Overview of our Privacy Policy

Our approach to your privacy

Cuando utiliza el sitio web oficial de SimplyBook.me Ltd (sujeto a nuestros Términos y Condiciones del sitio web) y nuestros Servicios (sujeto a nuestros Términos y condiciones), nos confía sus datos personales. Es cierto que tratamos una gran cantidad de datos diferentes, por lo que nuestro compromiso de salvaguardar su confianza en nosotros es nuestro objetivo.

Para comprender cómo logramos esto, lea este documento detenidamente mientras explicamos nuestras prácticas de privacidad. Comprenderá cómo recopilamos, usamos, a veces compartimos sus datos personales y qué puede hacer al respecto, siempre con el propósito de brindarle nuestro servicio óptimo.

Lea este documento junto con nuestro Acuerdo de procesamiento de datos y la versión firmada aquí , así como nuestros Términos y condiciones .

  • 01

    RECOPILACIÓN DE DATOS:

    ¿Qué datos personales recopilamos?

    • datos que nos proporciona al registrarse y mientras utiliza nuestro sistema, como su nombre, correo electrónico, dirección, etc.;

    • datos creados cuando utiliza nuestros servicios, como su dirección IP, tipo de navegador y otros.

  • 02

    PROCESAMIENTO DE DATOS:

    How do we use your personal data?

    • In order to provide you with outstanding services;

    • Make our website better and more efficient;

    • Allow you to interact where possible;

    • Provide you with support when needed;

    • For research and development.

  • 03

    COMPARTIR DATOS:

    With whom we share your personal data?

    • Como parte del grupo team.blue, con nuestros proveedores de servicios cuando sea necesario;

    • con otras personas como nuestros contratistas y consultores) y empresas como los proveedores de sistemas de pago con los que colaboramos, consulte la sección Compartir sus datos personales, a continuación.

    See our DPA for more.

  • 04

    ALMACENAMIENTO DE DATOS:

    Where is your personal data stored?

    We are a company based in Cyprus and store your personal data worldwide, depending on the location of your business. For EU based businesses though your data including backups is stored in the EU, it may be transferred outside the EU. See more information under Where is your personal data stored?

  • 05

    SUS DERECHOS COMO TITULAR DE LOS DATOS:

    What are your rights as a data subject?

    • Ask for a copy of your personal data request that we amend something included in your personal data, because it is wrong;

    • Request that we delete your personal data in part or in full;

    • Restrict us to or request to us to stop in full, the processing of your personal data;

    • Request that we provide your personal data to another company;

    • Take back the consent you gave us to process your personal data.

    • Si se encuentra fuera de la UE o del EEE y el RGPD no se aplica, hay una sección especial para sus derechos.

Privacy Policy of SimplyBook.me LTD

I. Introducción

This is the Privacy Policy of SimplyBook.me Ltd which explains how we comply with the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) and other national and international applicable laws and regulations in all our business operations.

We have implemented appropriate measures and records demonstrating compliance with the GDPR and can therefore take responsibility for the processing of your personal data. Respecting the principles of GDPR (lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality (security) and accountability) is the key objective in all our business operations involving processing of personal data.

II. Our Information

Somos SimplyBook.me Ltd y ofrecemos una solución de reserva de citas que incluye una amplia gama de funciones, como un sistema de promoción y marketing, un sistema de ventas y un sistema de contacto con el cliente (colectivamente, los "Servicios"). Puede consultar nuestros Términos y Condiciones, que contienen más detalles de nuestros servicios y nuestras obligaciones legales, junto con nuestro Acuerdo de Procesamiento de datos descripción general y versión firmada aquí.

In order to comply with the requirements of the GDPR, we must inform you that we are the “data controller”, making decisions about your personal data, when you visit our official website: www.simplybook.me and other sub-websites operated by us in accordance with our Website Terms and Conditions which you accept.

For this document and all privacy and personal data protection purpose, our information and contact details is as below:

III. Information We Collect About You

When you visit our website and wish to use our services, as per our Terms and Conditions, we will need to collect various information about you. In this part of the document, we explain the categories and where necessary the source of specific personal data we process. For the processing, we also clarify why we need to collect and use our personal data as well as the legal basis for our actions.

Usage Data

Data includes information related to the use of this website and the system we offer: company information, IP address, geographical location, browser type and version, operating system, referred source, length of visit, and page views and website navigation paths, as well as information about the timing, frequency and pattern of your system use.

  • Source:

    Analytics tracking system such as Google Analytics and similar.

