where available. Meets WCAG 2.2 AA requirements and includes automated and manual accessibility testing.
Allow creators to pre-set and constrain duration via smart links by encoding default, min, and max duration parameters. Opening a link initializes the slider and timeline to those values while still honoring attendee guardrails and host policies. The link preview reflects the pre-set duration in titles and metadata. Changes made by recipients remain within host-defined bounds and are persisted in the URL for collaborative iteration. Backwards-compatible with existing links and validated server-side to prevent out-of-range bookings.
Preset intensity modes (Light, Standard, Critical) that expand windows by a defined width and duration, set the required approver tier, and cap after‑hours exposure. One click applies a right‑sized surge that matches incident severity or launch phase—speeding decisions while preventing overreach.
Provide an admin-configurable catalog of preset surge modes (Light, Standard, Critical) with parameters for window expansion (absolute hours and/or percentage), activation duration/TTL, required approver tier(s), after-hours exposure caps (per user/team/time period), scope limits (teams/calendars/regions), and required justification notes. Include defaults, cloning, versioning, validation, and environment-based policies (workspace, org). Enforce RBAC so only permitted roles can create or modify modes; support enterprise policy lock to prevent local overrides. Persist configurations per workspace with auditability and backward compatibility for existing links and schedules.
Add a prominent, accessible UI control to apply a selected surge level to the scheduling timeline. On toggle, recompute and visually overlay expanded meeting windows across participants’ time zones in real time, showing a before/after diff and any policy impacts (approvals needed, after-hours budget usage). Support undo/redo, keyboard shortcuts, mobile responsiveness, and low-latency rendering. Persist the chosen surge level into the session and any generated scheduling links, with clear badges and tooltips explaining the active mode and expiry.
Implement tiered approval rules mapped from the selected surge level, supporting single- and multi-step approvals, fallback approvers, SLAs/timeouts, and reminders via in-app, email, and chat integrations. Block or queue surge effects until required approvals are granted, with clear user feedback and status tracking. Provide emergency break-glass with post-facto review and justification. Integrate with SSO/SCIM roles and groups for dynamic approver assignment. Log all decisions and reasons for auditability.
Allow users to set a start time and fixed duration or expiry for each surge application, including scheduling surges in advance (e.g., launch windows). Display countdowns and send pre-expiry notifications. Automatically revert all affected timelines, links, and policies to baseline at expiry, ensuring no lingering expanded windows. Support recurring surges with calendar-aware exceptions (holidays, blackout dates). Handle edge cases across time zones and daylight saving changes with deterministic state transitions.
Track and enforce configurable after-hours exposure budgets during surges at person, team, and workspace levels per time period (daily/weekly/monthly). Provide both soft warnings and hard caps, with real-time metering that predicts impact before applying a surge. Account for focus blocks, holidays, and individual work-hour profiles when calculating exposure. Offer fair distribution strategies (rotation/weighting) to prevent repeatedly burdening the same individuals. Prevent scheduling beyond remaining budget and suggest alternative windows or participants.
Create immutable event logs for surge configuration changes, applications, approvals, overrides, and resulting after-hours exposure. Provide dashboards and exports (CSV/JSON) summarizing usage by team, level, time period, and outcome, with filters and drill-down. Generate alerts for anomalies (e.g., repeated Critical surges, frequent break-glass use). Respect data retention and privacy settings, with RBAC for access to sensitive records. Expose aggregated metrics via API for BI tools.
Ensure generated scheduling links encode the selected surge level, scope, and expiry securely, degrading gracefully when expired or unapproved. Provide API endpoints and webhooks to programmatically apply, query, and subscribe to surge state changes, enabling integrations with incident management and release tooling. Synchronize surge context across calendar providers so invitees see accurate expanded windows. Enforce token scoping and idempotency to prevent overreach when links are forwarded or reused.
Preview the human impact of a surge before you flip it on. See projected after‑hours minutes, legal risk, and fairness effects by person, team, and region—plus suggested start/end times that minimize harm. Make fast, defensible calls with clear, humane tradeoffs.
Provide a unified UI and API to define surge parameters (start/end time candidates, duration, affected teams/projects, and regions) and ingest constraints from Timeglue’s existing data (work hours, holidays, focus blocks, PTO, and time zone preferences). Allow painting acceptable hours on a draggable timeline, apply role-based criticality tags, and attach jurisdiction metadata per person for regional compliance checks. Validate inputs (e.g., overlap with blackout periods), surface defaults from team profiles, and recalculate previews in real time as parameters change. Ensure all inputs are time zone–aware, versioned, and auditable to support defensible decision making.
Compute projected human impact for a proposed surge, including after-hours minutes, count of impacted days, focus-block collisions, and PTO conflicts per person, aggregated to team and region. Respect each individual’s working hours, holidays, focus blocks, and time zone. Produce explainable outputs with per-metric breakdowns and deltas versus baseline schedules. Support scalable batch computation for large orgs, with caching and incremental recomputation on parameter changes to keep the preview responsive.
Evaluate surge scenarios against configurable policy rules and region-specific constraints (e.g., daily/weekly hour caps, minimum rest windows, night work restrictions, overtime thresholds). Generate a risk score and explicit flags per person, team, and region with human-readable explanations and rule references. Allow organization-level policy overrides and thresholds, and expose a summary widget indicating highest-risk geographies. Record which rules triggered for auditability and provide guidance on parameter adjustments that would resolve violations.
Quantify fairness impact across teams and regions by measuring distribution of after-hours load (e.g., variance and Gini-like index) and highlighting overburdened groups. Exclude sensitive personal attributes; compute only on organizational and geographic dimensions. Provide configurable weights (e.g., prioritize minimizing repeated burden on the same region) and show historical rotation context to prevent recurrent overload. Surface actionable insights that indicate which parameter changes would improve fairness without significantly increasing overall impact.
Run a fast optimization that searches candidate start/end windows and proposes the top three options that minimize a weighted objective (after-hours minutes, legal risk, fairness imbalance), subject to hard constraints (blackouts, work-hour caps). Present side-by-side comparisons with clear metric deltas versus the current selection. Allow tuning of weights per organization or scenario and provide constraint-aware reasoning (e.g., why a seemingly better window is infeasible). Ensure results return within seconds for interactive use.
Visualize impact on a world map with region-level aggregation and color scales selectable by metric (after-hours minutes, risk score, fairness deviation). Include per-region timeline strips and person/team drilldowns with tooltips showing exact metrics and conflicts. Provide filters (teams, roles, regions, metrics), keyboard navigation, high-contrast themes, and screen-reader labels for accessibility. Maintain smooth performance for up to thousands of users via progressive loading and viewport-based rendering. Support snapshotting the current view for share and export.
Enable saving named scenarios capturing parameters, selected suggestion, and full metric outputs. Generate permissioned smart links for read-only previews with optional expiration. Provide exports (PDF/CSV) that include chosen window, tradeoff rationale, metrics by person/team/region, compliance flags, and fairness index, along with a changelog of parameter edits. Integrate with Timeglue’s decision records to keep a traceable history and make reviews easy for stakeholders and leadership.
Coordinate surge windows across multiple squads and calendars in different time zones. Link teams to share a single expanded overlap, respect each group’s guardrails, and auto-stagger prep vs. live windows. Reduces cross‑functional chaos during incidents, launches, and EOQ crunch.
Compute a single expanded overlap window across multiple squads and calendars in different time zones, honoring each team’s working hours, holidays, focus blocks, and existing commitments. The engine merges availability and proposes one or more contiguous surge windows that maximize cross-regional participation while minimizing after-hours impact. Supports constraints like minimum/maximum duration, earliest start/latest end by region, required role presence, and buffer times. Outputs candidate windows, confidence scoring, and constraint rationale. Integrates with Timeglue’s draggable timeline so admins can paint acceptable ranges and the system refines the final overlap. Provides an internal service and API to recalculate automatically on membership or calendar changes.
Enforce each team’s guardrails—work hours, no-meeting zones, focus blocks, regional holidays, and labor-law constraints—throughout surge planning and scheduling. Validate proposed surge windows, flag violations with clear explanations, and suggest compliant adjustments such as shifting start times, shortening duration, or splitting blocks across days. Support per-team overrides with justification, approver workflow, and auditable logs. Provide configurable tolerances and blackout dates. Integrate with overlap calculation, share links, and calendar publishing to ensure after-hours invites are automatically prevented.
Automatically schedule pre-surge preparation windows and live surge windows with intelligent staggering across time zones. Define dependencies so prep tasks occur during convenient hours for creators and reviewers, while live windows maximize cross-functional overlap. Support lead/lag offsets, rolling handoffs between regions, and rotation fairness to distribute inconvenient times. Allocate windows by role (prep, review, comms, ops, exec) and enforce guardrail compliance. Visualize staggered blocks on the timeline and update them as teams or calendars change.
Provide bi-directional synchronization with Google Calendar and Microsoft 365 for surge events and blocks. Pull availability signals (free/busy, out-of-office, focus time) for linked participants and push confirmed surge windows as events localized to each attendee’s time zone. Handle updates, cancellations, and attendee changes in near real time with conflict detection, retries, and idempotency. Support service accounts and delegated access with granular scopes, and implement rate limiting and backoff handling. Offer a dry-run preview before publishing and a per-event audit trail showing who and what changed.
Offer reusable templates for common scenarios—incident response, launch day, and EOQ crunch—with default durations, required roles, escalation policies, and notification cadences. Allow users to select a mode that auto-applies guardrails, overlap rules, and staggering patterns suited to the scenario. Support validity windows, recurrence, expiry, and workspace-level governance. Include versioning, cloning, and per-project edits with an audit trail of deviations from the base template.
Generate smart share links that expose proposed surge windows to stakeholders with role-appropriate permissions. Viewers see localized times, can propose alternatives within allowed ranges, and RSVP. Support role-based access, link expiration, domain restrictions, and SSO enforcement. Log all interactions and allow approvers to finalize windows directly from the link, triggering calendar publishing and notifications. Adapt available options to guardrails, hiding invalid times and preventing after-hours selections.
Send Slack, email, and in-app notifications with localized times for proposed, confirmed, and changed surge windows. Provide opt-in reminders aligned to each participant’s work hours, with escalation paths if approvals or RSVPs stall. Respect quiet hours by default while allowing incident-mode overrides with explicit confirmation. Offer per-role reminder cadences and a status board that reflects acknowledgements and readiness across teams.
Automatically schedules a post‑surge recovery period for impacted people and teams. Temporarily tightens booking windows, prioritizes focus blocks, and proposes Time Debt payback slots—helping morale and compliance rebound while nudging calendars back to normal.
Continuously monitor calendar signals (meeting volume spikes, after-hours invites, shortened buffers, incident tags) to automatically detect workload surges and initiate a cooldown. Supports org/team/individual scopes, manual trigger via UI/API, and inbound webhooks from incident systems. Thresholds are configurable by team and time zone, respect Timeglue’s work-hour/holiday rules, and consider painted acceptable-hour timelines. On trigger, create a cooldown record with start/end, impacted cohort, policy version, and rationale. Includes debounce and false-positive suppression, sensitivity presets, and an event log for observability. Integrates with Timeglue’s scheduling engine so downstream enforcement and proposals activate immediately.
Provide a policy framework that defines how cooldowns behave: duration, booking-window tightening (e.g., shrink acceptable hours on the draggable timeline), daily meeting caps, maximum meeting lengths, buffer expansion, focus-block quotas, and gradual normalization curves. Policies are time-zone aware, honor holidays, and support role-based exceptions (e.g., on-call, customer success). Include policy templates, versioning with effective dates, dry-run mode, and conflict resolution against existing Timeglue constraints. Expose policies via admin UI and API, store them per team/org, and attach the active policy to each cooldown instance for auditability.
When a cooldown is active, enforce stricter availability across Timeglue smart links and calendar integrations: narrow bookable windows, extend buffers, cap daily meetings, and hard-block after-hours. Update scheduling pages in real time to reflect reduced slots while honoring previously painted acceptable hours and existing commitments. Provide progressive re-expansion as cooldown decays. Include override flows with justification, API errors with actionable messages, and safeguards to prevent double-booking. Works with Google/Microsoft calendars and respects focus blocks and holidays.
Automatically create, extend, and protect focus blocks for impacted users during cooldowns. Use heuristics to select optimal times within work hours, align with the draggable acceptable-hours timeline, and avoid critical meetings. Optionally reschedule low-priority internal meetings and suggest alternatives. Mark focus blocks with elevated calendar priority to resist displacement, color-code them, and notify affected parties. Preferences (minimum block size, daily targets, morning/afternoon bias) are configurable per user/team and obey holidays and time zones.
Detect after-hours or overflow work performed during a surge, compute time debt per user, and propose compensatory time slots within the next configurable window. Present suggestions in-app and via Slack/email, allow manager approval or adjustment, and auto-schedule upon approval. Ensure proposals avoid critical periods, respect personal constraints, and coordinate across time zones for fairness. Track remaining debt, partial paybacks, and sync state to calendars. Provide policy hooks for labor compliance and PTO alignment.
