Quando utilizzi il sito web ufficiale di SimplyBook.me Ltd (soggetto ai nostri Termini e condizioni del sito web) e i nostri Servizi (soggetti ai nostri Termini e condizioni), ci affidi i tuoi dati personali. È vero che trattiamo molti dati diversi e quindi il nostro impegno a salvaguardare la tua fiducia nei nostri confronti è il nostro obiettivo.
Per capire come raggiungiamo questo obiettivo, ti preghiamo di leggere attentamente questo documento dove spieghiamo le nostre pratiche sulla privacy. Capirai come raccogliamo, utilizziamo, a volte condividiamo i tuoi dati personali e cosa puoi fare al riguardo, sempre con lo scopo di fornirti il nostro servizio migliore.
Leggi questo documento insieme alla nostra panoramica dell'Accordo sul trattamento dei dati e alla versione firmata , nonché ai nostri Termini e condizioni.
dati che ci fornisci al momento della registrazione e durante l'utilizzo del nostro sistema come nome, email, indirizzo ecc.;
dati creati quando utilizzi i nostri servizi come indirizzo IP, tipo di browser e altro.
02
ELABORAZIONE DATI:
How do we use your personal data?
In order to provide you with outstanding services;
Make our website better and more efficient;
Allow you to interact where possible;
Provide you with support when needed;
For research and development.
03
CONDIVISIONE DEI DATI:
With whom we share your personal data?
Come parte del gruppo team.blue, con i nostri fornitori di servizi quando necessario;
with other people such as our contractors and consultants) and companies such as payment systems providers we collaborate, see section Share of your personal data, below.
We are a company based in Cyprus and store your personal data worldwide, depending on the location of your business. For EU based businesses though your data including backups is stored in the EU, it may be transferred outside the EU. See more information under Where is your personal data stored?
05
I TUOI DIRITTI IN QUALITA' DI INTERESSATI:
What are your rights as a data subject?
Ask for a copy of your personal data request that we amend something included in your personal data, because it is wrong;
Request that we delete your personal data in part or in full;
Restrict us to or request to us to stop in full, the processing of your personal data;
Request that we provide your personal data to another company;
Take back the consent you gave us to process your personal data.
If you are outside the EU or EEA and GDPR does not apply there is a special section for your rights.
This is the Privacy Policy of SimplyBook.me Ltd which explains how we comply with the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) and other national and international applicable laws and regulations in all our business operations.
We have implemented appropriate measures and records demonstrating compliance with the GDPR and can therefore take responsibility for the processing of your personal data. Respecting the principles of GDPR (lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality (security) and accountability) is the key objective in all our business operations involving processing of personal data.
II. Our Information
Siamo SimplyBook.me Ltd e forniamo una soluzione per la prenotazione di appuntamenti che include un'ampia gamma di funzionalità come il sistema di promozione e marketing, il sistema di vendita e il sistema di contatto con i clienti (collettivamente i "Servizi"). Puoi controllare i nostri Termini e condizioni, contenenti maggiori dettagli sui nostri servizi e sui nostri obblighi legali, insieme alla nostra panoramica dell'Accordo sul trattamento dei dati e alla versione firmata qui.
In order to comply with the requirements of the GDPR, we must inform you that we are the “data controller”, making decisions about your personal data, when you visit our official website: www.simplybook.me and other sub-websites operated by us in accordance with our Website Terms and Conditions which you accept.
For this document and all privacy and personal data protection purpose, our information and contact details is as below:
We process your personal data for the following specific, clearly defined purposes:
1. Core Booking Service Operations
Data Processed: Account Data and Query Data (name, email address, phone number, appointment details, booking preferences).
Specific Purposes:
Create and activate user accounts in our booking system.
Schedule, confirm, and modify appointment bookings.
Send automated appointment confirmation emails within 5 minutes of booking.
Send appointment reminder notifications before scheduled appointments.
Process cancellations and rescheduling requests.
Generate booking receipts and service summaries.
Provide live chat and email customer support for booking-related issues.
Maintain booking history records for repeat appointment scheduling.
Legal Basis: Contractual obligation which is necessary to perform our booking service contractual obligations.
2. Service Security and Technical Operations
Data Processed: Usage Data (IP address, browser type, device information, session duration, pages visited, click patterns, error logs).
