Privacy Policy

Last updated: 20.4.2025

Introduction

Welcome to Book24Seven Oy. By using Book24Seven Oy’s Appointment Booking App and associated services, you agree to the terms outlined in this Privacy Policy. We may update this policy periodically, and it is your responsibility to review it regularly for changes. Significant updates will be communicated through email or a notice on our website.

Book24Seven values your privacy. We are committed to never selling or using your data for advertising purposes. Our practices are designed to ensure the highest standards of privacy protection.

If you have any questions or concerns about this policy, please contact us at support@book24seven.com

Data Collection and Use

We collect personal data from Partners (refers to any entity or individual who creates and manages a booking system on Book24Seven’s platform) when they register to use our platform. However, our Partners (salons, therapists, individual consultant, etc.) collect the personal data of their end users (customers) when appointments are booked through our platform. While all personal data is stored securely on our platform, the collection and management of end user data is primarily handled by our Partners.

For Partners

  • Personal Information: Name, business name, email address, phone number, and business address.
  • Account Credentials: Username and password for accessing the platform.
  • Billing Information: Transaction-related data (e.g., billing address, payment history) handled via third-party payment processors like Stripe, PayPal, etc.
  • Usage Data: Information about how you use the platform, including the pages you visit and the features you interact with.

Purpose:

  • To manage your business profile on our platform.
  • To facilitate customer bookings, manage communications, and handle payments.
  • To analyze usage trends and improve our services.

For End Users (Customers of Partners)

The Partners collect the following data from their End Users when appointments are booked through the platform. Book24Seven securely stores this data but does not collect it directly.

  • Personal Information: Name, email address, phone number, appointment details, and any other information required by the B2B partners.
  • Usage Data: Information about the services booked and how end users interact with the booking platform.

Purpose:

  • To allow Partners to process and manage appointments.
  • To facilitate communication between End Users and the Partners (salons, therapists, individual consultant, etc.).
  • To improve the overall booking experience.

Book24Seven Oy does not directly contact or communicate with End Users except for platform management purposes. If you are an end user booking an appointment through our platform, we encourage you to review the privacy policies of the Partners (e.g., salons, therapists, individual consultant, etc.) with whom you interact.

Cookies and Tracking Technologies

Book24Seven plans to use cookies in the future to enhance your experience, track your activities on our platform, and analyze how our services are used. When we do it, you can manage your cookie preferences through your browser settings or by using our cookie consent tool. We will primarily use first-party cookies to provide essential features and do not rely on third-party or intrusive tracking cookies.

Data Controller Responsibilities

Book24Seven Oy is the primary data controller for data directly collected from Partners, while partners using our platform act as data controllers for end-user data collected via their booking pages.

Legal Basis for Processing Personal Data

We process personal data based on the following legal grounds:

  • Consent: When you provide clear consent for data processing (e.g., for marketing communications).
  • Contractual Necessity: To fulfill our contractual obligations to provide services.
  • Legal Obligation: To comply with legal obligations, such as tax, regulatory authorities and accounting requirements.
  • Legitimate Interests: To improve our services and ensure platform security, provided these interests do not override your data protection rights.

How We Use Your Data

We use your personal data to:

  • Provide and Improve Our Services: Enable account creation, manage bookings, and process payments.
  • Personalize Your Experience: Tailor recommendations and content based on your preferences.
  • Communicate with You: Send administrative notifications and respond to inquiries.
  • Manage Transactions: Handle payments and appointment-related services.
  • Marketing (with Consent): Send promotional emails, newsletters, and offers.
  • Prevent Fraud and Misuse: Detect and prevent unlawful activities or misuse of the platform.

Data Sharing with Third Parties

Book24Seven integrates with various third-party applications (“Third-Party Applications”) including different payment integration to enhance your experience and provide additional functionalities (e.g., integrated apps like Google Calendar, Stripe Payment, etc). We do not automatically share your personal data with third-party service providers. However, when you choose to use certain features or integrations on our platform, such as payment processing, calendar synchronization, SMS notifications, etc., personal data may be shared with these third parties to ensure the smooth operation of these services.

These third parties are required to comply with GDPR and other Privacy Practices. By using these integrated services, you agree to their respective terms of service and privacy policies (“Third-Party Terms”). You are responsible for reviewing and understanding the Third-Party Terms before using any integrated application. Book24Seven does not control these third parties and recommends reviewing their privacy practices.

Data Security

Book24Seven prioritizes data security by implementing:

  • Encryption: All data transferred to and from our platform is encrypted using SSL/TLS technology.
  • Access Controls: Only authorized personnel have access to your data.
  • Firewalls and Monitoring: We use firewalls and conduct continuous monitoring to protect against vulnerabilities.

In case of a data breach, Book24Seven will notify affected users and relevant authorities within 72 hours, as required by GDPR. However, while we take extensive precautions to safeguard your data, no online system can guarantee 100% security, and we encourage you to use secure methods when accessing our services.

International Data Transfers

Book24Seven primarily stores data within the EU/EEA, but some third-party providers may process data outside these regions. For transfers outside the EEA, we use Standard Contractual Clauses (SCCs) or other legal mechanisms to ensure adequate protection, per GDPR requirements. By using our services, you consent to the transfer and processing of your data as necessary to provide our services.

Data Retention and Deletion

  • Account Data: Retained as long as your account is active or until you request deletion.
  • Transaction Data: Retained for up to five years for legal and accounting purposes.
  • Communications: Retained for customer support purposes for up to 12 months.

You can request data deletion at any time by contacting us at info@book24seven.com. Data will be deleted unless we are legally required to retain it.

Your Rights Under GDPR

As a user, you have the following rights regarding your personal data:

  • Access: Request a copy of the data we hold about you.
  • Rectification: Request corrections to any inaccurate data.
  • Erasure: Request deletion of your data (except where retention is required by law).
  • Restriction of Processing: Request limited use of your data.
  • Data Portability: Receive your data in a structured format.
  • Objection: Object to how we process your data for certain purposes.
  • Withdraw Consent: If processing is based on consent, you may withdraw it at any time.

To exercise your rights, please contact us at info@book24seven.com.

Responsibilities of Partners

Our Partners (such as salons, therapists, other businesses, individual consultant, etc.) are responsible for managing and protecting the personal data of their customers. As data controllers, they determine how their customers’ data is processed in accordance with applicable data protection laws. We encourage our B2B partners to maintain their own privacy policies in compliance with GDPR and other Privacy Practices.

Data Anonymization and Aggregation

Book24Seven may anonymize and aggregate personal data to conduct statistical analysis and improve services. This anonymized data does not identify individual users.

Children’s Privacy

Book24Seven’s services are not intended for individuals under 18 without parental consent. We do not knowingly collect personal data from children under 18. If you believe we have inadvertently collected such data, please contact us at info@book24seven.com, and we will delete it promptly.

Complaints

You have the right to lodge a complaint with a supervisory authority. This is the Finnish Data Protection Ombudsman in Finland.

Changes to This Privacy Policy

We may update this Privacy Policy periodically. If we make significant changes, we will notify you by email or post a notice on our website. The “Last Updated” date at the top of this policy reflects the latest changes.

Contact Information

For questions about this Privacy Policy or how we handle your data, please contact us:

Data Protection Officer (DPO)
Email: legal@book24seven.com
Address: Pelimannintie 24 B, 00420 Helsinki

Supervisory Authority
Website: Finnish Data Protection Ombudsman

en_GBEnglish
fiFinnish en_GBEnglish