Deliver clear, multi-channel communications when cooldowns start, change, or end: in-app banners, calendar annotations, email, and Slack posts. Scheduling pages display a cooldown badge and summary of temporary rules. Provide a controlled override workflow with reason capture, approver routing, and time-bound exceptions. Localize content, ensure accessibility, and link to the relevant policy. Maintain an audit trail of messages, acknowledgments, and overrides for transparency.
Offer dashboards and exports that quantify cooldown impact and compliance: number/duration of cooldowns, affected users, meeting volume before/after, focus time gained, time debt accrued/paid, override rates, and normalization timelines. Provide org/team filters, API access, and data retention controls. Link metrics to specific policy versions and cooldown records for traceability. Support audit-ready reports that demonstrate adherence to labor and after-hours policies across regions.
Tie surge activation to objective signals—SLA breaches, incident priority, quota depletion, or launch milestones. Auto‑compose an approval request with context, scope, and expiry, so surges start quickly when warranted and stay auditable when they don’t.
Provide first-class integrations that ingest objective signals from external systems (e.g., PagerDuty/Opsgenie incidents, Datadog/New Relic SLO/SLA breaches, Statuspage service status, Zendesk/Jira ticket SLAs, usage/quota systems, and product launch milestones). Support webhooks and polling with OAuth and signed secrets, field mapping, and normalization into a unified signal schema (severity, impacted service, SLA dimension, quota remaining, milestone date). Ensure tenant-scoped encrypted credentials, idempotency and de-duplication, exponential backoff, rate limiting, and integration health checks. Offer an admin UI to add connectors, test payloads, and map attributes to Timeglue entities (teams, regions). This enables objective, low-latency triggers, reduces manual overhead, and forms the foundation for auditable surge activations in Timeglue.
Deliver a configurable rules engine and UI that translates normalized signals into surge intents. Allow admins to compose rules using boolean logic and thresholds (e.g., incident.severity >= P1 AND region = EMEA AND during business days), time windows, cool-down/cancel conditions, deduplication windows, and TTL/expiry for surges. Support regional/tenant scopes, rule versioning with change history, dry-run simulation against historical signals, and validation with conflict detection. Provide APIs for CI-managed rules and guard for invalid combinations. This makes surge activation precise, predictable, and testable while aligning with organizational policy.
When a rule matches, automatically compose a structured approval request containing trigger context (signal details, timestamps, severity), proposed surge scope (teams/regions, window expansions by local time, duration and expiry), schedule diff preview versus baseline, estimated capacity impact and budget burn, conflict analysis (focus blocks, holidays, existing surges), and risk notes. Render consistently across in-app, email, and Slack with actionable Approve/Deny links and a one-click schedule preview. Include suggested approvers based on policy and on-call rosters. This accelerates informed decision-making and preserves clarity and auditability.
Implement policy-driven approval workflows supporting single or multi-step approvals, sequential or parallel routing, timeouts with escalation paths, and emergency auto-approval for P0 incidents with post-facto review. Enforce quorum rules, capture rationale notes, and log timestamps and approver identities. Integrate with Slack and email for notifications and actions, and honor RBAC for who can approve which scope. Define SLAs for approval steps with reminders and fallback behaviors. This ensures surges start quickly when warranted and remain controlled and auditable.
On approval, apply a timeboxed surge to the scheduling engine: temporarily expand acceptable meeting windows for targeted teams/regions, update availability on smart links, and enforce caps (max meetings per person/day, per-week limits). Respect baseline work hours and holidays unless an explicit override flag is set. Support overlapping surges with priority and merge policies, and automatically roll back at expiry with full cleanup and notifications. Propagate changes in real time to booking links, APIs, and calendar sync, with safeguards to prevent after-hours invites beyond the approved scope.
Record an immutable sequence of events for each trigger: incoming signal payloads (with selective redaction), evaluated rules and outcomes, approval steps and rationale, schedule changes, notifications, and expiry/rollback. Store with tamper-evident hashing, retention policies, and data residency controls. Provide searchable in-app views, CSV/JSON export, and webhooks for SIEM ingestion. Offer canned reports by date range, team, incident, and surge reason to satisfy audits and post-incident reviews while preserving privacy and provenance.
Introduce configurable safety limits: per-team surge budgets (hours per week/month), quiet hours and blackout periods (e.g., company holidays), fair-use caps, and soft warnings as thresholds near. Block or require elevated approval when budgets would be exceeded or when surge scope is high impact. Detect conflicts with critical events (all-hands, launches) and surface explicit acknowledges. Provide a dashboard for current surge status, remaining budget, and upcoming expiries. These controls prevent overuse, protect after-hours boundaries, and keep surges sustainable.
An auto‑generated audit pack for each surge: who approved, what expanded, who was affected, exception reasons, legal checks, and the rollback/cooldown plan. Export to CSV/JSON or share a link to build trust with stakeholders and satisfy compliance needs.
Automatically compile a comprehensive, time-stamped dossier for each surge capturing the initiating request, approval chain, scope expansions (hours/regions), impacted calendars/resources, exception reasons, compliance check outcomes, and the rollback/cooldown plan with links to supporting evidence. Snapshot the dossier at key lifecycle events (requested, approved, activated, modified, rolled back, cooldown complete) and maintain immutable version history with diff views. Integrate with Timeglue’s scheduling core to ingest surge metadata, work hours, holidays, and focus blocks, emitting a stable internal schema used by UI, exports, and API consumers.
Record every approval and scope change as append-only events with UTC timestamps, approver identity (via SSO), role, comments, and origin metadata (IP/device), secured with cryptographic hashes to prevent tampering. Support multi-step approvals, override justifications, and chain-of-custody linking between events. Surface the audit trail within the dossier and expose it via API, ensuring traceability from initial request through rollout and rollback.
Resolve and list all impacted users, teams, and external invitees resulting from surge window changes, including counts by region/time zone and role. Provide privacy-aware views based on viewer permissions: aggregated summaries for external stakeholders and identifiable lists for authorized internal roles. Respect DND/consent flags, apply redaction where required, and link to notification delivery logs. Store only minimal identifiers necessary to meet compliance and reporting needs.
Offer a configurable taxonomy of exception reasons (e.g., critical incident, client escalation, product launch) and require selection plus optional free-text context whenever hours are expanded or constraints overridden. Support localization, rule-based prompts (e.g., when after-hours detected), and analytics tagging to enable cross-surge reporting. Persist reasons in the dossier, display them in the UI, and include them in exports and APIs.
Implement a configurable rule engine that evaluates each surge against work-hour policies, regional labor regulations, holiday restrictions, and contractual SLAs. Produce pass/warn/block outcomes with detailed evidence, including the rule matched, input data, and rationale, and support rule versioning and jurisdiction scoping. Gate surge activation based on severity, require documented overrides with justification, and record all results in the dossier for auditability.
Enable export of full or partial dossiers to CSV and JSON using stable, documented schemas, and provide shareable, expiring links secured with signed tokens. Support role-scoped views (internal, client, auditor), watermarking, and download/audit logs. Ensure exports respect redaction and data retention policies, and offer API retrieval with pagination and ETag support for synchronization.
Provide templates and structured fields to define rollback steps, owners, triggers, and a cooldown schedule following a surge. Integrate with Timeglue’s scheduler to automatically retire surge rules on schedule, block new surges during cooldown, and create reminders/tasks to confirm completion. Track execution status and outcomes, and capture the finalized plan and evidence in the dossier.
Instantly recognizes your company domain and pre-configures the right integrations (Google/Microsoft calendar, Okta/Azure AD, HRIS). Detects default locale patterns to seed work hours and holidays so you’re halfway set up before you click anything.
Automatically detect the company domain from the user’s email or provided URL during onboarding and perform soft and strong verification steps to confirm ownership. Use DNS, MX/SPF, and OpenID tenant discovery to infer whether the organization uses Google Workspace or Microsoft 365 and to identify potential identity providers (Okta, Azure AD, Google Directory). Where possible, leverage admin OAuth consent to confirm tenant-domain binding; otherwise, apply soft checks (MX records, WHOIS, certificate SANs) and flag confidence. Handle edge cases such as vanity subdomains, split delivery, and multiple verified domains per tenant. Provide a clear UI state indicating detection confidence and next steps. This ensures Timeglue can initialize the correct setup path with minimal input and sets a reliable foundation for downstream auto-configuration.
Based on the verified domain, recommend and preconfigure the correct integrations: Google Calendar or Microsoft 365 Calendar, Okta or Azure AD (or Google Directory) for identity, and leading HRIS options when detected. Preselect least-privilege scopes, generate OAuth consent links, and initialize connector records with inferred tenant IDs and endpoints. After consent, perform connectivity tests, fetch sample metadata (e.g., directory counts, calendars), and schedule initial sync jobs. Surface a single review panel summarizing detected providers, scopes, and what will be synced. Provide robust error handling and fallbacks if multiple providers are detected or a recommended integration fails, guiding the admin to manual selection. This reduces time-to-value by eliminating manual discovery and configuration steps and ensures Timeglue has the data sources needed for scheduling and availability logic.
Infer primary locales, time zones, working hours, and public holiday calendars from domain signals and connected systems. Use tenant locale settings (Google Workspace/Microsoft 365), directory location attributes (Okta/Azure AD/Google Directory), and HRIS office/employee location distributions to compute region clusters and seed default work hours per region. Select applicable public holiday calendars per country and attach them to regions with a confidence score. For multi-region orgs, propose multiple region profiles and assign initial teams where signals exist. Present a review UI to accept or adjust hours, time zones, and holidays before applying to Timeglue’s org settings. This enables accurate, region-aware scheduling defaults from day one and reduces admin configuration overhead.
Provide guided consent flows for each recommended integration with clearly documented data usage and minimal scopes (progressive consent where feasible). Support Google OAuth and Microsoft Graph admin consent for calendar and directory read access, plus Okta/Azure AD/Google Directory for user attributes needed by Timeglue. Store tokens securely with rotation, support consent renewal and revocation, and detect permission changes. Block risky over-scoped requests and present justifications for any escalations. This ensures security and compliance while enabling Domain Snap to establish necessary connections.
Offer a consolidated review screen where admins can accept or modify all Domain Snap suggestions, including chosen providers, scopes, region profiles, work hours, and holiday calendars. Allow manual selection when detection is ambiguous, and provide a one-click rollback to the pre-setup state. Maintain versioned configuration snapshots with diff history and the ability to re-run detection idempotently after changes (e.g., switching from Okta to Azure AD). This ensures admins retain control and can quickly correct or undo auto-configuration without risking data integrity.
Capture detailed, immutable audit logs for all detections, recommendations, consents, applied configurations, and rollbacks, including actor, timestamp, source signals, and confidence levels. Mask PII where not essential, support export to SIEM, and honor data retention policies. Provide data flow diagrams and consent records to assist with SOC 2, ISO 27001, and GDPR readiness. Expose transparency reports in-app so admins can trace why a given integration or locale was selected. This builds trust and supports enterprise compliance requirements tied to automated setup.
One-click, read-only onboarding to popular HRIS/IdP systems imports teams, managers, locations, and work‑hour policies. You get accurate rosters and sane defaults in minutes—no CSVs, no mapping marathons.
Provide turnkey, one-click OAuth integrations with leading HRIS and IdP providers (e.g., Okta, Azure AD, Google Workspace, BambooHR, Rippling, Workday, HiBob) to initiate a read-only import of users, groups/teams, manager relationships, locations, and applicable policy attributes. The connector framework must standardize auth flow, scope requests, token handling, and error states, enabling a consistent onboarding experience that completes in minutes without CSVs. This integrates with Timeglue’s onboarding wizard and sync pipeline, exposing provider availability, prerequisite checks, and post-connection health status within the admin UI. Expected outcome: reliable, low-friction setup that scales across providers and reduces admin time-to-value.
Enforce least-privilege, read-only access across all connectors with clearly enumerated scopes and human-readable consent screens. Tokens must be encrypted at rest, rotated on schedule, and revocable from Timeglue. Display requested attributes by provider and explain how each is used (e.g., team assignment, location timezone, work-hour policy). Provide a permissions diffs view on scope changes and block connection if elevated scopes are required. This safeguards privacy, builds trust, and supports compliance needs while still delivering accurate imports.
Normalize imported directory data into Timeglue’s domain model: users, teams, manager-of, location/timezone, and policy-related attributes. Handle varied provider schemas, locales, and attribute names with a mapping layer that applies smart defaults and supports optional custom field mapping. Deduplicate users across sources, resolve primary email/login, and preserve external IDs for referential integrity. Persist mapping rules for subsequent syncs and expose a preview to verify transformations. This ensures clean, consistent data powering scheduling logic and smart link defaults.
Derive default working hours, timezones, and holiday calendars from imported location and policy attributes, enriching with region-specific public holidays. Where explicit schedules are missing, apply configurable heuristics by location and role (e.g., standard 9–5 local, lunch buffers) and surface exceptions for part-time or shift workers. Generate organization-, team-, and location-level defaults that Timeglue uses to pre-paint acceptable meeting windows and prevent after-hours invites. Admins can override inferred policies and set precedence rules between company, team, and individual levels.