Specific Purposes:
Detect and prevent fraudulent booking attempts and spam registrations.
Monitor for unauthorized access attempts to user accounts.
Identify and resolve technical errors affecting the booking process.
Optimize website loading speeds and server response times.
Ensure booking system availability and prevent service disruptions.
Generate anonymized analytics reports to improve system performance.
Maintain secure user authentication and session management.
Legal Basis: Legitimate interests, meaning protecting our services and users from security threats and ensuring reliable service delivery.
3. Marketing and Promotional Communications (Consent-Based)
Data Processed: Account Data (name, email address, service preferences, booking history).
Specific Purposes:
Send monthly newsletters featuring new service providers and booking options.
Deliver personalized promotional offers based on previous booking categories.
Share seasonal promotions and limited-time discounts via email.
Send service provider spotlights and featured business announcements.
Provide early access notifications for new platform features.
Conduct voluntary customer satisfaction surveys (maximum 4 per year).
Legal Basis: Consent, only sent to users who have explicitly opted in and can withdraw consent at any time.
4. Legal and Regulatory Compliance
Data Processed: Account Data and Transaction Data (payment records, booking invoices, user identification, correspondence records).
Specific Purposes:
Generate and maintain financial records for tax reporting obligations.
Comply with VAT registration and reporting requirements in operating jurisdictions.
Respond to legitimate law enforcement requests and court orders.
Maintain transaction records for anti-money laundering compliance.
Process data subject rights requests under GDPR and similar privacy laws.
Preserve records for legal dispute resolution and insurance claims.
Meet data retention requirements for business accounting standards (7-year retention for financial records).
Legal Basis: Legal obligation, meaning compliance with applicable tax, accounting, and privacy laws.
Detailed Data Categories and Processing Purposes
Usage Data
What We Collect: Website interaction data including IP address, geographical location, browser type and version, operating system, referral source, session duration, page views, navigation paths, time stamps, and user interaction patterns.
Data Source: Automatically collected through analytics tracking systems (Google Analytics, internal logging systems).
Specific Processing Purposes:
Analyze which booking pages have highest conversion rates to optimize user experience.
Understand geographic distribution of users to optimize server locations.
Track feature usage to prioritize development resources.
Generate performance reports for service provider partners.
Customize language and regional settings based on location data.
Legal Basis: Legitimate interests, meaning monitoring and improving website functionality and user experience.
Account Data
What We Collect: Information provided during registration including full name, contact email address, phone number, profile photos, professional bio, service preferences, account settings, and profile customization data.
Data Source: Directly provided by you during account creation or profile updates.
Specific Processing Purposes:
Create and maintain individual user accounts with unique identifiers.
Display service provider profiles to potential clients with accurate contact information.
Enable password reset and account recovery processes.
Customize booking interface based on user preferences and settings.
Facilitate direct communication between service providers and clients.
Generate personalized booking recommendations based on profile information.
Maintain account security through authentication and access controls.
Important Note: This specific information will be available on your booking site, supplied by us, on a widget that may be inserted into the user's own website, on users social media profiles, on our directory sites where all system users are displayed, unless they specifically opt out of being displayed there.
Legal Basis: Contractual obligation and legitimate interests which are necessary for providing booking platform services.
Client Booking Data
What We Collect: Information entered by your clients when making bookings including client name, contact details, appointment preferences, special requests, and booking history.
Data Source: Your clients when they book appointments through your booking interface.
Specific Processing Purposes:
Process and confirm client appointment bookings.
Send booking confirmations and reminders to your clients.
Enable service providers to view and manage their appointment schedules.
Generate client contact lists for service providers.
Process appointment modifications and cancellations.
Create booking reports and statistics for service providers.
Enable repeat booking functionality for returning clients.
Legal Basis: Legitimate interests and contractual obligation, enabling effective appointment booking and management.
Service Provider Information
What We Collect: Professional details including name, business address, phone number, email address, professional photos, service descriptions, qualifications, pricing information, and availability schedules.
Data Source: You (as service provider) or authorized account administrators
Specific Processing Purposes:
Display service provider profiles on public booking pages and directory listings.
Enable client search and filtering by service type, location, and availability.
Generate booking widgets for embedding on external websites.
