Back to BookSlotBookSlotLegal

Privacy Policy

Last updated: June 2026 · GDPR & Indian IT Act compliant

Your privacy matters. We only collect data we need to run the service, we never sell it, and we make it easy to delete. This policy explains exactly what we collect and why.

What we collect

  • Account data: your name, email address, and password (encrypted) when you register.
  • Business data: your business name, category, description, phone number, and booking page URL.
  • Booking data: client names, emails, and phone numbers when they book through your page.
  • Usage data: pages visited, features used, and error logs to help us improve the service.
  • Payment data: handled entirely by Stripe. We never see or store your card details.

How we use your data

  • To provide and operate the BookSlot service.
  • To send booking confirmation emails to you and your clients.
  • To send product updates and security notices.
  • To analyse how the service is used and improve it.
  • We never sell your data to third parties.
  • We never use your client data for marketing.

Data storage and security

  • Data is stored on MongoDB Atlas servers in the EU (Europe West region).
  • All data is encrypted in transit using TLS 1.2+ and at rest using AES-256.
  • Passwords are hashed using bcrypt with a minimum cost factor of 12.
  • We conduct regular security audits and promptly address vulnerabilities.

Your rights (GDPR)

  • Right to access: request a copy of all data we hold about you.
  • Right to rectification: correct any inaccurate data.
  • Right to erasure: delete your account and all associated data.
  • Right to portability: export your data in a machine-readable format.
  • Right to object: opt out of certain types of processing.
  • To exercise any right, email privacy@bookslot.io.

Your clients' data

  • You are the data controller for your clients' personal data collected through BookSlot.
  • You are responsible for having a lawful basis to collect this data.
  • Your clients may request deletion of their data by contacting you directly.
  • We will delete client data within 30 days of account termination.

Cookies

  • We use essential cookies only: authentication session cookies.
  • We do not use advertising, tracking, or analytics cookies.
  • You can disable cookies in your browser, but this may affect functionality.
  • See our Cookie Policy for full details.

Privacy concerns?

Contact our Data Protection Officer at privacy@bookslot.io. We respond within 72 hours.