Support both scheduled incremental syncs and webhook-based refreshes to keep rosters, relationships, and policies current with minimal load. Implement delta cursors, pagination, rate limiting, and idempotent upserts to handle large directories. Expose sync cadence controls, last-sync timestamp, change counts, and a manual re-sync action in the admin UI. Automatically reconcile deprovisioned users and org changes to maintain accurate scheduling defaults and prevent invitations to inactive accounts.
Validate incoming data for completeness and logical consistency (e.g., missing timezone, cyclic manager chains, overlapping or invalid work-hour windows). Provide clear, actionable errors with suggested fixes, quarantine problematic records, and continue importing clean data. Offer conflict policies (prefer HRIS vs. IdP, most recent update, or admin override) and surface a resolution queue in the UI. This prevents bad data from degrading scheduling accuracy while keeping onboarding fast.
Deliver a guided review step showing import summaries (user counts, teams, locations, inferred policies) with the ability to include/exclude org units, remap teams, set default timezones, and apply bulk overrides before committing. Provide a dry-run preview with diffs and an undo/rollback option after apply. This minimizes surprises, reduces rework, and ensures imported data reflects operational reality from day one.
Automatically assigns each person’s time zone and holiday set using HRIS location, office assignment, and calendar locale. Flags anomalies for quick review, eliminating manual timezone math and misclassified holidays.
Integrate with leading HRIS providers to ingest user location, office assignment, employment status, and email identifiers, normalizing records into Timeglue profiles. Support OAuth and API key auth, scheduled incremental syncs and webhooks for near‑real‑time updates, idempotent upserts, and robust retry/backoff. Map users by verified email with safeguards for duplicates and contractors. Validate and sanitize incoming fields, and expose sync health metrics and error reporting. The resulting location/office attributes become primary inputs to Locale Mapper’s time zone and holiday assignment pipeline, feeding Timeglue’s scheduling engine.
Connect to Google Workspace and Microsoft 365 to read each user’s calendar time zone and language/region locale with least‑privilege scopes, using settings endpoints only. Use these signals to corroborate or fill gaps when HRIS data is missing or stale. Implement batched polling and change notifications, DST‑aware parsing, and fallbacks when accounts are not connected. Persist provenance (HRIS vs Calendar) and last‑seen timestamps to inform conflict resolution and anomaly scoring. Feed resolved signals into the Locale Mapper pipeline and the scheduling engine.
Translate HRIS location/office coordinates and calendar locale into a precise IANA time zone (e.g., America/Los_Angeles). Integrate a geocoding and tz lookup service, handle ambiguous city names and border cases, and maintain an up‑to‑date tzdata cache. Produce a confidence score and rationale per assignment, support offline caching, and auto‑adjust for DST rule changes. Expose a deterministic mapping policy and idempotent assignment so downstream scheduling is stable. Provide fallbacks for incomplete addresses using office geofences or IP hints (optional, configurable).
Automatically assign national and regional holiday calendars based on resolved location, with support for multi‑region users, remote employees, and company‑defined holidays. Source authoritative holiday datasets, refresh annually and on late‑breaking changes, and localize names. Allow admins to set precedence rules (company > region > country), apply per‑user or team overrides, and preview effects. Persist holiday set provenance and surface assignments to the scheduling engine to prevent after‑hours or holiday booking. Include API and UI hooks for manual adjustments and audit logging.
Implement rules and heuristics to flag discrepancies between HRIS location, calendar time zone, recent meeting offsets, and travel status (if available). Score anomalies by severity (e.g., HRIS says Paris, calendar says PST) and route them to a review queue with suggested fixes and confidence levels. Provide filters, search, and notifications (email/Slack) for admins, plus one‑click apply/ignore actions and bulk operations. Track resolution outcomes and feed them back into the model to reduce false positives. All actions are auditable and reflected immediately in scheduling.
Deliver an in‑app interface for Locale Mapper that displays each user’s current assignment with side‑by‑side source data (HRIS, Calendar, manual), confidence scores, and change history. Enable bulk selection and application of recommended fixes, manual time zone/holiday selection with typeahead, and reason codes. Enforce role‑based access controls, provide keyboard shortcuts, accessibility compliance, and responsive performance for orgs with 10k+ users. Changes propagate to the scheduling engine and are logged for audit and export.
Apply least‑privilege scopes and data minimization across HRIS and calendar integrations, storing only fields required for locale mapping. Encrypt data in transit and at rest, support data residency where applicable, and provide admin controls for consent, retention, export, and deletion (GDPR/CCPA). Redact PII in logs, segregate tenant data, and expose audit trails for access and changes. Document scopes and purposes in‑product and provide a security review pack for enterprise customers.
Role- and industry-based presets (Engineering standups, Sales pods, CS onboarding, Recruiting panels) pre-paint safe windows and focus-block defaults. Start booking with battle-tested setups instead of building from scratch.
Provide a browsable library of role- and industry-based presets with searchable filters (role, function, industry, team size, regions, meeting type) and inline previews of pre-painted windows and focus-block defaults on the Timeglue timeline. Integrate with connected calendars to surface potential conflicts (existing focus blocks, recurring meetings) in previews without saving changes. Support metadata (name, description, tags, target roles, supported regions), localization of labels, and multi-tenant scoping. Expose a backend endpoint for fetching kit metadata and assets, and a performant client-side experience with typeahead search and quick-compare of multiple kits. Expected outcome: users find an appropriate kit in seconds, reducing setup time and eliminating guesswork.
Define a robust, versioned schema to represent a starter kit’s defaults: regional working hours, cross-time-zone acceptable meeting windows, holiday locale packs, focus block patterns (frequency, duration, recurrence, no-meeting days), meeting type defaults (durations, buffers, lead time, max per day), and invite guardrails (after-hours prevention, escalation rules). Include human-readable metadata, tags, and compatibility markers (supported locales, time zones). Implement strict validation, backward compatibility rules, and migration utilities so existing teams are not broken by updates. Store in a centralized repository with read APIs, caching, and rollback support. Enable localization of text and regional holiday mappings. Expected outcome: stable, extensible kits that can evolve safely and be shared across organizations.
Enable admins to apply a selected starter kit to a workspace, team, or individual users with a guided flow that shows a diff between current settings and the kit. Detect and resolve conflicts (e.g., overlapping focus blocks, incompatible work hours) with selectable merge strategies (replace, merge, skip). Support batch application to multiple members, permission checks, and dry-run preview. Apply changes transactionally with full rollback and audit logging. Trigger recalculation of smart booking links, meeting guardrails, and notifications summarizing changes to affected users. Expected outcome: safe, predictable rollouts that respect existing settings while standardizing scheduling norms.
Allow users with appropriate permissions to clone a starter kit and customize parameters: adjust painted meeting windows, focus block rules, holiday sets, and meeting-type defaults. Support saving as an organization template with visibility controls (org-wide, team, private), change notes, and version history. Maintain lineage to the upstream kit version and surface update suggestions when the base kit evolves. Provide export/import of kit JSON for portability. Expected outcome: organizations can tailor best-practice presets to their specific norms without losing upgradeability.
Generate shareable booking links that encode the selected kit’s safe windows, focus block enforcement, buffers, durations, and lead-time constraints. Ensure recipients view availability in their local time zone while respecting the sender’s after-hours guardrails. Support deep links to a timeline preview, optional parameter overrides as allowed by the template, link expiration, and revocation. Tag bookings with the originating kit for attribution. Expected outcome: instant, back-and-forth-free scheduling that adheres to standardized team norms.
Instrument events and build dashboards to measure starter kit adoption and outcomes: time-to-first-booking after signup, reduction in after-hours invites, reschedule rates, meeting success rates, and regional distribution of booked times. Provide kit-level and template-level metrics, trend lines, and CSV export. Ensure privacy-safe aggregation and configurable retention. Surface data-driven recommendations to refine kits (e.g., suggest widening windows where utilization is low). Expected outcome: visibility into business impact and continuous improvement of presets.
Create a first-run flow that recommends starter kits based on connected calendar signals, declared roles, industries, geo distribution of teammates, and working hours. Provide a short guided setup that previews the recommended kit, explains its guardrails, and confirms any sensitive defaults (e.g., no-meeting days). Include A/B testing hooks for recommendation strategies and track conversion to kit adoption. Provide fallbacks when signals are sparse. Expected outcome: users get to a battle-tested setup within minutes, increasing activation and reducing churn.
Before you invite anyone, a fast simulation surfaces after‑hours exposure, holiday conflicts, and compliance risks across your imported teams. Get one-click fixes and publish a clean plan on day one.
Compute after-hours exposure, holiday conflicts, focus-block collisions, and regional compliance risks in real time as the host paints or drags meeting windows on the Timeglue timeline. The simulation ingests each participant’s time zone, working hours, OOO and holiday calendars, and configured policy rules to produce a normalized risk score and a breakdown of violations per slot. Results update instantly with p95 latency under 300 ms for up to 100 participants across an 8‑week horizon, using incremental recomputation and caching; for larger cohorts the UI shows progressive results within 2 seconds. Output includes slot-level severity, per-person flags, and machine-readable codes consumed by recommendations, UI overlays, and reporting. The engine runs automatically before link creation or invite send, ensuring issues are caught early and without manual calculation.
Provide a configurable rules engine that encodes quiet hours, minimum rest periods, maximum after-hours frequency, weekend restrictions, protected holidays, and regional labor constraints (e.g., EU Working Time Directive–style limits). Policies are versioned and assignable at workspace and team levels, with rule packs auto-applied per participant based on locale and employment region. The engine evaluates rules deterministically and outputs standardized violation objects with severity, rationale, and references to the triggering policy. Administrators can customize thresholds and add exceptions with expiry dates, enabling nuanced governance without hardcoding. Integrates tightly with the simulation, recommendations, guardrails, and reporting so that all risk signals and actions are policy-driven and auditable.
Offer actionable, single-click recommendations that automatically adjust proposed meetings to minimize risk while honoring host constraints. Fixes include shifting the window by the lowest-cost offset, rotating times across weeks for fairness, excluding conflicting holidays, shortening duration to fit within safe hours, proposing split sessions by region, and converting some attendees to async or optional when appropriate. Each fix presents a preview of the change and its impact on risk score, with clear explanations and undo support. Applying a fix updates the timeline, re-runs the simulation, and logs the decision for compliance reporting. The system prioritizes fixes by expected risk reduction and preserves previously accepted exceptions.
Render a color-coded heatmap overlay on the draggable timeline to visualize aggregate risk intensity across proposed windows, with accessible contrast, keyboard navigation, and responsive layouts. Users can drill into any slot to view per-person and per-region risk details, filter by risk type (after-hours, holiday, policy), and see explanations tied to specific rules. The heatmap updates in real time with the simulation and supports grouping participants (e.g., EMEA, APAC, Engineering) to identify hotspots quickly. Critical violations trigger inline callouts and affordances to apply relevant one-click fixes. The visualization is optimized to remain smooth at 60 fps for typical cohorts and gracefully degrade to batched updates for very large teams.
When generating shareable scheduling links, automatically restrict bookable times to low-risk windows based on the latest simulation and policies, preventing after-hours and holiday bookings by default. At booking time, guardrails revalidate slots using the invitee’s locale and assigned policies, blocking or warning if new conflicts arise and suggesting compliant alternatives. Holds placed on calendars reflect sanitized availability, and ICS invites include compliance notes for transparency. The guardrails expose configuration flags (strict block vs. warn) and webhooks for external workflows. This ensures the published link cannot be used to bypass policy or create after-the-fact conflicts.
Generate a shareable report that summarizes detected risks, applied fixes, accepted exceptions, and final compliance status per policy and participant for each scheduling plan. Reports can be exported to PDF and CSV, include timestamps, decision rationales, and policy versions, and are stored in an immutable audit log with user attribution. Privacy settings control redaction of personal details while preserving necessary compliance evidence. The audit trail supports search and filtering by team, date range, and policy, enabling HR or legal teams to verify due diligence. Integrates with workspace retention policies and allows secure, expiring share links for stakeholders.
Watches HRIS/IdP changes during your first 30 days—new hires, team moves, location changes—and auto-updates teams, hours, and holiday sets. Sends a compact Slack/Teams digest so Zero‑Touch stays zero effort.
Build OAuth2/SAML-based connectors for Okta, Azure AD, Google Workspace, Workday, and BambooHR that ingest user and organization events (new hire, department/team change, location/time zone update, manager change, termination) via webhooks or scheduled polling. Implement least-privilege scopes, secrets management, and incremental sync to minimize load. Normalize payloads into a common schema for Drift Guard, deduplicate events, and backfill the initial roster on activation. Integrate with Timeglue’s identity graph to match users by email/external IDs and handle merges for duplicates.
Provide an admin UI to map HRIS/IdP attributes (department, cost center, location, country, timezone, manager, employment status) to Timeglue entities (team, location/time zone, working-hours template, holiday set). Define rules to classify changes into actionable categories: New Hire, Team Move, Location Change, Schedule Template Change, Termination. Support defaults and per-location overrides, preview of evaluated rules, and dry-run mode to verify outcomes before enabling auto-updates. Persist mapping versioning to ensure reproducibility and auditability.