Create service provider listings on social media integration pages.
Process appointment requests and match clients with appropriate providers.
Generate marketing materials featuring service providers (with consent).
Enable client reviews and rating systems for service quality.
Important Note: This specific information will be available on the user’s booking site, supplied by us, on a widget that may be inserted into users own website, on users social media profiles, on our directory sites where all system users are displayed, unless they specifically opt out of being displayed there.
Legal Basis: Contractual obligation and legitimate interests, as this is the core functionality of our booking platform service.
Publication and Marketing Data
What We Collect: Content created for services, products, promotions, and business information including text descriptions, images, pricing, terms and conditions, and promotional materials
Data Source: You or authorized account users
Specific Processing Purposes:
Display service and product information to potential clients.
Enable online booking and purchasing functionality.
Create a searchable database of available services.
Generate promotional materials and featured listings.
Enable social media sharing and marketing integrations.
Process online payments and generate service receipts.
Provide comparison tools for clients to evaluate options.
Important Notice: Information published through our platform may be visible worldwide via internet searches and social media sharing. We cannot control how third parties use or share publicly available information, even after your account is deleted from our end.
Legal Basis: Contractual obligation and legitimate interests - enabling service promotion and client discovery.
Customer Support Data
What We Collect: Information from support inquiries including correspondence content, technical issues described, account information referenced, and resolution records
Data Source: You, your clients, or authorized users submitting support requests
Specific Processing Purposes:
Provide technical support and troubleshooting assistance.
Resolve billing and account-related inquiries.
Track and analyze common user issues to improve platform functionality.
Maintain support ticket history for follow-up assistance.
Generate internal reports on support effectiveness and response times.
Provide training materials and FAQ updates based on common questions.
Legal Basis: Legitimate interests - providing effective customer support and service improvement
Transaction and Financial Data
What We Collect: Purchase information including payment details, transaction amounts, billing addresses, invoice records, refund requests, and financial reporting data.
Data Source: You when making purchases or processing payments through our platform
Specific Processing Purposes:
Process subscription payments and service purchases.
Generate invoices, receipts, and financial statements.
Handle refund requests and billing disputes.
Maintain financial records for accounting and tax compliance.
Prevent payment fraud and unauthorized transactions.
Generate revenue reports for business operations.
Process tax calculations and regulatory financial reporting.
Data Retention: Financial transaction data is retained for 7 years to comply with accounting regulations and VAT reporting requirements.
Data Processing Location: Processed using our internal Notando Accounting System on EU-hosted dedicated servers.
Legal Basis: Legal obligations, required for proper accounting practices and financial compliance.
Marketing Communication and Newsletter Data
What We Collect: Email addresses and communication preferences for users who subscribe to newsletters or marketing communications.
Data Source: You, when explicitly subscribing to communications.
Specific Processing Purposes:
Send requested newsletters with platform updates and new features.
Deliver opted-in promotional communications and special offers.
Provide important service announcements and policy updates.
Send educational content about maximizing platform usage.
Conduct voluntary surveys for service improvement.
Withdrawal Rights: Consent can be withdrawn at any time by clicking unsubscribe links or contacting our support team.
Legal Basis: Consent, freely given and withdrawable consent for marketing communications.
General Correspondence Data
What We Collect: All communications sent to us including email content, contact forms, chat messages, and related metadata.
Data Source: You, when contacting us through any communication channel.
Specific Processing Purposes:
Respond to inquiries and provide requested information.
Maintain communication records for follow-up and reference.
Resolve complaints and service issues.
Improve our services based on user feedback and suggestions.
Comply with legal obligations requiring communication record-keeping.
Legal Basis: Legitimate interests, such as proper business administration and effective user communication.
Additional Legal Basis for Processing
Beyond the specific purposes listed above, we may process personal data for these additional legitimate interests:
Legal Defense: Establishing, exercising, or defending legal claims in court proceedings, administrative procedures, or out-of-court dispute resolution.
Business Protection: Protecting our business interests against risks, maintaining insurance coverage, managing operational risks, and obtaining professional legal or financial advice.
Regulatory Compliance: Meeting evolving regulatory requirements and industry standards for data protection and business operations.