  • Purposes:

    Understand which sub websites cater to you and give you more information on it, improve our services and offer you usage suggestions that might suit your needs.

  • Legal Basis:

    Legitimate interests ➝ monitoring and improving our website, system, client service and system services.

Account Data

This is the information you give us when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the System: name, contact email address, profile photo, bio, other details to your profile information to be displayed on your Service provider profile or on your Company profile with our system so that your clients can book services with you.

Please note that we need to keep track of your preferences when selecting specific settings.

  • Source:

    You, your employer or the user who sets up the system for his personal or company purposes.

  • Purposes:

    Operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and used for communicating with you.

  • Legal Basis:

    Legitimate interests & contractual obligations ➝ provide you with our system services so that you can display your information and sell services and products.

User's clients data

This is the information entered into the system from the clients of the User when they use the software to make a booking, such as name, surname, email address etc.

  • Source:

    You, your employer or the user who sets up the system for his personal or company purposes.

  • Purposes:

    Operating the system so that your clients can effectively book appointments online with their chosen service providers.

  • Legal Basis:

    Legitimate interests & contractual obligations ➝ enable proper operation of the system and services.

Service provider's data

When you include personal data of your service providers in your account: name, address, telephone number, email address, profile pictures, and other details that are added to the service provider's profile.

This specific information will be available on the user’s booking site, supplied by us, on a widget that may be inserted into users own website, on users social media profiles, on our directory sites where all system users are displayed, unless they specifically opt out of being displayed there.

  • Source:

    The data subject and data controller

  • Purposes:

    Make a booking and use the services offered by the User.

  • Legal Basis:

    legitimate interests & contractual obligations ➝ enable proper operation of the system and services.

Publication data

Information that you create for your bookable services, products for sale, promotions, or as company information.

You acknowledge that personal data that you submit for publication through our system or services about you, your company, service providers, products, promotions, services or related things may be available, via the internet, around the world. We CANNOT prevent the use (or misuse) of such personal data by others.

  • Source:

    You, your employer or the user who sets up the system for his personal or company purposes.

  • Purposes:

    Operating the system so that clients can effectively book appointments online and purchase products and read about your business and service offering.

  • Legal Basis:

    Legitimate interests & contractual obligations - enable proper operation of the system and services.

Enquiry data

Information contained in any enquiry you submit to us through email or live support regarding the system and our services.

  • Source:

    You or the user who sets up the system for his personal or company purposes, or your clients.

  • Purposes:

    Analysing our users' problems and helping them to solve the issues as well as improving the system when relevant.

  • Legal Basis:

    Legitimate interests ➝ enable proper operation of the system and services.

Transaction data

Information relating to transactions, including purchases of goods and services, that you enter into with us and/or through our website: contact details and the transaction details.

  • Source:

    You, as a data subject.

  • Purposes:

    Supplying the purchased goods and services and keeping proper records of those transactions.

  • Legal Basis:

    Legal obligation - proper accounting practices.

We use our own Notando Accounting System for this processing and run this on our own dedicated servers, hosted in the EU. We have to keep all invoicing data that contains your purchases, name, address, and email for 7 years for financial reporting and VAT purposes.

Company information

When you include information about your company in the company profile of the system we offer: name, address, telephone number, email address, profile pictures, and other details that you add to your company profile.

This specific information will be available on your booking site, supplied by us, on a widget that may be inserted into the user's own website, on users social media profiles, on our directory sites where all system users are displayed, unless they specifically opt out of being displayed there.

  • Source:

    You, your employer or the user who sets up the system for his personal or company purposes.

  • Purposes:

    You, your employer or the user who sets up the system for his personal or company purposes.

  • Legal Basis:

    Legitimate interests & contractual obligations ➝ enable proper operation of the system and services.

Notification data

Information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters.

  • Source:

    You, as a data subject.

  • Purposes:

    Sending you the relevant notifications and/or newsletters to inform you about changes within the system and how you can make the most of using SimplyBook.me.

  • Legal Basis:

    Consent ➝ to receive specific information from us, which may be withdrawn at any time by contacting us.

Correspondance data

Information contained in or relating to any communication that you send to us.

  • Source:

    You, as a data subject.

  • Purposes:

    Communicating with you and record-keeping.

  • Legal Basis:

    Legitimate interest ➝ proper administration of our website and business and communications with users.

In addition to the specific legal basis of processing your personal data mentioned above, we may need to process personal data for our legitimate interests and as below:

for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure;

for the proper protection of our business interests against risks and obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice.

