diff --git a/include/event.php b/include/event.php
index befda64eb1..c826511f23 100644
--- a/include/event.php
+++ b/include/event.php
@@ -818,7 +818,7 @@ function widget_events() {
 	// of the profile page it should be the personal /events page. So we can use $a->user
 	$user = ($a->data['user']['nickname'] ? $a->data['user']['nickname'] : $a->user['nickname']);
 
-	if( !(local_user() )&& !(feature_enabled($owner_uid, "export_calendar")) )
+	if( !(local_user()) && !(feature_enabled($owner_uid, "export_calendar")) )
 		return;
 
 	return replace_macros(get_markup_template("events_aside.tpl"), array(
diff --git a/mod/cal.php b/mod/cal.php
index a12a653426..5dab182e71 100644
--- a/mod/cal.php
+++ b/mod/cal.php
@@ -153,7 +153,10 @@ function cal_content(&$a) {
 		return;
 	}
 
-	$sql_extra = item_permissions_sql($owner_uid,$remote_contact,$groups);
+	// get the permissions
+	$sql_perms = item_permissions_sql($owner_uid,$remote_contact,$groups);
+	// we only want to have the events of the profile owner
+	$sql_extra = " AND `event`.`cid` = 0 ";
 
 	// get the tab navigation bar
 	$tabs .= profile_tabs($a,false, $a->data['user']['nickname']);
@@ -299,7 +302,7 @@ function cal_content(&$a) {
 			return;
 		}
 
-		if(! (feature_enabled($owner_uid, "export_calendar"))) {
+		if( !(local_user()) && !(feature_enabled($owner_uid, "export_calendar"))) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}