IV. Where We Store Your Information?
Your personal data is stored on servers located in three reputable data centres, in Canada, France and Singapore all of which meet the R82 and R81 APSAD standards and work according to ISO/IEC 27001 standard. Check out how we always prioritise the importance of information security, here.
For our enterprise clients, we offer dedicated servers in Canada, UK, Australia and Belgium or any other location, subject to availability and additional requirements and legal obligations.
We must comply with several legal obligations in relation to the retention and deletion of personal data. Therefore, in all cases, we will keep your data only for the period required for the purposes of processing stated herein, respecting the principle of “data storage” of GDPR. This means that as long as you remain a user of our system - you can edit this data at any point in time and request a deletion by cancelling the usage of the system. Since we keep backups of all databases for up to 30 days, this data may still exist for up to 30 days on our servers at which point in time it gets deleted.
VI. Privacy By Design and By Default
Abbiamo implementato “misure tecniche e organizzative adeguate” al fine di seguire efficacemente i principi di protezione dei dati e salvaguardare i diritti individuali. Nello specifico, eseguiremo una Valutazione dell'impatto della protezione dei dati ("DPIA") quando richiesto dal GDPR, per identificare e ridurre al minimo i rischi di elaborazione dei dati di un progetto.
Sicurezza
Inoltre, tutte le nostre misure di sicurezza fanno parte del Sistema di Gestione della Sicurezza delle Informazioni (“ISMS”) complessivo di SimplyBook.me Ltd, in linea con lo standard ISO/IEC 27001.
Privacy of medical data / Protected health information
You may upload via notes to your account certain medical data or protected health information (as defined in the Health Insurance Portability & Accountability Act of 1996, “HIPAA”).
For the purposes of providing our SimplyBook.me Software and services, we may have restricted access to such type of information and must comply with the applicable HIPAA regulations as a business associate.
In order to operate effectively as a company and also provide flawless services, products and features, we must share some of your personal data. The sharing is limited to the extent required for the specific purposes and for the period required in order to ensure our business operations. Therefore, our services to you will not be jeopardised and your rights are not infringed.
(a) Sharing for provision of our other services/products:
Soluzione software SimplyMeet.me
Siamo i proprietari e ti offriamo la soluzione software per riunioni online SimplyMeet.me che ti consentirà di organizzare le tue riunioni. Controlla qui il sito web ufficiale di SimplyMeet me per i documenti legali pertinenti.
SBPay Basic e Pro
La soluzione SPBay viene offerta agli utenti in base ai nostri Termini e condizioni e si integra con la nostra funzione personalizzata "Ricevi pagamenti".
Per fornire SBPay in entrambe le versioni raccoglieremo e archivieremo: tutti i dati di elaborazione della transazione, l'ora, il nome del tuo cliente, l'importo, l'articolo acquistato, se ricorrente o meno, l'indirizzo IP e il processore di pagamento utilizzato per la transazione.
Note that we do not store full credit card information - in order to avoid identification of the card owner.
I dati vengono archiviati in: Germania (UE) su Google Cloud.
Booking Page
SimplyBook.me Ltd is the owner and operator of the Booking.Page (the “Directory”) which is hosted in the United Kingdom with OVH - read more about OVH security standards Infrastructure & Software.
We have concluded SCC for this processing activity and must be informed that when you explicitly allow publication of your company info, the service provider data and publication data including company reviews in the Booking.Page, you explicitly consent to transfer this data outside EEA, and subject to the provisions herein.
AI Helper & Third-Party AI Models
To enhance our services, we offer an AI Helper tool. When you use this feature, we process certain data to provide and improve the service. You are interacting with an artificial intelligence system when using our AI Helper feature.
We collect the text and queries you input into the AI Helper, as well as interaction data such as logs and usage patterns for analytics.
Legal Basis: Legitimate interests & contractual obligations, meaning to provide enhanced AI-powered assistance within our system services.
Purpose of Processing: This data is used exclusively to provide responses, improve the AI Helper's functionality, and maintain the security of the feature.
Data Retention: AI Helper interaction data is retained for as long as the chat remains open.
Data Sharing with Third-Party AI Services: The AI Helper utilises third-party AI models to process your queries. By using the feature, you acknowledge that the input you provide will be shared with these external systems for processing in accordance with their respective data processing agreements.