IV. Where We Store Your Information?

Your personal data is stored on servers located in three reputable data centres, in Canada, France and Singapore all of which meet the R82 and R81 APSAD standards and work according to ISO/IEC 27001 standard. Check out how we always prioritise the importance of information security, here.

For our enterprise clients, we offer dedicated servers in Canada, UK, Australia and Belgium or any other location, subject to availability and additional requirements and legal obligations.

Ponte en contacto con nosotros para saber más sobre esto.

V. How Long We Keep Your Information?

We must comply with several legal obligations in relation to the retention and deletion of personal data. Therefore, in all cases, we will keep your data only for the period required for the purposes of processing stated herein, respecting the principle of “data storage” of GDPR. This means that as long as you remain a user of our system - you can edit this data at any point in time and request a deletion by cancelling the usage of the system. Since we keep backups of all databases for up to 30 days, this data may still exist for up to 30 days on our servers at which point in time it gets deleted.

VI. Privacy By Design and By Default

Hemos implementado “medidas técnicas y organizativas apropiadas” para seguir los principios de protección de datos de manera efectiva y salvaguardar los derechos individuales. Específicamente, realizaremos una Evaluación de impacto de la protección de datos ("DPIA") cuando así lo requiera el RGPD, para identificar y minimizar los riesgos de procesamiento de datos de un proyecto.

  • Security icon

    Seguridad

    Además, todas nuestras medidas de seguridad forman parte del Sistema de Gestión de Seguridad de la Información ("SGSI") general de SimplyBook.me Ltd, de acuerdo con el estándar ISO/IEC 27001.

  • Hipaa icon

    Privacy of medical data / Protected health information

    Puede cargar a través de notas en su cuenta ciertos datos médicos o información de salud protegida (como se define en la Ley de Responsabilidad y Portabilidad del Seguro Médico de 1996, “HIPAA”).

    A los efectos de proporcionar nuestro software y servicios SimplyBook.me, es posible que tengamos acceso restringido a dicho tipo de información y debemos cumplir con las regulaciones HIPAA aplicables como socio comercial.

    Eche un vistazo a cómo cumplimos con HIPPA aquí

Lea más sobre nuestro enfoque de seguridad

VII. Sharing of Your Personal Data

Para operar de manera efectiva como empresa y también brindar servicios, productos y características impecables, debemos compartir algunos de sus datos personales. El intercambio se limita a la medida necesaria para los fines específicos y durante el período necesario para garantizar nuestras operaciones comerciales. Por lo tanto, nuestros servicios para usted no se verán comprometidos y sus derechos no serán infringidos.

(a) Compartir para la prestación de nuestros otros servicios/productos:

Solución de Software SimplyMeet.me

Somos los propietarios y le ofrecemos la solución de software de reuniones en línea SimplyMeet.me que le permitirá organizar sus reuniones. Visite el sitio web oficial de SimplyMeet me aquí para obtener documentos legales relevantes.


SBPay Básico y Pro

La Solución SBPay que se ofrece a los Usuarios es sujeta a nuestros Términos & Condiciones y complementa nuestro plugin"Aceptar pagos".

Para proporcionar el SBPay en cualquiera de las versiones, recopilaremos y almacenaremos: todos los datos de la transacción de procesamiento, la hora, el nombre de Su Cliente, el monto, el artículo que se compra, si es recurrente o no, la dirección IP y el procesador de pago relacionado con la transacción.

Tenga en cuenta que no almacenamos la información completa de la tarjeta de crédito para evitar la identificación del propietario de la tarjeta.

Los datos se almacenan: Alemania (UE) en Google Cloud.


Booking Page

SimplyBook.me Ltd is the owner and operator of the Booking.Page (the “Directory”) which is hosted in the United Kingdom with OVH - read more about OVH security standards Infrastructure & Software.

We have concluded SCC for this processing activity and must be informed that when you explicitly allow publication of your company info, the service provider data and publication data including company reviews in the Booking.Page, you explicitly consent to transfer this data outside EEA, and subject to the provisions herein.

(b) Compartiendo como parte del grupo team.blue:

SimplyBook.me es parte del Grupo team.blue y podemos compartir datos personales de nuestros usuarios con otras entidades dentro del Grupo, sujeto a las disposiciones de nuestro Marco Interno de Intercambio de Datos Global.