Implement an idempotent engine that applies classified changes to Timeglue: create user profiles for new hires, update team membership, assign location-derived time zones, apply working-hours templates, and attach appropriate holiday calendars. Enforce guardrails (e.g., only within activation window, ignore terminations outside scope), resolve conflicts, and queue retries on transient failures. Write structured audit logs for every mutation with before/after state, source event, and correlation IDs. Ensure updates cascade to scheduling constraints so after-hours invites are prevented without manual intervention.
Activate Drift Guard automatically for the workspace’s first 30 days post-onboarding, with configurable start/end dates, pause/resume, and the ability to extend the window for phased rollouts. Provide per-team inclusion/exclusion lists, rate limits, and safety thresholds (e.g., maximum percentage of users changed per day). Surface a timeline view of applied changes within the window and a toggle to switch between Auto-Apply and Review-First modes.
Deliver a daily (or event-threshold-based) compact digest to designated Slack channels and Microsoft Teams, summarizing detected changes and applied updates: counts by type, notable exceptions, and links to details. Include actionable controls (Approve, Roll Back, Ignore Future Similar) where Review-First is enabled. Implement per-workspace and per-channel configurations, message formatting that respects platform limits, localization, and rate limiting to avoid notification fatigue.
Provide an in-app review queue listing pending or recently applied changes with severity, impact scope, and recommended actions. Allow approvers to batch-approve, snooze, or reject items, and to perform one-click rollbacks that revert Timeglue entities to their prior state. Enforce role-based access control, capture reasoning notes, and ensure rollbacks propagate to scheduling constraints and notify affected owners when their hours or teams change.
Expose a health dashboard showing connector status, last successful sync, webhook latency, error rates, and backlog size. Implement automatic retries with exponential backoff, dead-letter queues for poison events, and alerting to admins when thresholds are breached or sync falls behind. Provide self-service diagnostics (test webhook, re-authorize connector), and exportable logs to SIEM. Ensure health signals are reflected in digests to keep zero-touch truly zero effort.
Automatically generates SSO‑gated smart links and posts a welcome brief to Slack/Teams explaining booking windows and guardrails. Everyone knows where to book and what to expect—no training session required.
Automatically creates unique smart booking links that require SSO authentication (e.g., Okta, Google Workspace, Azure AD) before access. Links are scoped to organization/team/role, carry booking window parameters, support expiration policies (time-based, single-use, multi-use), and are time zone aware. Enforces permission checks at click time and maps the authenticated user to their org record. Integrates with Timeglue’s identity service and scheduling engine; emits audit events on creation and use for compliance and observability.
Integrates with Slack and Microsoft Teams via OAuth to automatically post a welcome brief that includes SSO-gated smart links, booking windows, guardrails, and “how to book” guidance. Supports selecting target channels, @mentions, and DM to new members; posts using platform-appropriate rich blocks/cards with link unfurling. Captures message IDs for updates/edits, respects workspace permissions and rate limits, and offers a settings UI to configure announcement timing and destinations.
Provides a template system for the welcome brief with variables for team name, core hours, time zones, holidays, focus blocks, rescheduling policy, and help links. Supports multi-language localization, company branding (logo/colors), and platform-specific rendering (Slack blocks, Teams cards). Includes a preview editor, token validation, versioning, and the ability to update previously posted messages in place; allows A/B variants and per-team overrides.
Derives and maintains “sane” cross-region booking windows by aggregating members’ working hours, holidays, and focus blocks from connected calendars. Applies guardrails (no after-hours invites, buffers, max early/late offsets, notice periods) and recalculates when calendars or policies change. Exposes windows as structured data for message templates and link parameters, with caching and invalidation on relevant updates.
Adds an admin console to list, search, and manage auto-announced links and their associated posts. Supports revoking, expiring, or regenerating links; rotating tokens; bulk updates; and automatic invalidation when members leave or policies change. Provides per-link analytics (views, auth successes, bookings started/completed) and tools to re-post or edit the original brief thread with updated links.
Implements a durable, idempotent job pipeline for announcement creation and posting with exponential backoff retries and dead-letter handling. Monitors platform rate limits and spreads posting accordingly. Surfaces delivery status in an ops dashboard, alerts on failures, and falls back to email delivery with the same brief when chat posting is unavailable. Guarantees exactly-once posting per target and supports manual re-run by admins.
Publish availability as open/closed windows at configurable granularity (e.g., 1–3 hour bands) with optional fuzzed edges. External viewers can request within a block but never see exact times, preserving privacy while keeping coordination fast and respectful.
Enable hosts to publish availability as open/closed windows at selectable granularity (e.g., 30 min, 1 hr, 2 hr, 3 hr). The system rounds underlying exact availability to the chosen band size and displays only the bands, never precise start/end times. Granularity is configurable globally and per share link, with sensible defaults from meeting templates (duration, buffers). The scheduler maps requests captured at the band level to actual free slots internally, honoring calendars, buffers, and meeting length. Viewer UI shows bands aligned to the viewer’s time zone and locale. Implementation integrates with existing availability computation and supports edge cases like daylight saving transitions and partial-day holidays.
Provide optional fuzzing of masked block boundaries to mitigate inference of exact availability. Apply a configurable jitter window (e.g., ±10–20 minutes) to band edges while guaranteeing the displayed block always contains at least the meeting duration within actual working hours. Use deterministic per-link pseudorandomization so multiple visits by the same viewer are consistent, while different links cannot be correlated. Ensure fuzzing never exposes times outside allowed work hours, holidays, or focus blocks. Implement guardrails for minimum visible coverage and compatibility with variable granularity. Include host-side preview to visualize how blocks will appear to recipients.
Allow external viewers to request a meeting within a masked block without seeing exact slots. The viewer selects a block and submits a request; the system privately proposes candidate exact times to the host based on real availability, buffers, and meeting duration. Support two modes: host-approval (host picks a time from candidates) and auto-schedule (system confirms the earliest best-fit time). Place a temporary hold on candidate times to prevent double-booking until decision or timeout. Enforce per-link limits (e.g., one request per block per viewer), capture contact details, and send ICS/Calendar invites upon confirmation. Integrate with Google/Microsoft calendars, respect time zone preferences, and provide clear notifications for all parties.
Compute masked blocks from the host’s working hours, holidays, and focus blocks to ensure published windows never include after-hours or protected time. Merge multiple calendar sources and meeting templates (duration, buffers, lead time, max per day) to derive eligible windows, then mask according to granularity and fuzz rules. Handle region-specific holidays, partial-day events, and daylight saving changes. Provide per-link overrides for template selection and policy scope. Include caching and incremental recomputation to keep masked views responsive while staying consistent with real-time calendar changes.
Generate shareable masked-availability links with configurable access controls: optional passcode, allowed email domains, single-use tokens, expiration dates, and maximum views/requests. Support link revocation and regeneration without changing underlying settings. Allow per-link customization of granularity, fuzzing, and meeting template. Log access events for audit and provide simple management UI to view, pause, or expire links. Ensure links are unguessable, short, and compatible with common sharing channels.
Ensure no exact availability is leaked through side channels in the masked view. Standardize response sizes and timing for availability endpoints, avoid slot-count-dependent UI skeletons, and rate-limit probing behavior. Obfuscate internal error details, and ensure analytics and logs store only band-level signals. Provide configurable thresholds to collapse narrow gaps that could reveal precise slots. Include privacy review, automated tests for leakage scenarios, and documentation of data processing for compliance.
Generate per-link ICS feeds that auto-expire by time or view count, rotate tokens on a schedule, and support one-click revocation. Optional domain/IP binding thwarts scraping, ensuring partners see only current, minimal data without lingering access.
Create unique ICS calendar feeds per shared scheduling link, scoped to the specific timeline and filters defined by the link owner. Each feed encapsulates only the minimal, current availability/events necessary to schedule, excluding unrelated calendars or historical data. The system must generate feeds on demand with signed, opaque tokens, cache responses efficiently, and maintain compatibility with major calendar clients (Google, Microsoft, Apple). This integrates with Timeglue’s availability engine to render only compliant time windows and respect work hours, holidays, and focus blocks.
Support time-based and view-count-based auto-expiration for each per-link ICS feed. Link owners can set a precise expiry date/time, a relative TTL (e.g., 7 days), and/or a maximum fetch count. Upon expiry, the feed returns a well-formed, no-data ICS with an explanatory X-STATUS field. Provide UI and API controls to configure, preview, and update policies, plus guardrails (min/max values) and default expirations. Integrates with background jobs to invalidate caches and with audit logs for traceability.
Enable automatic rotation of feed access tokens on a configurable schedule (e.g., every 24 hours) without changing the public feed URL structure visible to recipients. Implement dual-token grace periods to avoid client breakage during rotation and ensure backward compatibility for a short window. Provide admin settings, rotation cadence presets, and webhook events for rotations. Integrate with key management, cache invalidation, and monitoring to detect failed rotations.
Provide an immediate, single-action control to revoke an individual feed or all feeds associated with a link/owner. Revocation invalidates tokens, clears caches, and forces subsequent requests to return an expired/no-access ICS response. Include confirmation prompts, undo within a brief window, and audit logging with actor, timestamp, and reason. Expose revocation via UI and API for automation workflows.
Allow optional binding of a feed to approved referrer domains and/or client IP ranges to mitigate scraping and unauthorized redistribution. Implement configurable allowlists/denylists, rate limiting, and signature-based request validation using HMAC headers. Provide clear failure responses and diagnostics to assist legitimate partners in correcting configuration. Ensure privacy-preserving logging and compliance with regional data laws.
Let link owners select exactly which fields appear in the ICS (e.g., busy/free only, event summaries redacted, organizer hidden) and limit time horizons (e.g., next 14 days). Defaults favor minimal disclosure while preserving scheduling utility. Implement server-side enforcement, schema validation, and per-link templates. Ensure that changes are reflected immediately in subsequent fetches and documented via inline ICS properties (e.g., X-PRIVACY).
Track anonymized access metrics per feed (last fetched, fetch count, unique IPs/domains, geos) and surface trends for anomaly detection (sudden spikes, out-of-geo access). Provide configurable alerts (email, Slack, webhook) for suspicious patterns, upcoming expirations, or failed rotations. Integrate with existing observability stack and respect opt-out and data retention policies.
Set graduated visibility based on recipient identity. Anonymous viewers see day-level open/closed; verified partners via SSO/OAuth see hour bands; allowlisted contacts can view narrower windows. Share the least necessary detail to move work forward safely.
Implement multi-tier recipient identification for shared Timeglue links using anonymous sessions, SSO/OAuth verification (Google, Microsoft, Okta), and allowlist token matching. On link open, determine identity and assign a trust tier without requiring a Timeglue account via signed link tokens and optional SSO handoff, persisting a short-lived session and re-evaluating on each visit. Provide secure tokenization (HMAC/rotating keys), anti-replay, and domain-based mapping for partners. Integrate with the existing smart link generator, workspace auth settings, and invite flows, exposing API/webhook events for verification state changes. Outcome: recipients are reliably mapped to the correct trust tier for least-privilege visibility across web, embeds, and calendar integrations.
Create a policy engine that maps trust tiers to data exposure levels: Anonymous shows day-level open/closed; Verified (SSO/OAuth) shows hour bands and rough availability; Allowlisted shows narrow, schedulable windows that honor work hours, holidays, and focus blocks. Enforce server-side redaction of event titles, attendees, locations, and exact times outside permitted windows. Apply rules consistently across the web UI, shared embeds, ICS feeds, API responses, and notifications. Support workspace defaults and per-link overrides, with conflict resolution and safe fallbacks. Outcome: consistent least-necessary detail is shared, eliminating accidental leakage while still enabling scheduling progress.
Provide UI and API to manage allowlisted entities by email, domain, and partner organization, assigning each a default trust tier and optional expiry. Support bulk import (CSV), domain wildcards, per-link overrides, and justification notes. Include verification flows for first-time viewers, soft matches (same domain) vs. hard matches (exact email), and conflict resolution when multiple policies apply. Integrate with workspace roles, existing contacts, and external systems via webhook/Zapier to sync partner directories. Outcome: trusted contacts seamlessly gain access to narrower windows without exposing full availability to unknown recipients.
Extend Timeglue smart links to bind a specific trust-tier policy, set expiration timestamps, enable one-time access, and allow instant revocation. Provide optional PIN protection and rate limiting to mitigate unwanted sharing and scraping. Surface link health (active/expired/revoked), last accessed timestamp, and top viewer tiers in the link dashboard. Ensure backward compatibility for existing links, and provide migration prompts to attach a policy. Outcome: link owners control how long and how widely detailed availability is visible, reducing risk while maintaining frictionless sharing.
Add creator-side previews for each trust tier to validate what recipients will see before sharing, with instant toggles and redaction highlights. For recipients, display a clear, non-intrusive banner indicating current tier and a call to verify via SSO to unlock more detail when permitted. Support inline verification without losing context, localized copy, accessible components, and mobile-responsive layouts. Provide edge-case flows for expired links, denied verification, and unsupported IdPs. Outcome: users confidently share least-necessary detail and recipients can voluntarily upgrade their tier to schedule faster.