Your Rights: You have the right to access, rectify, delete, or port your AI Helper data. Contact us at dpo@simplybook.me to exercise these rights.
Important Notice: The AI Helper has inherent limitations in accuracy and may not be suitable for all types of queries. Human oversight is available through our support channels. As the AI Helper is an automated tool, you are solely responsible for the information you input. Do not share any sensitive personal, financial, or confidential information when using the AI Helper.
(b) Sharing as part of the team.blue group:
SimplyBook.me is part of team.blue Group and we may share personal data of our users with other entities within the Group, subject to provisions of our internal Global Data Sharing Framework.
The team.blue Group, consisting of several brands and subsidiaries, can improve coordination and resource allocation by sharing data internally. This allows for more efficient collaboration on product, campaign, and customer service improvements. Personal data may be shared among team.blue Group companies for marketing statistics, internal administration, and reporting purposes, but only in an amount necessary for the intended use and with proper protective measures in place to prevent unauthorised access or disclosure.
(c) Sharing with sub-processors:
We have appointed sub-processors with which we will share your personal data such as:
appointed service providers, business partners, and third-party vendors who assist us in delivering our services
legal authorities, regulatory bodies, and other third parties when required by law.
Tutte le attività di elaborazione dei dati con parti situate all'interno dell'UE e dello SEE sono disciplinate dalle disposizioni del GDPR e dai rispettivi accordi di elaborazione dei dati.
When we transfer your personal data to a country not located in the EU or EEA:
we will check and ensure that specific legal mechanisms and safeguards are in place: and such us “adequate decision” for that jurisdiction, concluded “Standard Contractual Clauses” (“SCC”) or other;
we follow the recent developments in the law and do not rely on the Privacy Shield but the Data Privacy Framework, to the extent applicable and valid;
for our business operations which involve the transfer of personal data from the European Union (“EU”) and/or the European Economic Area (“EEA”) to the United Kingdom, we rely on the decision of the European Commission dated on the 28th day of June, 2021 (see more info here).
Find a list of sub-processors as part of our online DPA here.
Where there is a change to this list, we will notify you and you can submit any objection via email to legal@simplybook.me, within 15 days.
VIII. Cookie e tecnologie di terze parti (statistiche e analisi)
General Statements:
a) For the purposes of security and detection of fraudulent behaviour, SimplyBook.me Ltd has implemented an automated control system, which makes use of cookies and other similar tracking technologies, to track and analyse certain behaviour of the users on the site, associated with their IP addresses and other personal data associated with the browsing on the site. The consequence of such processing is that, if a visitor attempts to engage in fraudulent conduct on the site, for example in order to benefit several times from the same promotion without having the right to do so, SimplyBook.me Ltd reserves the right to exclude such person from the promotion or to take any other appropriate measure for its own protection.
b) Analytics activities by means of tracking through the use of cookies and similar technologies, aimed at verifying and measuring the quality and effectiveness of SimplyBok.me Ltd’s online advertising campaigns, in order to improve the performance of those campaigns, as well as the services offered by SimplyBook.me Ltd.
c) SimplyBook.me Ltd uses cookies for functional and statistical purposes, to detect fraudulent behaviour and to measure the effectiveness of advertising campaigns and services.
Cookie
Like most websites, we use cookies and we wish to clarify here that cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies. If you need to know more, find everything in our Cookies Policy.
Statics and Analytics
In order to improve our website and product, we use tools for statistics and analysis in order to obtain an accurate overview on how visitors interact with our system and our website, so we can make it better. Note that where possible, we enable relevant settings in the tools we use and mention below, in order to minimise the personal data we process.
Google Analytics: a web analysis service provided by Google Ireland Limited (“Google”) which allows us to track and examine the use of our website and have reports on activities and share them with other Google services.
Matomo: an analytics service provided by InnoCraft, an open-source web analytics tool, to track and analyse visits to our website. Matomo collects data such as IP addresses (anonymised), browser information, and pages visited. This helps us understand how you interact with our site and as well as admin interface of your account, and hence help us improve your experience.