El grupo team.blue, que consta de varias marcas y filiales, puede mejorar la coordinación y la asignación de recursos compartiendo datos internamente. Esto permite una colaboración más eficiente en mejoras de productos, campañas y servicio al cliente. Los datos personales pueden compartirse entre las empresas del grupo team.blue con fines de estadísticas de marketing, administración interna y generación de informes, pero solo en la cantidad necesaria para el uso previsto y con las medidas de protección adecuadas implementadas para evitar el acceso o la divulgación no autorizados.

(c) Compartir con subprocesadores:

We have appointed sub-processors with which we will share your personal data such as:

proveedores de servicios designados, socios comerciales y proveedores externos que nos ayudan a brindar nuestros servicios

autoridades legales, organismos reguladores y otros terceros cuando lo requiera la ley.


Todas las actividades de procesamiento de datos con partes ubicadas dentro de la UE y el EEE se rigen por las disposiciones del RGPD y los respectivos Acuerdos de procesamiento de datos.

Cuando transferimos sus datos personales a un país no ubicado en la UE o el EEE :

verificaremos y nos aseguraremos de que existan mecanismos y salvaguardas legales específicos: y tales como “decisión adecuada” para esa jurisdicción, “Cláusulas Contractuales Estándar” (“SCC”) concluidas u otras;

we follow the recent developments in the law and do not rely on the Privacy Shield but the Data Privacy Framework, to the extent applicable and valid;

Para nuestras operaciones comerciales que implican la transferencia de datos personales desde la Unión Europea (“UE”) y/o el Espacio Económico Europeo (“EEE”) al Reino Unido, nos basamos en la decisión de la Comisión Europea de fecha 28 de junio de 2021 (ver más información aquí).

Find a list of sub-processors as part of our online DPA here.

Where there is a change to this list, we will notify you and you can submit any objection via email to legal@simplybook.me, within 15 days.

VIII. Cookies y Tecnologías de Terceros (Estadísticas y análisis)

General Statements:

a) Con fines de seguridad y detección de comportamientos fraudulentos, SimplyBook.me Ltd ha implementado un sistema de control automatizado, que utiliza cookies y otras tecnologías de seguimiento similares, para rastrear y analizar cierto comportamiento de los usuarios en el sitio, asociado con su IP. direcciones y otros datos personales asociados a la navegación en el sitio. La consecuencia de dicho procesamiento es que, si un visitante intenta realizar una conducta fraudulenta en el sitio, por ejemplo para beneficiarse varias veces de la misma promoción sin tener derecho a hacerlo, SimplyBook.me Ltd se reserva el derecho de excluir dicha persona de la promoción o tomar cualquier otra medida apropiada para su propia protección.

b) Actividades de análisis mediante seguimiento mediante el uso de cookies y tecnologías similares, destinadas a verificar y medir la calidad y eficacia de las campañas publicitarias online de SimplyBok.me Ltd, con el fin de mejorar el rendimiento de dichas campañas, así como los servicios ofrecidos por SimplyBook.me Ltd.

c) SimplyBook.me Ltd utiliza cookies con fines funcionales y estadísticos, para detectar comportamientos fraudulentos y medir la eficacia de las campañas y servicios publicitarios.

Cookie

Like most websites, we use cookies and we wish to clarify here that cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies. If you need to know more, find everything in our Cookies Policy.

Estática y Análisis

In order to improve our website and product, we use tools for statistics and analysis in order to obtain an accurate overview on how visitors interact with our system and our website, so we can make it better. Note that where possible, we enable relavnt settings in the tools we use and mention below, in order to minimise the personal data we process.

Google Analytics: a web analysis service provided by Google Ireland Limited (“Google”) which allows us to track and examine the use of our website and have reports on activities and share them with other Google services.

You can learn more by consulting Google’s official documentation and Google Analytics Opt-out Browser Add-on Download Page.

Matomo (previously Piwik): an analytics service provided by InnoCraft, an open-source web analytics tool, to track and analyse visits to our website. Matomo collects data such as IP addresses (anonymised), browser information, and pages visited. This helps us understand how you interact with our site and as well as admin interface of your account, and hence help us improve your experience.

Visit Matomo’s website for more information: https://matomo.org/gdpr-analytics/.

Fullstory: an analytics and heat mapping service provided by FullStory, Inc. showing us how frequently visitors interact with the different areas of our website and admin interface of their account, in order to draw conclusions on how we can improve our services

For more information, visit FullStory’s website and specifically Fullstory Privacy Policy. You can opt out of FullStory tracking by enabling "Do Not Track" in your browser settings or by using FullStory's Opt-Out Option.