Capture immutable, privacy-aware logs of access events including link ID, viewer identity signals (email/domain/IdP), assigned trust tier, timestamps, geo/IP (masked), and viewed scope (day-level/hour bands/narrow windows). Provide workspace-level reports and exports with filters (time range, link, tier, partner), retention policies, and SIEM/syslog export. Trigger alerts for unusual patterns (e.g., excessive anonymous hits, cross-region scraping). Integrate with Timeglue’s admin console and existing analytics. Outcome: organizations can demonstrate compliance, investigate incidents, and optimize trust policies.
Protect against inference and scraping with randomized boundary jitter, response caching, and anomaly detection. Suspicious patterns are throttled or challenged, keeping masked windows useful to humans but opaque to automated collectors.
Introduce controlled randomization to the displayed start/end boundaries of availability windows on smart links and embeds, making precise inference by automated collectors impractical while preserving human usability. Jitter amplitudes (e.g., ±3–7 minutes) are tenant-configurable with safe caps and never permit bookings outside true constraints (work hours, holidays, focus blocks). The UI renders jittered boundaries, but server-side booking enforcement uses the canonical windows, ensuring no after-hours invites. Jitter is seeded per link and viewer context (e.g., link ID + coarse UA/geo + day) using a secret to prevent averaging attacks across repeated requests while keeping a consistent view within a short session. Integrates with link rendering API, calendar previews, and ICS exports (exports remain canonical). Includes ramp controls, A/B flags, and audit logs.
Add a response caching tier for smart link availability that groups requests into coarse buckets (e.g., 15-minute time slices, device class, region) so repeated probes receive identical cached responses, reducing variance signals used by scrapers. Configure sensible TTLs and cache keys to avoid leaking fine-grained differences (query param sweeps, minute-by-minute changes). Ensure correct Vary headers, CDN compatibility, and cache stampede protection. Provide cache bypass for authenticated owners and canonical booking flows while maintaining opaque, stable outputs for anonymous viewers. Include cache invalidation on schedule changes and guard against timing-based inference by padding generation times as needed.
Implement a real-time scoring pipeline that detects suspicious fetching patterns such as high request rates, parameter sweeps, coordinated IP rotations, inconsistent headers, and off-hours probing. Use sliding windows and weighted signals to compute a risk score that triggers graduated responses: soft rate limits, response delay/padding, degraded data, or block/challenge. Operate initially in shadow mode to tune thresholds, then enforce with tenant-level overrides and safe defaults. Log incidents with evidence for review and support targeted allow/deny rules. Integrates at API gateway and application layers for consistent behavior across web, embed, and API endpoints.
Provide an adaptive challenge flow (e.g., Turnstile/hCaptcha, proof-of-work, or simple interaction checks) that activates only when the anomaly score exceeds a threshold or when behavior continues after throttling. While challenged, show blurred or coarsened availability until completion; after pass, grant normal access for a grace window. Ensure accessibility, localization, and mobile usability; exempt authenticated owners and whitelisted service IPs. Record challenge outcomes to retrain thresholds and reduce false positives. Integrate with the link viewer, embed, and API error model with clear messages and retry guidance.
Deliver an admin console with live metrics and historical analytics for Jitter Guard: request rates, anomaly scores, throttle/challenge events, pass/fail rates, top offending ASNs, and cache hit ratios. Provide per-tenant configuration of jitter amplitude, cache TTLs/buckets, anomaly thresholds, and allow/deny lists with role-based access controls and audit trails. Include alerting (email/webhook) for spikes and automated recommendations to adjust settings. Export logs to SIEM via webhooks or OpenTelemetry. Ensure privacy by redacting PII and aggregating sensitive fields.
Normalize response sizes, headers, and timing across similar requests to reduce side-channel leakage that could reveal exact boundaries or internal decisions (e.g., padding responses, consistent error bodies, disabling overly specific error codes). Randomize non-critical ordering (e.g., slot lists) while preserving human-readable sorting. Enforce minimum visible window widths and 5-minute grid alignment to keep the UI legible despite jitter. Ensure booking APIs, ICS files, and notifications remain canonical and consistent with server rules. Conduct red-team style tests for binary-search attacks on boundaries and add mitigations for HEAD/OPTIONS probing.
Let recipients one-click propose times inside open windows. Timeglue confirms exact slots on your calendar and returns holds/invites without revealing precise availability, cutting back-and-forth while preventing oversharing.
Provide a recipient-facing scheduling view that displays organizer-defined open windows as selectable blocks without exposing granular free/busy. Auto-detect the recipient’s time zone, render times in local format, and support variable meeting durations defined by the organizer. Enable one-tap selection on web and mobile, enforce window boundaries and minimum/maximum lead time, and validate that proposed times respect work hours, holidays, focus blocks, and buffers. Limit the number of concurrent proposals per recipient, support accessibility (keyboard navigation, ARIA), and localize labels and date formats. Integrate with existing Timeglue smart links and draggable timeline windows so recipients can seamlessly propose within the allowed ranges.
Upon proposal, perform a real-time availability check across the organizer’s connected calendars, applying Timeglue rules (work hours, focus blocks, holidays, buffers). Atomically select an exact slot within the chosen window and place a tentative hold with a unique identifier to prevent double-booking. Support Google and Microsoft calendars, multi-calendar selection, and resource calendars. Define auto-approval rules (e.g., known contacts, meeting type) to convert holds to confirmed invites, or route for manual approval. Provide immediate success/failure responses to the recipient and update the organizer’s calendar with a hold description, attendees, and metadata. Ensure idempotency and retry safety for network interruptions.
Ensure recipients never see precise free/busy data by only rendering organizer-defined open windows and abstracted time ranges. Prevent inference attacks by avoiding granular edge disclosures, applying optional slot-edge rounding, throttling repeated probes, and suppressing error messages that reveal availability details. Redact sensitive content from notifications, ICS descriptions, and API responses. Offer configurable privacy levels (standard, strict) and provide audit logs for access. Comply with organizational privacy policies while maintaining a smooth proposal experience.
Detect race conditions and conflicts caused by simultaneous submissions or late calendar changes. If a hold cannot be placed, instantly suggest the nearest viable alternatives within the same windows that meet duration and buffer rules. Support first-come, first-served locking with transactional consistency, a brief grace period queue, and optional auto-shift within the window. Provide clear UX to reselect, and preserve prior form inputs. Log outcomes for analytics (drop-off, conversion) and expose webhooks/events for downstream workflows.
Send timely notifications to organizers and recipients when proposals are submitted, holds placed, accepted, rescheduled, or canceled. Include branded emails, Slack notifications, and ICS attachments for tentative holds and confirmed events. Respect user notification preferences and quiet hours. Update or cancel calendar holds when changes occur, maintain RSVP status, and send reminders before the meeting. Provide links to manage the proposal, add agenda notes, or cancel gracefully with automatic release of holds.
Add controls to Safe Propose links including visibility (public, invitee-only, domain-restricted), expiration dates, maximum proposals per recipient, and per-link rate limiting/CAPTCHA to curb abuse and scraping. Allow revoke/regenerate actions and immediately reflect changes to windows and rules on existing links. Track access in an audit trail with IP, user agent, and referrer; support UTM parameters for source attribution. Ensure tokens are scoped, short-lived where appropriate, and stored/validated securely server-side.
Maintain a privacy-first audit trail of who accessed which link, at what trust tier, and what actions they took. Exportable logs demonstrate compliance and build internal trust that masked sharing protects sensitive schedules.
Implement an append-only ledger that records every access to a Timeglue smart link and every subsequent action (view, propose, book, reschedule, decline, add-to-calendar) with precise timestamps, link identifiers, workspace, pseudonymous actor ID, resolved trust tier, request metadata (IP region, user agent), and outcome codes. Events are written asynchronously to a durable, write-optimized store with idempotency keys, backpressure, and retry logic to ensure completeness without impacting link performance. Personally identifiable data is never stored in cleartext; use salted hashing and field-level redaction aligned with Ghost Ledger privacy objectives. The ledger integrates with existing link and booking services via an event bus, supports high volume from shared links, and exposes a consistent schema for downstream querying and export.
Determine and record a trust tier for every access session using multiple signals: signed link tokens, workspace membership, SSO/OAuth identity, email verification, prior collaboration history, and network heuristics. Persist both the resolved tier (e.g., Owner, Member, Trusted External, Anonymous) and the attribution rationale. Degrade gracefully when identity is partial by using stable pseudonyms and tier fallbacks. Provide a synchronous API for link services to request tier decisions and an asynchronous stream that updates events if attribution improves during a session. Caches recent decisions to minimize latency and integrates with Timeglue’s existing sharing and permissions model.
Define a canonical action vocabulary (view_window, view_masked_details, propose_slot, book_slot, cancel, reschedule, export_ics) and a structured payload schema that captures context (link scope, time range viewed, fields touched) while enforcing field-level redaction for sensitive schedule data (exact titles, attendee lists, notes). Provide workspace-configurable redaction policies and allow per-link overrides to align with masked sharing. Apply redaction prior to persistence and export, and version policies so each event records the redaction profile used. Ensure compatibility with holidays, working hours, and focus blocks so metadata is auditable without leaking content.
Deliver an in-app Ghost Ledger console for authorized roles with fast search and filtering by date range, link ID, workspace, actor pseudonym, trust tier, action type, and outcome. Provide event timelines per link and per actor, pagination for large result sets, and deep links for sharing internal investigations. Enforce role-based access controls and workspace boundaries. Optimize queries via indexed storage and time-partitioned datasets to keep UI responsive under high event volumes. Integrate with Timeglue’s admin navigation and respect workspace time zone settings.
Enable export of selected audit events and summaries to CSV and JSON, plus a signed PDF report that aggregates key metrics (access counts by trust tier, action distribution, top links, anomalies). Support date and filter scoping, server-side generation for large datasets, and download links with expiration. Provide an API for automated exports and scheduled delivery to email or external storage. Normalize timestamps to a chosen time zone and include a data dictionary with field definitions in each export.
Add cryptographic integrity to the ledger by hashing each event and linking it into a rolling hash chain with periodic checkpoints signed by a KMS-managed key. Store checkpoints separately and expose a verification endpoint that recomputes hashes over a range to detect insertion, deletion, or modification. Optionally write immutable copies to WORM-compatible storage. Surface integrity status in the admin console and flag gaps or corruption for investigation.
Provide workspace-level controls for retention duration, automatic purge or anonymization, legal holds, and data residency. Support subject rights workflows by enabling lookup and targeted anonymization of pseudonymous actor IDs without breaking hash-chain verification for unaffected ranges. Record consent signals and policy versions applied to each event. Offer defaults that minimize data retention while meeting typical audit requirements, with auditability of all policy changes.
Let teammates opt into cultural and life-pattern preferences—observance windows, Fridays off, school runs—without exposing sensitive details on their calendars. Culture Clock honors these profiles in every suggestion and link, so you avoid unintentionally intruding. Admins can set org defaults by locale while individuals fine‑tune theirs, ensuring respectful scheduling that stays consent‑based and private.
Define a structured, privacy-first profile that captures cultural and life-pattern preferences (e.g., observance windows, Fridays off, school runs), working hours, locale, and holiday sources without exposing sensitive details. Provide granular visibility controls (private by default), data minimization, and encryption in transit/at rest. Include a self-service UI for users to opt in, edit, and fine-tune preferences, with clear previews of the impact on availability. Ensure the system exposes only availability outcomes to others, never the underlying reasons, and integrates seamlessly with existing account settings and onboarding flows.
Extend the scheduling engine to interpret Respect Profiles as hard and soft constraints, honoring protected windows, work hours, and holidays across time zones. Ensure suggestions and auto-scheduling exclude protected time unless an explicit, approved override exists. Support multi-participant aggregation, constraint precedence, and tie-breaking rules, with performance optimizations for large participant sets. Provide deterministic, reproducible outputs and robust handling of edge cases (e.g., no feasible windows), returning clear, privacy-preserving guidance for organizers.
Enable admins to define organization-level default Respect Profiles by locale/region, including standard work hours, common observance patterns, and holiday calendars. Apply defaults automatically to new users based on location or group membership, with opt-in prompts and user-level fine-tuning. Provide policy versioning, change previews, and impact analysis before rollout. Support importing trusted holiday sources and mapping employees to multiple locales when needed, while keeping individual settings private from peers.
Update Timeglue’s scheduling links to enforce the owner’s Respect Profile end-to-end. Show invitees only the time slots that comply with protected windows, work hours, and holidays, adjusted to each viewer’s time zone. Do not disclose reasons for unavailability; present only permissible slots. Support multi-host links, expiration and tokenization, and fallback flows when no slots are available (e.g., request an exception). Ensure seamless compatibility with existing link-sharing and calendar invite flows.
