Privacy Policy – AppoBooking

1. Who We Are

AppoBooking (hereinafter "we", "our service") is an online service booking platform accessible at appobooking.com. It enables service providers to manage their availability and allows their clients to book appointments online.

For any questions regarding your personal data, contact us at: info@appobooking.com

2. Data We Collect

We only collect data that is necessary for the proper operation of the service:

Identification Data
Full nameEmail addressProfile photo (optional)

Collected when you create your account, to identify you and personalize your experience.

Booking Data
Appointment date and timeService bookedProvider selected

Required to confirm, manage, and display your bookings.

Payment Data
Payment informationTransaction status

Payments are processed by Stripe. We never store your card numbers. Only the payment status (paid/pending) is kept in our databases.

Google Calendar Data (if you enable sync)
Read/write calendar accessExisting events (title, time)OAuth token

Only if you choose to connect your Google Calendar. This data is used to:

Display your availability by avoiding conflicts with existing events
Automatically create a Google Calendar event for each new booking

Your OAuth token is stored securely and encrypted. You can revoke access at any time from your account settings or directly from Google Account Permissions.

3. Purpose of Processing

Create and manage your user account
Enable booking and appointment management
Process online payments via Stripe
Sync your appointments with Google Calendar (upon explicit request)
Send you booking confirmations and reminders by email
Ensure security and prevent abuse

4. Legal Basis for Processing

Contract performance: processing bookings and payments
Consent: Google Calendar sync, marketing emails
Legitimate interest: security, fraud prevention, service improvement

5. Data Sharing

We never sell your data. We share it only with:

Stripe – payment processing (Stripe Privacy Policy)
Google – calendar sync (Google Privacy Policy)
Supabase – database hosting and authentication
Vercel – web application hosting
The provider you book – your name and email are shared so they can manage the appointment

6. Data Retention

Account data: retained while your account is active, then deleted within 30 days of closure
Booking data: retained for 3 years for legal and accounting purposes
Google Calendar tokens: deleted immediately upon disconnection

7. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

Right of access: obtain a copy of your data
Right of rectification: correct inaccurate data
Right to erasure: request deletion of your account and data
Right to portability: receive your data in a structured format
Right to object: object to certain types of processing
Right to withdraw consent: at any time for Google Calendar sync

To exercise your rights, contact us at info@appobooking.com. We will respond within 30 days. If your issue remains unresolved, you may contact the CNIL (French data protection authority).

8. Security

All communications encrypted via HTTPS/TLS
Secure database with Row Level Security (Supabase)
OAuth tokens stored encrypted
Data access restricted to authorized personnel
No card numbers stored (delegated to Stripe PCI-DSS)

9. Cookies

We only use functional cookies necessary for authentication and maintaining your session. No advertising or third-party tracking cookies are used.

10. Changes to This Policy

We may update this policy at any time. In the event of a material change, you will be notified by email at least 30 days before the changes take effect. The last update date is shown at the top of this page.

11. Contact

For any question or request regarding your personal data:
AppoBooking
info@appobooking.com

Legal Notice Terms of Service Cookie Policy