Leadinfo: a lead generation service provided by Leadinfo B.V., Rotterdam, The Netherlands, which recognise visits of companies to our website based on IP addresses and shows us related publicly available information, such as company names or addresses. In addition, Leadinfo places two first-party cookies for providing transparency on how our visitors use our website and the tool processes domains from provided form inputs (e.g. “leadinfo.com”) to correlate IP addresses with companies and to enhance its services.

For additional information, please visit www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. In the event of an opt-out, your data will no longer be used by Leadinfo.

IX. Direct Marketing Communication

Para comunicarnos con usted con fines promocionales y de marketing, necesitamos tener su consentimiento claro y también informarle cómo procesaremos sus datos personales para estos fines. Por lo tanto, al hacer clic para recibir actualizaciones con fines promocionales y de marketing durante el procedimiento de registro, usted da su consentimiento y nos permite utilizar sus datos personales y comunicarnos con usted por correo electrónico, SMS o mensajería instantánea, como WhatsApp.

Sus datos personales para fines de marketing y comunicación se almacenarán únicamente en nuestra base de datos interna y no los compartiremos con terceros, a menos que actúen como proveedores de nuestros servicios y formen parte de nuestras operaciones comerciales. Esto significa que hemos establecido una colaboración, protegida por las disposiciones de protección de datos y privacidad.

For the user communication related to system usage, we use a self hosted version of marketing automation tools to avoid external access to our user's data. Therefore, we track user's actions within our system and send appropriate email and system messages to assist with the usage, where users have allowed us to communicate with them, by checking the marketing communication box during sign up.

Como parte de nuestros esfuerzos de marketing y en interés legítimo de SimplyBook.me Ltd, podemos enviar correos electrónicos o mensajes de texto de marketing promocionando productos o servicios similares a nuestros clientes, de conformidad con la exención de aceptación suave. Esta exención nos permite comunicarnos con nuestros clientes existentes con ofertas de productos o servicios similares a los que nos compraron anteriormente.

In all cases, your personal data will be processed based on our instructions as data controller of your data and in compliance with the provisions of this Policy. We do not use marketing automation platforms and do not perform any automated decision-making processing of your personal data.

The unsubscribe option is available in all our communications for marketing purposes.

X. Your Rights

You are a “data subject” in accordance with the provisions of GDPR and have the below rights which you can exercise freely:

el derecho de acceso;

el derecho de rectificación;

el derecho de supresión;

el derecho a un tratamiento limitado;

el derecho a oponerse al procesamiento;

el derecho a la portabilidad de datos;

the right to complain to a supervisory authority;

el derecho a retirar su consentimiento.

If you wish to use any of your rights, please contact us via email dpo@simplybook.me or UKRepresentative@simplybook.me.


Lea la siguiente sección cuando se encuentre fuera de la UE o el EEE y el RGPD no se aplique.

Los derechos de los Usuarios en Suiza están en línea con la Ley Federal Suiza sobre Protección de Datos (FADP) y las disposiciones del presente documento e incluyen: acceso a Datos Personales; derecho a oponerse al procesamiento de sus Datos personales (que también permite a los Usuarios exigir que se restrinja el procesamiento de Datos personales, que se eliminen o destruyan los Datos personales y que se prohíba la divulgación específica de Datos personales a terceros); derecho a recibir sus Datos Personales y transferirlos a otro responsable del tratamiento (portabilidad de datos); derecho a solicitar la corrección de datos personales incorrectos.

Los derechos de los Usuarios en Brasil están alineados con la "Lei Geral de Proteção de Dados" (LGPD) y las disposiciones aquí.

Los derechos de los Usuarios en los EE.UU., están en línea con la Ley de Privacidad del Consumidor de California de 2018" (CCPA), actualizada por la Ley de Derechos de Privacidad de California (CPRA) (colectivamente la “CCPA/CPRA”) y Ley de Protección de Datos del Consumidor de Virginia (VCDPA), en la medida relevante y aplicable a las operaciones comerciales de SimplyBook.me.

SimplyBook.me Ltd DOES NOT sell or share the personal information of its Users and the above rights can be exercised by respective individuals via contact details provided above and free of charge and/or to the extent applicable via your Account, subject to certain conditions and exceptions, to the extent SimplyBook.me Ltd must comply with the relevant law/regulation. The provisions above supersedes any other possibly divergent or conflicting information contained herein.

XI. Changes to our Privacy Policy

We may change this document at any time in order to reflect changes in the law or our practices. Keep an eye on our website for any updates. If we change anything major in this document, we will inform you.

Last update: 25/09/2024

Version: 3.1

Previous version available here