Provide a structured exception workflow for cases with limited or no feasible windows. Allow organizers to request a one-time override specifying candidate times; notify affected users to approve, deny, or propose alternatives without revealing sensitive details. Apply overrides narrowly (time-bound/single event), log consent, and reflect the override in the scheduling engine. Include clear UX nudges, reminders, and audit trails for compliance while keeping privacy protections intact.
Introduce privacy-preserving conflict indicators in suggestions and calendar overlays that explain why a time is unavailable without revealing specifics (e.g., “Unavailable—protected window”). Indicate constraint severity (hard vs. soft) and provide actionable guidance (try earlier/later) while maintaining confidentiality. Ensure accessible visual design and consistent messaging across web, extensions, and API responses, with redacted reason codes for external consumers.
Expose secure APIs to manage Respect Profiles and defaults with fine-grained scopes and audit logging. Support SCIM/HRIS sync for locale, work hours, and holiday sources; allow ICS/CalDAV imports for holidays; and emit webhooks on profile changes. Provide OAuth-based access control, rate limiting, and enterprise configuration options. Deliver comprehensive documentation and mapping guides to keep Timeglue aligned with source systems while minimizing data exposure.
Auto-detects daily and weekly observance windows (e.g., prayer times, sundown eves, fasting breaks) by locale and season and quietly steers suggestions away from them. Proposes nearby alternates that keep agendas intact, with optional micro‑buffers before/after for travel or preparation. Keeps recurring meetings aligned as daylight changes, so a courteous plan stays courteous.
Build a rules-driven engine that computes daily and weekly observance windows by locale and season, supporting both fixed weekly windows (e.g., sundown-to-sunset periods) and variable daily windows calculated from astronomical events (e.g., sunrise/sunset-based prayer times). Ingest and reconcile authoritative data sources and calculation methods per locale, honor time zones and DST, and expose normalized windows via an internal API with caching, versioning, and automated refresh. Provide locale inference from user/org settings with secure overrides, and degrade gracefully with safe defaults if data is unavailable. Output integrates with Timeglue’s constraint solver so observances are treated as schedule constraints alongside work hours, holidays, and focus blocks.
Provide per-user and team-level settings to declare observance participation, strictness (hard block vs. soft preference), preferred calculation method where applicable, and default micro-buffer behavior. Allow discreet opt-in detection based on working location with explicit confirmation, and enable overrides for travelers or multi-location teams. Expose policy controls for admins (e.g., default strictness, allowed overrides) and merge preferences with organizational working hours and focus blocks to produce a unified availability profile per participant.
Extend the suggestion engine to automatically steer away from detected observance windows across all invitees. When a proposed time conflicts, compute and rank nearby alternates that preserve meeting duration, agenda requirements, and fairness across time zones. Incorporate user-defined strictness and buffers, explain conflicts to organizers privately, and present neutral, privacy-safe indicators to other participants. Provide controls to nudge earlier/later windows and batch-generate options for multi-day ranges.
Introduce configurable pre- and post-observance buffers at user, team, and meeting levels to allow travel, preparation, or recovery time. Ensure the scheduling engine enforces these buffers when generating suggestions and when validating manual time selections. Provide sensible defaults by locale and observance type, detect back-to-back risks across observance boundaries, and surface unobtrusive nudges to widen gaps where needed.
Maintain courtesy for recurring meetings as daylight and seasons change by recalculating each occurrence against evolving observance windows and DST shifts. Support rules such as “anchor to remain outside observance” and offer organizer previews of upcoming adjustments with one-click apply to all or selected occurrences. Generate calendar exceptions, notify impacted participants, and preserve agenda integrity and meeting length while minimizing disruption.
Design UI and messaging that quietly guide organizers away from observances without exposing sensitive personal information. Show neutral “unavailable” indicators in shared views, provide specific context only to the affected user and, when appropriate, the organizer, and require explicit consent for overrides that intrude on hard-blocked observances. Localize copy, meet accessibility standards, and log courtesy-related changes for auditability while storing only minimum necessary metadata.
Synchronize observance windows and applied buffers to connected calendars (Google, Microsoft) as generic busy periods and ensure scheduling suggestions respect provider-side visibility and sharing settings. Update ICS feeds with neutral labels, handle provider-specific recurrence/exception behavior, and reconcile changes when external edits occur. Avoid exporting sensitive classifications, and provide webhooks to notify Timeglue when provider-side data impacts observance-aware availability.
Protects common family logistics like school drop‑off/pick‑up with adjustable buffers per region. When a proposed slot touches those windows, Culture Clock flags it and offers aligned alternates that preserve work hours. Supports one‑off exceptions for special events without rewriting the whole series.
Enable users to define recurring school drop‑off/pick‑up windows with adjustable pre/post buffers per region and time zone. Windows can be configured by weekday and date range, are DST-aware using IANA time zones, and can inherit from team defaults while allowing personal overrides. The system treats these as protected blocks that take precedence over suggested meeting times, evaluated alongside existing work hours, holidays, and focus blocks. Supports multi-region scenarios (e.g., travel) with prioritized active region selection and automatic re-alignment of windows. Includes a draggable timeline UI for painting protected periods, precise time inputs for buffers, and validation to prevent overlap or impossible schedules. Data is stored as versioned policies to allow rollback, with audit metadata for changes.
Detect and flag proposed meeting slots that touch protected school‑run windows across all scheduling surfaces (timeline composer, calendar overlay, booking flow, and API). Indicators include inline badges, color overlays, and reason codes specifying which participant(s) are affected and which policy triggered the flag. Provides configurable behaviors: block hard conflicts, warn on adjacent slots within buffer, and require acknowledgment or alternative selection. Ensures accessibility (ARIA announcements, high-contrast visuals) and localizes messages. Logs every flag decision with inputs (participants, regions, constraints considered) for supportability and analytics.
When a conflict is detected, generate a ranked list of alternate meeting slots that preserve all participants’ defined work hours and avoid protected school‑run windows, focus blocks, and holidays. The suggestion engine evaluates cross‑region overlaps, fairness (rotating early/late burden), participant availability constraints, and organizer preferences (meeting length, earliest/latest bounds). Results are limited to a configurable number of options, explainable (each suggestion shows why it works), and returned via UI and API. Includes tuning parameters (fairness weight, buffer strictness) and fallbacks when no perfect slot exists (e.g., propose the least intrusive option with clear disclosure).
Allow users to create single‑date or short‑range exceptions that temporarily relax or modify school‑run protections without altering the underlying recurring series. Exceptions support specifying date(s), adjusted times/buffers, reason, and auto‑expiration. The system clearly indicates an active exception in the timeline, applies it to conflict checks and suggestions for the affected period only, and reverts automatically after expiry. Includes guardrails based on team policy (who can create, required approvals) and maintains an auditable history of overrides with user, timestamp, and scope.
Ensure all shared scheduling links respect School Run Shield policies. Public recipients see protected windows as unavailable with a concise, privacy‑preserving explanation banner (e.g., "Protected family time in this region") and contextual suggestions surfaced inline. Attempted bookings that touch protected windows are prevented or rerouted to alternates based on policy. Link tokens carry a snapshot of applicable constraints to ensure consistent behavior even if policies change mid‑flow, and invite/ICS descriptions annotate why certain ranges were excluded. Supports localization, theming, and embed modes while minimizing leakage of personal details.
Provide administrators with organization‑level defaults and region templates for school‑run protections, including standard windows, buffer recommendations, and enforcement levels (block vs warn). Roles and permissions define who can view, edit, or override policies, with optional approval workflows for exceptions. Includes privacy controls to obfuscate personal details (display generic reasons instead of exact labels) and visibility rules (e.g., policy presence vs exact times). Offers import/export of policy templates, change notifications, and audit/compliance logs integrated with SSO/SCIM groups.
Integrate with Google and Microsoft calendars to optionally ingest school/family events and region holiday calendars that may affect school‑run timing. Uses least‑privilege, read‑only scopes and webhooks/polling for reliable sync. Users can map specific calendars as "School" and configure rules (e.g., suspend morning drop‑off protection on school‑closure days or extend buffers during known events). Public holidays are resolved by participant region and applied alongside work hours. The system reconciles conflicts between imported events and recurring policies, surfaces discrepancies for review, and gracefully degrades during sync outages with clear status indicators.
Understands midday rest patterns where split shifts are common and marks those periods as fragile by region. Suggests morning or late‑afternoon overlaps or compressed sessions instead of intruding on rest hours. Helps global teams avoid low‑energy time slots and improves attendance and engagement.
A maintained, versioned dataset of midday rest patterns by country, region, and city (with industry-specific variations), encoding typical start/end windows, variability ranges, seasonal shifts, and a fragility score. Includes data lineage, confidence levels, and fallback rules when a region is unknown. Provides localization, caching, and a scheduled update pipeline that ingests trusted public labor sources and curated user feedback. Exposes a query interface for the scheduling engine to retrieve applicable siesta windows per participant.
Extend Timeglue’s constraint solver to treat siesta windows as soft constraints with tunable thresholds. Combine work hours, holidays, focus blocks, and siesta fragility to compute a ranked set of candidate meeting times. Bias scoring toward morning and late‑afternoon overlaps and propose compressed sessions when overlap is limited. Provide deterministic behavior with clear conflict reasoning and deterministic tie‑break rules. Configurable at workspace, team, and event levels.
Add a visual overlay to the draggable timeline showing siesta windows with distinct color/pattern and a legend. Tooltips reveal local time, fragility score, rationale, and suggested alternative windows. Supports zoom levels, responsiveness, dark mode, and keyboard/screen‑reader accessibility (ARIA labels and high‑contrast patterns). Users can toggle the overlay per invitee or aggregate view and export a screenshot for async discussion.
Infer participant region/time zone from calendar metadata and user profile with explicit consent, and allow manual selection when inference is uncertain. Store only minimal region granularity required for scheduling, with clear settings to opt out or adjust precision. Provide compliant data handling (GDPR/CCPA), retention policies, consent logs, and a privacy-safe mode that uses generic regional defaults without personal data.
Enable organizers and invitees to override fragile siesta slots with explicit confirmation, reason capture, and scope (single event or series). Notify affected participants, record consent in event metadata, and display conflict badges in the UI. Provide workspace policies to prevent overrides, require majority consent, or limit overrides to admins. Include an audit trail and API support for compliance reporting.
Collect optional post‑meeting signals (attendance, declines, no‑shows, quick emoji energy ratings) to assess slot quality. Aggregate and anonymize metrics to refine fragility scores and suggestion bias per region/team over time. Provide dashboards with KPIs (attendance delta, average energy rating by slot, override frequency) and a feedback API. Opt‑in controls and data deletion tools included.
Augment Timeglue smart links to hide fragile siesta times by default and annotate visible windows with brief explanations. Include parameters to enforce morning/late‑afternoon bias, show/hide fragile times, and request consent if a fragile slot is chosen. Ensure ICS and external calendar compatibility and expose siesta‑aware availability via API for third‑party booking tools.
Scores each proposed slot or series on cultural respect, factoring observances, siestas, family windows, and local customs. Shows what drives the score and offers one‑click improvements, so you can defend choices to stakeholders and pick the most considerate option. Pair with FairShare to balance both equity and respect across time zones.
Foundational data service that normalizes and maintains per-locale cultural context used by Respect Index. Aggregates public holidays, regional observances, siesta/midday breaks, weekly worship/prayer times, school-run/family windows, and local “no‑meeting” customs, mapped to time zones and participant locales. Supports recurring rules, exceptions, daylight saving changes, and per-user overrides. Includes update cadence (daily diff ingest), conflict resolution (company policy > user preference > public source), and graceful fallbacks when data is missing. Exposes a query API for the scoring engine with low-latency lookups and caches, and an admin UI to review/edit data and audit provenance. Ensures privacy by storing only normalized rule windows, not sensitive personal context, unless explicitly provided by the user.
Deterministic, explainable scoring model that evaluates each candidate slot and recurring series on a 0–100 Respect Index. Factors include participant work hours, cultural context windows, individual preferences (e.g., child care), company policies, and sensitivity to late/early hours. Supports per-participant penalties/boosts, diminishing returns, and configurable weightings. Computes both per-slot and series-average scores with outlier detection (e.g., one participant severely impacted). Must operate within sub‑150ms per candidate slot at P95 with vectorized lookups from the context layer and handle incomplete data via conservative heuristics. Returns structured output: overall score, per-driver contributions, impacted participants, and improvement hints.
UI and API surfaces that reveal why a slot or series scored as it did. Presents a breakdown of top drivers (e.g., “Conflicts with siesta in Madrid: −18”, “Within preferred focus hours in NYC: −12”), per-participant impact, and visual overlays on the timeline. Includes tooltips, an expandable details panel, and accessibility support (keyboard, screen readers). Offers “why not higher?” diagnostics and highlights the minimal change needed to reach target thresholds (e.g., +30 minutes shift). Data is exportable for sharing with stakeholders.
Actionable suggestions that automatically adjust proposals to improve respect without violating required constraints. Generates nearby alternatives, series offsets (e.g., start 15 minutes later), duration tweaks, and rotating inconvenience patterns. Shows projected new score and participant impact before applying. Integrates with FairShare to jointly optimize equity and respect, offering trade‑off sliders (e.g., maximize respect with minimum fairness deviation). Supports undo, applies changes to invites/links, and logs decisions for audit.