Leadinfo: un servizio di lead generation fornito da Leadinfo B.V., Rotterdam, Paesi Bassi, che riconosce le visite delle aziende al nostro sito web in base agli indirizzi IP e ci mostra informazioni correlate disponibili al pubblico, come nomi o indirizzi aziendali. Inoltre, Leadinfo posiziona due cookie proprietari per fornire trasparenza su come i nostri visitatori utilizzano il nostro sito web, e lo strumento elabora i domini dagli forniti input del modulo (ad esempio "leadinfo.com") per correlare gli indirizzi IP con le aziende e per migliorare i suoi servizi.
For additional information, please visit www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. In the event of an opt-out, your data will no longer be used by Leadinfo.
IX. Direct Marketing Communication
In order to contact you for marketing and promotional purposes, we need to have your clear consent and also inform you how we will process your personal data for these purposes. Therefore, by clicking to receive updates for marketing and promotional purposes during the sign-up procedure, you hereby consent and allow us to use your personal data and contact you via email, SMS or instant messaging such as via WhatsApp.
Your personal data for marketing and communication purposes will be stored in our internal database only and we shall not share your personal data with third parties unless they act as our service providers and are part of our business operations. This means we have established collaboration, safeguarded by data protection and privacy provisions.
For the user communication related to system usage, we use a self hosted version of marketing automation tools to avoid external access to our user's data. Therefore, we track user's actions within our system and send appropriate email and system messages to assist with the usage, where users have allowed us to communicate with them, by checking the marketing communication box during sign up.
As part of our marketing efforts and in the legitimate interest of SimplyBook.me Ltd, we may send marketing emails or texts promoting similar products or services to our customers, in compliance with the soft opt-in exemption. This exemption allows us to contact our existing customers with offers for products or services that are similar to those they have previously purchased from us.
In all cases, your personal data will be processed based on our instructions as data controller of your data and in compliance with the provisions of this Policy. We do not use marketing automation platforms and do not perform any automated decision-making processing of your personal data.
The unsubscribe option is available in all our communications for marketing purposes.
X. Your Rights
You are a “data subject” in accordance with the provisions of GDPR and have the below rights which you can exercise freely:
To request the deletion of your data, please send an email to dpo@simplybook.me with the following information:
Subject Line: "Facebook Data Deletion Request"
Body of Email: Please include your full name and the email address or user ID associated with your Facebook account so we can accurately locate your data.
Once we receive your request, we will begin the process of permanently deleting your data from our systems. We will send you a confirmation email once the deletion is complete, which may take up to 30 days to process.
For your security, we also recommend you remove the connection to Facebook within your Facebook account by going to Settings & Privacy > Settings > Apps and Websites.
Read the below section when you are outside the EU or EEA and GDPR does not apply.
I diritti degli Utenti in Svizzera sono in linea con la legge federale svizzera sulla protezione dei dati (FADP) e con le disposizioni ivi contenute che comprendono: accesso ai dati personali; diritto di opporsi al trattamento dei propri Dati Personali (che consente altresì agli Utenti di chiedere che il trattamento dei Dati Personali sia limitato, che i Dati Personali siano cancellati o distrutti, che sia vietata specifica comunicazione dei Dati Personali a terzi); diritto di ricevere i propri Dati Personali e farli trasferire ad altro titolare (portabilità dei dati); diritto di chiedere la correzione dei Dati Personali errati.
I diritti degli Utenti in Brasile sono in linea con la "Lei Geral de Proteção de Dados" (LGPD) e le disposizioni qui presenti.
I diritti degli Utenti negli Stati Uniti sono in linea con il California Consumer Privacy Act del 2018" (CCPA), come aggiornato dal California Privacy Rights Act (CPRA) (collettivamente il "CCPA/CPRA") e Virginia Consumer Data Protection Act (VCDPA), nella misura pertinente e applicabile alle operazioni commerciali di SimplyBook.me.
SimplyBook.me Ltd DOES NOT sell or share the personal information of its Users and the above rights can be exercised by respective individuals via contact details provided above and free of charge and/or to the extent applicable via your Account, subject to certain conditions and exceptions, to the extent SimplyBook.me Ltd must comply with the relevant law/regulation. The provisions above supersedes any other possibly divergent or conflicting information contained herein.
XI. Information Related to Meta (Facebook) Services
To enhance our services, we offer several optional integrations with Meta platforms (Facebook and Instagram). This section explains how data is collected and used when you or your clients use these features.
