Privacy Policy
Version: 2026-06-11
1. Data We Process
We process account information (name, email, login activity), clinic configuration data, and operational booking data required to provide Appointa services.
2. Purpose and Legal Basis
We process data to provide contracted services, secure accounts, meet legal obligations, and improve product reliability. Where required, we rely on consent and legitimate interests as legal bases.
3. Analytics and Product Improvement
Where optional analytics are enabled, Appointa may collect privacy-conscious usage events such as page views, marketing call-to-action clicks, sign-up starts, pricing views, help article views, and public booking starts. We do not intentionally send patient or client names, contact details, appointment notes, form answers, health information, invite tokens, or payment details to analytics providers.
4. GDPR Roles
Clinics using Appointa are typically data controllers for patient/client data. Appointa acts as data processor and processes data only on documented instructions from the clinic, except where law requires otherwise.
5. Data Retention
We retain personal data only as long as necessary for service delivery, legal obligations, dispute resolution, and security auditing.
6. Data Subject Rights
Subject to applicable law, you may request access, correction, deletion, portability, restriction, or objection to processing. You may also lodge a complaint with your data protection authority.
7. Cross-border Transfers
Where data is transferred internationally, we apply appropriate safeguards, such as contractual protections and security controls.
8. Contact and Requests
To submit privacy requests, contact privacy@easyappointa.com.