Configurable framework for admins and team owners to tailor the Respect Index to organizational norms. Provides preset templates (e.g., EMEA‑first, APAC‑friendly) and granular weights for penalties (late evening, Friday afternoons, prayer times) and boosts (core overlap windows). Supports per-team, project, and user-level overrides; temporal exceptions; and versioned policies with effective dates. Includes a simulation mode to preview how policy changes affect typical schedules before rollout.
End‑to‑end logging of scores, selected options, overrides, and improvement actions to create a defensible record. Generates shareable reports that summarize the chosen slot/series, alternatives considered, rationale, and impact by participant/region. Supports export to PDF/CSV and redaction of sensitive details. Includes retention settings and access controls to meet compliance needs.
Extends Timeglue smart links and calendar invites to display a Respect Index badge and a concise explanation of key drivers. Ensures recipients can view score context without logging in, with privacy safeguards and minimal data exposure. Embeds into ICS descriptions and integrates with Google/Microsoft add‑ons where available. Provides themeable, accessible components and localized content.
Adds a friendly note to invites and smart links explaining how the chosen time respects local customs (without exposing personal details). Builds trust with customers and candidates, reduces reschedules, and signals your team’s cultural care. Templates localize automatically by language and region.
Deterministically generates a concise, human-friendly explanation for why a proposed meeting time is considerate for each recipient, based on their locale, region-specific holidays and working week patterns, and configured working hours/focus blocks—without revealing personal details. Consumes Timeglue’s availability model, holiday calendars, and recipient locale signals to produce normalized “reason codes” (e.g., respects_work_hours, avoids_holiday, avoids_lunch_hour) mapped to message templates. Supports multi-recipient meetings by selecting the most universally considerate rationale or per-recipient variants where supported. Handles edge cases (e.g., daylight saving transitions, Friday/Sunday weekends, half-days) and exposes a stable API for downstream rendering in links, invites, and emails with sub-200ms latency and idempotent outputs.
Provides a template library that localizes the polite note by language and region, with support for pluralization, regional variants (e.g., en-GB vs en-US), and culturally appropriate phrasing. Templating binds to reason codes and safe placeholders (e.g., weekday name, local time window) and applies tone rules while enforcing brevity limits. Includes translation management (import/export, versioning, fallback chains), QA tools (pseudo-localization, automated checks for placeholder coverage), and runtime locale resolution from recipient signals (link parameters, browser language, calendar attendee locale) with graceful fallbacks.
Integrates polite context into Timeglue smart booking links and calendar invites. Renders the note dynamically on the booking page as slots are selected and includes it in confirmation emails and event descriptions for Google Calendar, Outlook, and ICS exports using formatting-safe markup. Ensures compatibility with existing invitation content, prevents duplication on updates, and respects per-recipient variants when possible. Provides feature flags and API hooks for partners, and maintains accessibility (ARIA labels, screen-reader friendly) across web and mobile.
Enforces strict privacy rules so polite notes never expose personal details or sensitive attributes. Limits content to high-level considerations (e.g., within local work hours, avoids holiday) and automatically redacts or blocks phrases that could reveal individual schedules (exact focus block names), health, religion, or other sensitive data. Includes a compliance rules engine, PII detection, allow/deny lists, audit logs, and region-aware policy presets. Defaults to safest messaging when signals are ambiguous, and documents processing purposes for DPA/record-keeping.
Offers org- and team-level settings to enable/disable Polite Context, choose tone (formal, friendly, concise), and select which consideration types are allowed (work hours, holidays, lunch, prayer times where permitted by policy). Supports per-audience presets, character limits, and brand lexicon controls. Includes template override UI with versioning, approval workflow, change history, and instant rollout via remote config. Provides sandbox preview and safe-guard checks before publishing changes.
Adds a preview panel in the scheduling flow showing the exact polite note that recipients will see for selected times, with live updates as times change. Allows constrained, inline edits (e.g., swapping synonyms) while preserving policy compliance via real-time linting and hard stops on disallowed content. Supports per-recipient previews for multi-time-zone meetings, mobile responsiveness, and accessibility standards. Provides a reason breakdown tooltip to explain the generated note for user confidence without exposing sensitive inputs.
Measures the effect of Polite Context on booking outcomes, including acceptance rate, time-to-book, and reschedule rate, with regional and language segmentation. Supports A/B and multivariate tests across templates, tones, and inclusion of specific consideration types. Provides dashboards, CSV export, and privacy-safe event instrumentation, while controlling for confounders (e.g., sender, segment, time-of-day). Exposes experiment toggles in admin and integrates with existing analytics pipelines.
Click any flagged window to see the specific cultural reason—e.g., Maghrib prayer, school pick‑up, regional siesta—and receive instant alternates that resolve the issue. Educates bookers in the moment and prevents repeat mistakes. Clear explanations keep negotiations respectful and fast.
Back-end service that evaluates proposed meeting windows against participant locales, time zones, organizational policies, and known cultural calendars to identify and flag sensitive times. Consumes sources such as public holiday feeds, regional siesta schedules, prayer time computations by location, and user-defined focus/blocked blocks. Outputs standardized reason codes, human-readable labels, affected participants, and severity. Integrates with the timeline, availability API, and smart links to surface flags in real time across multi-participant scenarios. Supports caching and freshness windows, DST handling, and per-user overrides while preserving privacy by avoiding exposure of personal religious or health data.
Interactive UI panel activated by clicking any flagged window on timelines and booking links. Displays a concise, plain-language explanation of the sensitivity, which attendees are impacted, the rule source (policy, calendar, computation), and the time range affected. Provides guidance on how to proceed, including quick actions to view alternates or adjust constraints. Designed for sub-200 ms open time, keyboard navigation, screen-reader labels, and responsive layouts. Logs interactions for analytics without storing sensitive content in the client.
Suggestion engine that generates conflict-free alternate meeting slots when a flagged window is selected. Respects all participants’ work hours, focus blocks, holidays, fairness rotation rules, and organizer constraints like meeting length and buffer times. Returns a small ordered set of options with rationale (e.g., avoids Maghrib by 45 minutes, within all work hours) and supports one-click replacement in the invite or link. Handles partial attendee acceptance, time zone normalization, and deduplication across calendars. Exposes service endpoints for both UI and API consumers.
Content templating and localization system that renders culturally respectful, jargon-free explanations in the user’s language and regional formats. Includes tone guidelines, glossary tooling, RTL support, and fallback phrasing when specifics cannot be disclosed. Maps reason codes to localized names (e.g., Maghrib prayer), dates/times, and links to learn more where appropriate. Ensures privacy by generalizing sensitive personal contexts and honoring org redaction settings.
Administrative controls to configure which sensitivity categories apply, their strictness levels, and scope by team, role, or region. Supports custom blocked windows, policy-based overrides, computation method selection for prayer times, and data source management for holidays. Provides audit logs, versioning, and a change-preview mode to see how policies affect typical schedules. Exposes SCIM/SSO-based provisioning for policy assignment and GDPR-compliant data handling options.
Privacy-preserving telemetry capturing flag views, explanation opens, alternate suggestion acceptance, and dismiss reasons to measure effectiveness. In-UI feedback (“Not relevant”, “Already acceptable”) trains heuristics to reduce false positives and improve ranking of alternates. Includes dashboards and export for PMs and ops, retention controls, and automated alerts for data drift (e.g., holiday feed failures).
Innovative concepts that could enhance this product's value proposition.
Auto-rotates recurring meetings to spread pain fairly across time zones. Shows a fairness score and suggests next-slot rotations that never break work-hour guardrails.
SSO-gated booking links that enforce role-based windows, attendee caps, and per-account quotas. Block outsiders from prime hours while keeping compliant audit trails.
Paintable team heatmap revealing safest overlap by hour and region. Drag to carve windows and watch conflict, holiday, and focus-block risk meters update live.
One-click surge mode temporarily expands acceptable windows for incidents, launches, or quarter’s end, then auto-sunsets. Requires approval, logs exceptions, and nudges back to normal.
Detects your domain and auto-imports work hours, holidays, and teams from HRIS/IdP, proposing sane defaults. New orgs get ready-to-book in minutes.
Share masked availability with external partners—show open/closed without exact times. Ephemeral ICS tokens and per-link calendars prevent scraping and protect contractor privacy.
Suggests culturally respectful windows beyond holidays—avoiding prayer times, siestas, and school runs per locale. Flags fragile periods and proposes alternates automatically.
Imagined press coverage for this groundbreaking product concept.
Imagined Press Article
San Francisco, CA — September 1, 2025 — Timeglue, the time zone scheduling platform built for remote team leads at startups and agencies, today announced FairShare, a new suite that distributes the burden of cross‑region meetings fairly while honoring work hours, holidays, and focus time. FairShare ends the silent tax on the same people taking after‑hours calls, replacing ad‑hoc compromises with transparent, defensible rotations that work for humans and comply with local labor rules. FairShare addresses a widespread reality: global teams rely on recurring standups, reviews, and planning sessions, but the cost of inconvenient hours often falls on the same regions and roles. Leaders struggle to balance equity, velocity, and compliance without spending hours in spreadsheets or triggering resentment. FairShare automates the heavy lifting with clear rules, a visible ledger, and smart suggestions that keep meeting windows humane. At the core of FairShare are role‑aware policies and live simulations that show the impact of each cadence before it locks. Role Weights let organizations assign lighter weights to candidates, customers, or protected roles and heavier weights to senior or rotating duty roles. Time Debt tracks cumulative after‑hours minutes at the person level and proposes payback rotations that restore balance. When a planned rotation collides with a holiday or culturally sensitive period, Holiday Swap offers the next fair slot or a cross‑swap that preserves the longer‑term equity curve. Series Balancer coordinates fairness across multiple recurring meetings so the same person isn’t repeatedly penalized across standups, retros, and reviews. FairShare also meets teams where real life happens. Swap Market allows attendees to propose one‑off trades within fairness constraints, with automatic recalculation of debt and credit. Legal Limits encode locale labor rules and rest‑period requirements, blocking suggestions that risk non‑compliance and surfacing safe alternates with a plain‑English explanation of why a slot was ruled out. Before a plan is published, Fairness Simulator projects the next quarter’s rotations and shows equity and legal outcomes by person and region, so leaders can adjust cadence, duration, or weights with confidence. “Fairness isn’t just a value—it’s an operational system,” said Maya Ingram, CEO of Timeglue. “Global collaboration shouldn’t rely on martyrdom or manual spreadsheets. FairShare turns equity into a first‑class constraint alongside time zones, holidays, and focus blocks, so teams can move fast without burning trust.” Early customers report measurable gains in morale and predictability. “We run engineering and design across six time zones,” said Mateo Alvarez, Head of Engineering at NimbusStack. “FairShare made our rotations transparent, cut down on late‑night surprises, and gave us a credible way to repay after‑hours minutes. People trust the plan because the rules are clear and the ledger is visible.” Compliance teams value that fairness never comes at the expense of policy adherence. “The combination of Legal Limits and the Fairness Simulator helps us prove we’re making responsible choices,” said Priya Narayanan, Employment Counsel at Northbridge Labs. “We can show auditors and employees the exact rule that applied to a blocked time and the safe alternates that were considered. It’s equity we can defend.” FairShare fits directly into the way remote leaders already schedule. On Timeglue’s paintable Heatmap Canvas, team leads drag to carve acceptable overlap windows that honor work hours, holidays, and focus blocks. FairShare then layers in equity: it scores each proposed series, suggests the best rotation plan, and publishes it to smart links that prevent after‑hours invites. When a surge week or launch window requires exceptions, FairShare coordinates with Timeglue’s Surge controls to cap exposure, require approvals, and automatically schedule a cooldown that pays back Time Debt. Availability and pricing: FairShare is generally available today for Timeglue Pro and Enterprise plans at no additional cost through Q4 2025. Role Weights, Time Debt, Holiday Swap, Series Balancer, Swap Market, Legal Limits, and Fairness Simulator are included at launch. Admin APIs for fairness dashboards and HRIS exports enter private beta later this month. Existing customers can enable FairShare from Admin Settings. New teams can start a 14‑day trial and import rosters and work‑hour policies in minutes with Timeglue’s Quick Connect. Security, privacy, and transparency are built in. FairShare explanations show the “why” behind each suggestion, and every change is logged alongside who approved it and which rule version applied. Timeglue encrypts data in transit and at rest, supports SSO via Okta and Azure AD, and provides exportable logs to satisfy audits. About Timeglue: Timeglue is time zone scheduling software that finds sane cross‑region meeting windows while honoring work hours, holidays, and focus blocks. Built for remote team leads at startups and agencies, it ends time zone math and back‑and‑forth with a draggable timeline, smart links, and safeguards that prevent after‑hours invites. Customers use Timeglue to align calendars, protect focus time, and scale global operations respectfully. Call to action: To learn more about FairShare or to request a demo, visit timeglue.com/fairshare. A media kit with screenshots and customer stories is available at timeglue.com/press. Media contact: Timeglue Communications press@timeglue.com +1 415 555 0139 www.timeglue.com/press
