The short version: Appointer collects only what we need to run the Service. We never sell your data. Payments run through LiqPay and settle to your own account — we never see card numbers or hold funds. You (and your clients) can have data exported or permanently deleted at any time. We follow GDPR principles for everyone, everywhere.
2. Who is responsible
For our own account holders' data (your name, email, business details), the controller is [FOP/TOV NAME], registered in Ukraine at [ADDRESS]. For the personal data of your clients that you manage in Appointer, you are the controller and Appointer is your processor — we handle that data only on your instructions, as set out in our Data Processing Agreement. This policy explains both roles.
3. What we collect
We collect three categories of information:
- Account information — your name, email, business name, and password (stored hashed, never in plain text). If you sign in with Google, we receive your name and email address from Google. Payment details for card transactions are handled by LiqPay; we never see or store card numbers.
- Customer Data — the bookings, client records, messages, and payment metadata you create in Appointer. You control this; we process it on your behalf.
- Usage data — basic logs (IP address, browser, pages visited, errors) and product analytics so we can run the Service, keep it secure, and fix problems.
4. How we use it
We use your information to:
- Provide, maintain, and improve the Service.
- Send transactional email and SMS on your behalf (booking confirmations, reminders, and the messages you configure).
- Support billing and the online payments you take from your clients.
- Communicate with you about your account and the Service.
- Detect and prevent abuse, fraud, and security incidents.
- Comply with legal obligations.
5. Who we share with
We share data only with vendors ("sub-processors") that help us run the Service, each bound to GDPR-grade processing terms:
- LiqPay (PrivatBank) — online card payments, connected to your own merchant account.
- Resend — transactional email delivery.
- Twilio — SMS delivery.
- PostHog — product analytics and session replay (see "Analytics" below).
- Cloud hosting and infrastructure providers — servers, storage, and backups.
The full, current sub-processor list is set out in our Data Processing Agreement. We never sell your personal data to anyone, ever.
6. Payments
When you take deposits or payments from your clients, card processing is handled by LiqPay under a merchant arrangement tied to your business. Funds settle directly to your account; Appointer never holds or receives your clients' money and never sees full card details. We store only payment metadata (amount, status, and the processor's reference) so the payment can be shown against the right booking. Card details are handled by LiqPay under its own privacy terms.
7. Analytics
We use PostHog (EU-hosted) for product analytics, so we can understand how features are used and fix usability problems. Each surface is treated differently. On the marketing site, analytics is cookieless and anonymous — page counting that stores nothing on your device. In the admin app, analytics (including session replay) runs for signed-in account holders with input masking — text you type into fields (such as client names, notes, and any payment inputs) is masked and not captured. On public booking pages, analytics only runs after the visitor accepts a consent banner, is limited to booking-funnel steps, and session replay is excluded entirely — your clients making a booking are never recorded.
8. Cookies
We use a small set of first-party cookies: session cookies for sign-in, a support cookie used only when you ask us to troubleshoot your account, and a language-preference cookie. Product analytics may set its own cookies where enabled. See our Cookies policy for the full list.
9. Your rights
Under GDPR you have the right to:
- Access — see what we have about you.
- Correct — fix any inaccuracies.
- Delete — have your data permanently removed.
- Port — export your data in a machine-readable format.
- Object — to certain processing.
Account holders can export their data and delete their account from the app. If you are a client of a business that uses Appointer, that business controls your data — they can export or erase your record from within Appointer, and we will help them do so. To exercise any right, contact the business you booked with, or reach us via our contact page and we'll route it correctly. We respond within 30 days.
10. Data retention
We keep account data while your subscription is active and for 30 days after you close your account, then permanently delete it. Backups roll off after 30 additional days. Logs are kept for 90 days.
11. Security
All traffic is encrypted in transit, passwords are stored hashed, access to production data is role-based and audit-logged, and we keep regular encrypted backups. See our Security page for the full picture.
12. International transfers
Some of our sub-processors may process data outside your country. Where personal data leaves the EU/EEA, we rely on GDPR safeguards such as Standard Contractual Clauses. Details about processing locations are available on request.
13. Children
Appointer is not directed to anyone under 18. We don't knowingly collect data from children. If you believe we have, please contact us.
14. Changes
Material updates to this policy are notified by email at least 30 days in advance.
15. Contact
For any privacy question or request, email support@appointer.co or reach us via our contact page — it goes straight to the team.