1. Social Login.
End users have the option to use their social media profiles (including Facebook) to log in or register when booking an appointment on your page, simplifying the booking process.
Data Collected During Client Social Login:
Public Profile Information (Name, Email, Profile Picture): To identify the client, pre-fill their booking details, and personalize confirmations.
Meta User ID and Authentication Tokens: To securely verify the client's identity and maintain their login session for viewing their booking history.
Purpose: To provide a convenient and secure authentication method for your clients, helping to prevent fraudulent bookings and allowing clients to easily manage their appointments.
Legal Basis: Consent (when the client chooses to use social login) and Contractual Necessity (to provide the login service they have requested).
2. Business Page Integration.
You can connect your account to your Facebook Business Page or Instagram Business Profile. This enables end-users to book your services directly from your social media presence.
What data we collect:
Your Meta User ID, authentication tokens, and a list of the business pages you manage so you can select the correct one to connect.
Your public Business Page information (e.g., Page name, Page ID).
The purposes of processing data include:
enabling a "Book" button on your page or profile;
displaying your services on your page with booking capabilities;
allowing clients to book appointments directly through Meta platforms;
syncing booking information between your Account and your social media presence.
Legal Basis: Consent, when you authorise the connection and Contractual Necessity, in order to provide the login/integration service you requested.
Important note: This integration does not work for personal accounts and you can disconnect this integration at any time through your Account settings.
3. Data We Share with Meta (Meta Pixel and Conversions API).
We offer an optional feature that allows you to integrate a Meta Pixel with your booking page. This is a powerful tool for tracking client activity and measuring the effectiveness of your advertising campaigns.
What data we collect on your behalf:
Event Data: Actions you take on our site, such as viewing a page, starting the booking process, or completing an appointment.
Technical and Usage Data: Your IP address, browser type, device information, and click patterns.
Transaction and Conversion Data: Confirmation that a booking was made, the service category, and the value of the booking. We do not share sensitive payment details like credit card numbers.
The purposes of processing data include:
Measure Ad Performance: Track conversions and understand the return on your ad spend.
Retarget Visitors: Show relevant ads to people who visited your booking page but did not book.
Build Audiences: Create Custom Audiences from your visitors or build Lookalike Audiences to find new clients.
Analyse User Behavior: Understand how clients interact with your booking page to optimise its layout and services.
Legal Basis: Legitimate Interest. You have a legitimate interest in marketing your business and improving your services. Your clients can object to this processing through cookie consent tools and their browser settings.
How Meta Processes Your Data
When you interact with our services through platforms that integrate with Meta (such as Facebook, Instagram, or WhatsApp), data is exchanged with Meta Platforms, Inc. This applies to various interactions, including but not limited to, using social login options, sharing content directly to Meta platforms, or engaging with our content on Meta's properties.
Once data is shared with Meta through any of these integrations, Meta acts as an independent data controller and has the primary responsibility for how that data is processed, stored, and used from that point onward, operating under their own distinct data policies, terms of service, and privacy practices, not our own.
We act as the initial party collecting data, but we do not retain control over how Meta utilizes this data after it has been transferred to their systems. Our agreement with you covers our data handling practices; however, Meta's subsequent use of the shared information falls under their responsibility.
We strongly encourage all users to thoroughly review Meta's privacy policies, terms of service, and any other relevant documentation, with information regarding how Meta collects, uses, shares, and protects your personal data when you interact with their services, including data received from third-party integrations like ours.
You have full control over your data and the connection between our service and Meta.
You can disconnect your Meta account at any time in your Account settings. You can also revoke our app's permissions directly in your Facebook or Instagram settings under "Apps and Websites."
You can manage the ads you see on Meta platforms through your Facebook Ad Preferences and review how your data is used in the Off-Facebook Activity tool.
You can manage tracking technologies through our website's cookie consent banner and your browser settings.
You have the right to request the deletion of the data we hold about you that was received from Meta.
XII. Changes to our Privacy Policy
We may change this document at any time in order to reflect changes in the law or our practices. Keep an eye on our website for any updates. If we change anything major in this document, we will inform you.
Tieni presente che offriamo anche uno strumento ancora più semplice destinato alla pianificazione delle riunioni. Dai un'occhiata se ritieni che SimplyBook.me sia eccessivo per le tue esigenze.
