Privacy and Policy
I. Introduction
This is the Privacy Policy of GetBookingsWP.com Ltd which explains how we comply with the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) and other national and international applicable laws and regulations in all our business operations.
We have implemented appropriate measures and records demonstrating compliance with the GDPR and can therefore take responsibility for the processing of your personal data. Respecting the principles of GDPR (lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality (security) and accountability) is the key objective in all our business operations involving processing of personal data.
II. Our Information
We are GetBookingsWP.com Ltd and provide an appointment booking solution including a wide range of features such as promotion and marketing system, sales system and client contact system (the “Services”). You may check our Terms and Conditions, containing more details of our services and our legal obligations, together with our Data Processing Agreement overview and signed version here..
In order to comply with the requirements of the GDPR, we must inform you that we are the “data controller”, making decisions about your personal data, when you visit our official website: www.GetBookingsWP.com and other sub-websites operated by us in accordance with our Website Terms and Conditions which you accept.
III. Information We Collect About You
When you visit our website and wish to use our services, as per our Terms and Conditions, we will need to collect various information about you. In this part of the document, we explain the categories and where necessary the source of specific personal data we process. For the processing, we also clarify why we need to collect and use our personal data as well as the legal basis for our actions.
Data includes information related to the use of this website and the system we offer: company information, IP address, geographical location, browser type and version, operating system, referred source, length of visit, and page views and website navigation paths, as well as information about the timing, frequency and pattern of your system use.
This is the information you give us when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the System: name, contact email address, profile photo, bio, other details to your profile information to be displayed on your Service provider profile or on your Company profile with our system so that your clients can book services with you.
When you include personal data of your service providers in your account: name, address, telephone number, email address, profile pictures, and other details that are added to the service provider’s profile.
This specific information will be available on the user’s booking site, supplied by us, on a widget that may be inserted into users own website, on users social media profiles, on our directory sites where all system users are displayed, unless they specifically opt out of being displayed there.
You acknowledge that personal data that you submit for publication through our system or services about you, your company, service providers, products, promotions, services or related things may be available, via the internet, around the world. We CANNOT prevent the use (or misuse) of such personal data by others.
When you include information about your company in the company profile of the system we offer: name, address, telephone number, email address, profile pictures, and other details that you add to your company profile.
This specific information will be available on your booking site, supplied by us, on a widget that may be inserted into the user’s own website, on users social media profiles, on our directory sites where all system users are displayed, unless they specifically opt out of being displayed there.
IV. Where We Store Your Information?
Your personal data is stored on servers located in three reputable data centers, in Canada, France and Singapore all of which meet the R82 and R81 APSAD standards and work according to 27001:2013 standart. Check out how we always prioritize the importance of information security, here.
For our enterprise clients, we offer dedicated servers in Canada, UK, Australia and Belgium or any other location, subject to availability and additional requirements and legal obligations.
V. How Long We Keep Your Information?
We must comply with several legal obligations in relation to the retention and deletion of personal data. Therefore, in all cases, we will keep your data only for the period required for the purposes of processing stated herein, respecting the principle of “data storage” of GDPR. This means that as long as you remain a user of our system – you can edit this data at any point in time and request a deletion by cancelling the usage of the system. Since we keep backups of all databases for up to 30 days, this data may still exist for up to 30 days on our servers at which point in time it gets deleted.
VI. Direct Marketing Communication
In order to contact you for marketing and promotional purposes, we need to have your clear consent and also inform you how we will process your personal data for these purposes. Therefore, by clicking to receive updates for marketing and promotional purposes during the sign-up procedure, you hereby consent and allow us to use your personal data and contact you.
Your personal data for marketing and communication purposes will be stored in our internal database only and we shall not share your personal data with third parties unless they act as our service providers and are part of our business operations. This means we have we have established collaboration, safeguarded by data protection and privacy provisions.
For the user communication related to system usage, we use a self hosted version of marketing automation tools to avoid external access to our user’s data. Therefore, we track user’s actions within our system and send appropriate email and system messages to assist with the usage, where users have allowed us to communicate with them, by checking the marketing communication box during sign up.
In all cases, your personal data will be processed based on our instructions as data controller of your data and in compliance with the provisions of this Policy. We do not use marketing automation platforms and do not perform any automated decision-making processing of your personal data.
VII. Sharing of Your Personal Data
In order to operate effectively as a company and also provide flawless services, products and features, we must share some of your personal data. The sharing is limited to the extent required for the specific purposes and for the period required in order to ensure our business operations. Therefore, our services to you will not be jeopardised and your rights are not infringed. We perform at least an annual review of all our suppliers with whom we share personal data.
All data processing activities with parties located within the EU and EEA are governed by the provisions of the GDPR and respective Data Processing Agreements.
VIII. Cookies and Third-Party Technologies
Like most websites, we use cookies – a file containing an identifier, a string of letters and numbers that is sent by a web server to a web browser and is stored by the browser and is then sent back to the server each time the browser requests a page from the server. Cookies can be either “persistent” and be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; or “session” and will expire at the end of the user session, when the web browser is closed.
We wish to clarify here that cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
IX. Your Rights
You are a “data subject” in accordance with the provisions of GDPR and have the below rights which you can exercise freely:
You are a “data subject” in accordance with the provisions of GDPR and have the below rights which you can exercise freely:
the right to access;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to object to processing;
the right to data portability;
the right to complain to a supervisory authority;