BookingPlatform

Privacy Policy

Last updated: 2026-04-18

1. Who we are

This service (“Vaša Booking platforma”, “we”, “us”) is a booking platform that lets customers find and book appointments with local businesses (“tenants”). We operate the platform itself; each business manages its own services, staff, and bookings.

For any privacy-related request, contact us at darkcalusic@hotmail.com.

2. What data we process

  • Account data. Email, name, and (optionally) a phone number, used to identify you and deliver booking updates.
  • Authentication credentials. Either a password (stored hashed with bcrypt) or an OAuth identity provided by a provider you chose (e.g. Google). We never see your password for OAuth sign-ins.
  • Booking data. Service, staff, date/time, and optional notes. A snapshot of your name, email, and phone at the time of booking is stored alongside each booking so the tenant can contact you even if you later change your profile.
  • Session cookies. A signed session cookie issued by NextAuth so you stay signed in between page loads, plus a CSRF-protection cookie. No advertising or tracking cookies are set by us.

3. Legal basis

  • Contract. Processing needed to create your account and to deliver the bookings you requested.
  • Legitimate interest. Keeping the platform secure (fraud / abuse prevention, session protection).
  • Consent. Only where you actively opt in — e.g. loading an embedded Google Map, or any future analytics or marketing features that would require consent before we can switch them on.

4. Who sees your data

  • The tenant you book with sees your name, contact details, and booking history with them. They do not see your bookings with other tenants.
  • Our processors — database hosting, email delivery, optional SMS delivery. They act under our instructions and only process the minimum data needed to deliver each feature.
  • Third parties you explicitly engage — for example, Google when you click “Show map” on a tenant’s footer. Their privacy policies then apply in addition to ours.

5. Retention

Account data is kept for as long as your account exists. Bookings are retained together with the account. You may request deletion at any time by contacting us.

6. Your rights

Under GDPR you have the right to access, rectify, delete, export, or restrict processing of your personal data, and to object to processing based on legitimate interest. You may also withdraw any consent you previously gave (for example, the map embed consent stored in your browser) without affecting past lawfulness.

To exercise any of these rights, email us at the address at the top of this page.

7. Changes

If we change how we process your data we will update this page and the “Last updated” date at the top. Material changes that require renewed consent will be surfaced in-app.

See also the Cookie Policy.