Privacy Policy

Bookd ("we", "us"), operating at get-bookd.co.uk, provides a booking platform connecting independent service businesses with their clients. We are the data controller for account information, and each business is the controller for the booking details you share with them. For privacy questions and data requests, contact us at support@get-bookd.co.uk.

We process data to provide the booking service (contract), to send booking confirmations and reminders (contract), to secure accounts and prevent abuse (legitimate interest), to take subscription payments via Stripe (contract), and to comply with legal obligations.

We use strictly necessary cookies only: authentication session cookies (httpOnly, required to keep you signed in) and a cookie remembering your cookie-banner choice. We do not use advertising or tracking cookies.

Booking details are shared between you and the business you book with. We use trusted processors: Supabase (database & authentication, EU/UK-compliant hosting), Stripe (payments) and Resend (transactional email). We never sell personal data.

Account data is kept while your account is active. Booking records are kept for 6 years to support business records, then deleted. Login attempt logs are kept for 90 days. You may request earlier deletion at any time.

You have the right to access, rectify, erase, restrict, object to processing of, and port your personal data, and to withdraw consent. To exercise any right, email support@get-bookd.co.uk. You can also complain to the Information Commissioner's Office (ico.org.uk).

Data is encrypted in transit (TLS) and at rest. Access is protected by row-level security so businesses and clients can only see their own records. Sessions use secure httpOnly cookies.

We'll post any changes to this policy here and update the date above. Material changes will be notified by email.