Imagined Press Article
San Francisco, CA — September 1, 2025 — Timeglue today unveiled Gatekeeper Links, a new layer of role‑aware booking controls that protect prime hours, enforce per‑account quotas, and produce clear audit trails—without adding friction for customers or partners. Designed for revenue teams, agencies, and global operations, Gatekeeper Links turn common scheduling chaos into reliable, policy‑compliant bookings that respect your team’s focus time. Gatekeeper Links operate like smart, SSO‑aware doors. Instead of exposing the same calendar to everyone, Timeglue reveals different windows dynamically based on who is booking and what they’re entitled to. Prime Hour Shield reserves premium time bands for approved roles and account tiers, steering others to off‑peak options so critical work stays unblocked while deep‑work hours remain protected. Tier Sync keeps these entitlements current by ingesting roles, groups, and customer tiers from systems like Okta, Azure AD, and Salesforce, eliminating brittle manual lists. Revenue leaders can finally apply operational guardrails to scheduling. Quota Guard enforces per‑account booking quotas with real‑time counters, soft and hard limits, and configurable grace periods. Cap Bands apply conditional attendee caps by segment, region, or time of day to keep sessions productive and compliant, automatically waitlisting overflow and suggesting smaller‑group alternates. Every booking decision is recorded in the Audit Ledger, a tamper‑evident log showing who booked, why they were allowed or blocked, which rule version applied, and the SSO attributes used. When a legitimate edge case arises, Access Request offers a streamlined override workflow with SLAs, time‑bounded approvals, and automatic exception recording. “Calendars have become an uncontrolled entry point into our teams,” said Dev Patel, VP of Product at Timeglue. “Gatekeeper Links give companies a polite, programmable bouncer—welcoming the right meetings at the right times, and documenting why. You protect prime hours, prevent overcommit, and gain the audit trail you need, all in one flow.” Customer teams are seeing immediate benefits. “Our CS org serves hundreds of customers across three regions,” said Jada Kim, VP of Customer Success at Arcadia Cloud. “With Gatekeeper Links, top‑tier accounts see the premium windows they pay for, while others are smoothly guided to off‑peak slots. Quota Guard ended the month‑end scramble, and the Audit Ledger lets us settle any SLA questions in minutes.” Gatekeeper Links integrate with Timeglue’s core scheduling canvas. Leaders paint acceptable overlap windows that honor work hours, holidays, and focus blocks. Gatekeeper then refines what each viewer can see based on identity and policy. For high‑stakes moments—launches, incidents, or quarter‑end surges—Gatekeeper coordinates with Timeglue’s Surge controls to expand windows temporarily with approvals, cap exposure, and automatically sunset back to normal patterns. Teams retain velocity without making “temporary” exceptions permanent. Implementation is zero‑drama. With Tier Sync and Quick Connect, organizations can import roles, groups, and account tiers in minutes and map them to Gatekeeper policies. A domain‑based setup recognizes common defaults, and Starter Kits provide recommended templates by role and industry. Timeglue’s Masked Blocks and Safe Propose keep external viewers productive; they can request times within open windows without seeing exact availability, while Timeglue confirms slots privately and returns holds or invites. For compliance and security teams, Gatekeeper Links provide clarity instead of guesswork. The Audit Ledger supports one‑click CSV or JSON exports for auditors. Policies are versioned, changes are attributed, and every exception is paired with its recorded rationale. Timeglue encrypts data in transit and at rest and supports SSO and SCIM provisioning via leading IdPs. Availability and pricing: Gatekeeper Links are generally available today for Pro and Enterprise plans. Prime Hour Shield, Tier Sync, Quota Guard, Cap Bands, Audit Ledger, and Access Request are included at launch. Existing Timeglue customers can activate Gatekeeper in Admin Settings, with a guided setup that maps IdP/CRM attributes to policy rules. New customers can start a 14‑day trial at timeglue.com and be production‑ready in under an hour. About Timeglue: Timeglue is time zone scheduling software that finds sane cross‑region meeting windows while honoring work hours, holidays, and focus blocks. Built for remote team leads, sales and CS pods, and global operations, Timeglue ends time zone math and back‑and‑forth with paintable timelines and smart links that prevent after‑hours invites. Call to action: See Gatekeeper Links in action at timeglue.com/gatekeeper or book a live demo with our product team. Media contact: Timeglue Communications press@timeglue.com +1 415 555 0139 www.timeglue.com/press
Imagined Press Article
San Francisco, CA — September 1, 2025 — Timeglue today launched Culture Clock, a new set of capabilities that helps global teams schedule with cultural care—beyond national holidays. Culture Clock understands daily observances, school runs, and regional rest patterns, and it steers suggestions toward humane, high‑attendance windows while preserving velocity. The result is fewer no‑shows, fewer last‑minute reschedules, and a scheduling culture people trust. Global work succeeds on trust, and trust is built when plans respect people’s lives. Culture Clock brings that respect into the scheduling workflow without exposing sensitive details. Respect Profiles let teammates opt into preferences—observance windows, Fridays off, school runs—expressed as patterns rather than personal data. Observance Aware detects daily and weekly observance windows by locale and season and quietly avoids them, proposing nearby alternates with optional micro‑buffers for preparation or travel. School Run Shield protects family logistics with configurable buffers and one‑off exceptions for special events, so recurring series stay stable without erasing what matters. Different regions operate on different rhythms. Siesta Sense recognizes split‑shift cultures and marks midday hours as fragile, preferring morning or late‑afternoon overlaps that maintain energy and attendance. Culture Clock then synthesizes these signals into a single Respect Index that scores each proposed slot or series on cultural respect, explaining what drives the score and offering one‑click improvements. Paired with Timeglue’s FairShare suite, leaders can balance both equity and respect across time zones—two goals that often conflict—while keeping legal and workload guardrails intact. “We built Culture Clock because the world’s calendars are richer than a list of public holidays,” said Maya Ingram, CEO of Timeglue. “Our customers want velocity with dignity. Culture Clock weaves local customs into scheduling so teams move fast without stepping on what’s important to people.” Early adopters report smoother coordination and fewer escalations. “We run training and care programs across North Africa, the Middle East, and Europe,” said Laila Benhaddou, Program Director at Marigold Health Network. “Culture Clock’s observance awareness and Respect Index changed the tone of our planning meetings. We don’t argue about time slots anymore—the system shows us respectful options and why they’re better. Attendance is up, and goodwill is up.” Culture Clock integrates directly with Timeglue’s Heatmap Canvas. Leaders paint acceptable overlap windows that honor work hours, holidays, and focus blocks. The canvas then overlays cultural sensitivity signals, flagging fragile periods with Why Sensitive explanations: the specific observance, regional rest, or family window in play, plus instant alternates that resolve the issue with minimal shift. Polite Context adds a brief note to invites and smart links—localized by region and language—explaining how the chosen time respects local customs, building trust with customers and candidates without exposing personal information. Privacy is foundational. Culture Clock is preference‑based and consent‑driven; organizations can set reasonable defaults by locale while individuals opt in and fine‑tune their own Respect Profiles. Sensitive patterns are represented as scheduling constraints, not as raw calendar details. Timeglue’s privacy controls—including Masked Blocks, Trust Tiers for graduated visibility, and Ghost Ledger for access logging—ensure that external partners see only the minimum necessary detail to keep work moving. For operations leaders, Culture Clock offers measurable outcomes. The Respect Index and conflict explanations appear wherever times are proposed—on the canvas, in smart links, and during recurring series planning—so teams can quantify improvements and defend choices to stakeholders. Combined with Timeglue’s FairShare and Legal Limits, leaders can demonstrate that they evaluated equity, cultural respect, and compliance together, with clear rationales for each decision. Availability and pricing: Culture Clock is available today on Timeglue Pro and Enterprise plans. Respect Profiles, Observance Aware, School Run Shield, Siesta Sense, Respect Index, Polite Context, and Why Sensitive launch globally with localized templates for English, French, Spanish, and Arabic. Additional languages and regional observance sets are in development. Existing customers can enable Culture Clock from Admin Settings; new customers can start a 14‑day trial at timeglue.com and experience Culture Clock during onboarding. About Timeglue: Timeglue is time zone scheduling software that finds sane cross‑region meeting windows while honoring work hours, holidays, and focus blocks. Built for remote team leads, NGOs, agencies, and global enterprises, Timeglue ends time zone math and back‑and‑forth with paintable timelines, smart links, and safeguards that prevent after‑hours invites. Call to action: Explore Culture Clock and download the cultural respect playbook at timeglue.com/culture. Media contact: Timeglue Communications press@timeglue.com +1 415 555 0139 www.timeglue.com/press
Imagined Press Article
San Francisco, CA — September 1, 2025 — Timeglue today announced Zero‑Touch Onboarding, a streamlined setup experience that gets new organizations ready to schedule respectful cross‑region meetings in minutes—not weeks. By recognizing your domain, connecting to your HRIS and IdP in one click, and auto‑assigning time zones and holidays, Zero‑Touch Onboarding eliminates CSV wrangling and guesswork so teams can publish sane booking windows on day one. Zero‑Touch Onboarding is a response to a common barrier: leaders want better scheduling guardrails, but the initial setup feels steep. Timeglue collapses that lift with a sequence of smart automations that still keep admins in control. Domain Snap instantly recognizes a company domain and pre‑configures the right integrations for Google or Microsoft calendars, Okta or Azure AD, and popular HRIS tools. Quick Connect imports teams, managers, locations, and work‑hour policies read‑only, creating an accurate roster in minutes while preserving source‑of‑truth governance. From there, Locale Mapper assigns each person’s time zone and holiday set using HRIS location, office assignment, and calendar locale, flagging anomalies for quick review. Starter Kits provide role‑ and industry‑based presets such as Engineering standups, Sales pods, CS onboarding, and Recruiting panels. Each kit pre‑paints safe overlap windows and focus‑block defaults that reflect real‑world patterns, so leaders can start with a credible plan instead of a blank canvas. Before any invite goes out, Risk Precheck runs a fast simulation to surface after‑hours exposure, holiday conflicts, and compliance risks, with one‑click fixes that keep the plan clean. “New customers shouldn’t have to build a scheduling engine before they can use one,” said Dev Patel, VP of Product at Timeglue. “Zero‑Touch Onboarding gives you an instant baseline that respects work hours, holidays, and focus time, and then gets smarter as your org data updates. You’re productive on day one, and safer on day two.” Zero‑Touch doesn’t end at launch. Drift Guard watches HRIS and IdP changes during the first 30 days—new hires, team moves, location changes—and auto‑updates teams, hours, and holiday sets, sending a compact Slack or Teams digest so admins can approve or roll back with a click. Auto Announce generates SSO‑gated smart links and posts a welcome brief to Slack or Teams, explaining booking windows and guardrails so everyone knows where to book and what to expect. The net effect is a calm rollout: fewer meetings about meetings, fewer after‑hours surprises, and a shared understanding of how global scheduling works at your company. Zero‑Touch Onboarding aligns with Timeglue’s privacy and security posture. The system imports only the attributes required for scheduling, keeps HRIS and IdP connections read‑only by default, and logs every change. Masked Blocks publish availability as open or closed windows at configurable granularity to external partners, while Trust Tiers reveal just enough detail based on identity. Safe Propose lets recipients request times inside windows without seeing exact schedules, and Ghost Ledger maintains an access trail for compliance teams. Early users report that Zero‑Touch removes the fear of implementation debt. “We stood up Timeglue across 220 people in an afternoon,” said Aaron Cho, Director of Operations at RelayFoundry. “Domain Snap and Quick Connect did the heavy lifting, Locale Mapper caught three location mismatches we never would’ve noticed, and the Starter Kits gave us a realistic starting point. The Auto Announce post answered 90% of questions before they came in.” Availability and pricing: Zero‑Touch Onboarding is available today to all new Timeglue customers and will roll out to existing organizations over the next two weeks. Domain Snap, Quick Connect, Locale Mapper, Starter Kits, Risk Precheck, Drift Guard, and Auto Announce are included with all paid plans. Admins can enable Slack or Teams digests and Auto Announce during setup. For enterprise environments, SCIM provisioning and custom attribute mapping are supported on the Enterprise plan. About Timeglue: Timeglue is time zone scheduling software that finds sane cross‑region meeting windows while honoring work hours, holidays, and focus blocks. Built for remote team leads at startups, agencies, and global enterprises, Timeglue ends time zone math and back‑and‑forth with paintable timelines and smart links that prevent after‑hours invites. Call to action: Start a 14‑day trial and experience Zero‑Touch Onboarding at timeglue.com/start. Media contact: Timeglue Communications press@timeglue.com +1 415 555 0139 www.timeglue.com/press
Subscribe to receive a fresh, AI-generated product idea in your inbox every day. It's completely free, and you might just discover your next big thing!
Full.CX effortlessly brings product visions to life.
This product was entirely generated using our AI and advanced algorithms. When you upgrade, you'll gain access to detailed product requirements, user personas, and feature specifications just like what you see below.