This document illustrates the privacy practices of SimplyBook.me Ltd (“We”, “Us” or otherwise) when offering You (“User”) the SimplyMeet.me Software Solution. In order to understand how we achieve this, please read this document carefully. We explain how we collect, use, sometimes share your personal data and what you can do about it, always with the purpose of providing you with our optimal services.
We respect the principles of GDPR: lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality (security), and accountability; in all our business operations involving processing of personal data.
This document explains how we comply with the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) and other national and international applicable laws and regulations in all our business operations. For our compliance, we have implemented appropriate measures and keep records demonstrating compliance with the GDPR and responsibility for the processing of your personal data.
Please note that, unless otherwise defined below, all the definitions contained in the Legal Documents (see above) are applicable in this document.
II. Our information
We are SimplyBook.me Ltd, the legal and beneficial owner of the SimplyMeet.me Software Solution, a platform which facilitates the online scheduling of meetings (the “Software”). For this document and all privacy and personal data protection purpose, our information and contact details is as below:
The national data protection authority relevant to our operations is the Cyprus Commissioner for Personal Data Protection (check their website here).
When You visit our Website and sign-up for a SimplyMeet.me Account, You consent to the collecting and processing of below personal data:
Usage Data: information that relates to the website domains of SimplyMeet.me Software Solution
company information, IP address, geographical location, browser type and version, operating system, referred source, length of visit, and page views and website navigation paths, as well as information about the timing, frequency and pattern of your system use.
the source of this information is the analytical tracking system we use Google Analytics
we need this information for the purposes of understanding which sub-websites best suit your needs, to improve our services and offer you usage suggestions that might suit your needs
the legal basis of processing this type of personal data is legitimate interest: monitor and improve our website and system and our services to you
Account Data: the personal data (information) You give Us when registering for a SimplyMeet.me Account and maybe later on modify, set your preferences and/or otherwise make changes to it. Please note that we need to keep track of your preferences when selecting specific settings.
name, contact email address, profile photo, bio, other details to your profile information displayed in your SimplyMeet.me Account.
you are the source of this information
the purposes of processing this information is to operate our website, provide the SimplyMeet.me Software Solution to You, ensure the security of our operations, maintain our databases and communicate with you when needed
the legal basis for the processing of this type of personal data is legitimate interests & contractual obligations: provide you with our SimplyMeet.me Software Solution
Query Data: the personal data contained in any query you submit to us through an email or the live support.
name, contact email address, other details you include in the communication means
you are the source of this information
the purposes of processing this information is to check and respond to your query, generally improving our system when required
the legal basis for the processing of this type of personal data is our legitimate interest: enabling proper operation of the SimplyMeet.me Software Solution.
Financial data: information relating to your transactions for your SimplyMeet.me Account.
such as your name, surname, contact details and transaction details which may contain personal data
you are the source of this information (as the data subject and controller)
the purposes of processing this information is to supply our SimplyMeet.me Software Solution efficiently and keep proper records of transactions
the legal basis for the processing of this type of personal data is compliance with our legal obligations: perform proper accounting practices.
IV. Storage of your personal data:
Where do you keep my personal data?:
Your personal data is stored on Google Cloud servers located in Germany (EU). Check out how we always prioritize the importance of information security, here.
How long do you keep my personal data for?:
We will keep your data as long as necessary to provide you the SimplyMeet.me Software Solution and make sure you can use your SimplyMeet.me Account.
As you can edit your personal data at any point in time and request a deletion by cancelling the usage of the system, we only keep backups in our systems for 30 days - after which your personal data will be deleted completely from your records.
p.s. we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject to such as accounting laws, or in order to protect your vital interests or the vital interests of another natural person.
personal data processed for transactional purposes will be kept in our records for 7 years for financial reporting and VAT purposes.
V. Our appropriate technical and organisational measures:
We rely on the concepts of “privacy by design” and “privacy by default” and follow the data protection principles effectively and safeguard individual rights. Where required, our team will perform a Data Protection Impact Assessment (“DPIA”) for identifying and minimizing the data processing risks of a project.
We share your personal data for the purposes of providing the SimplyMeet.me Software Solution and making sure you can operate your SimplyMeet.me Account with the below sup-processors. The sharing is limited to the extent required for the specific purposes mentioned and for the period required only.
List of our sub-processors
DPA with SCC
Hosting service provider
DPA with SCC
Chat service provider
Statistics and Analytics
DPA with SCC
Domain and DDOS management
DPA with SCC
An at least an annual review of all our suppliers with whom we share personal data is performed by our DPO, legal and security team.
Our team ensues that processing activities by SimplyBook.me Ltd with sub-processors operating:
within the EU and EEA are governed by the provisions of the GDPR and respective Data Processing Agreements;
Your sales transaction information is processed via our internal Notando Accounting System - running on our own dedicated servers located in the EU.
When you activate the SPBay.me Solution in Your Account, you hereby agree and understand that we will collect and store: all processing data, time, name of Your client, amount, item being purchased, if recurring or not, IP address, payment processor. Note that we do not store full credit card information.
Data is stored: Germany (EU) on Google Cloud.
Data is shared with: no third party.
Following the recent developments in the law and especially the judgment of the European Court of Justice for the Schrems II case (Thursday 16 July 2020) we do not further rely on the Privacy Shield framework and principles for the transfer of personal data with our main USA-based services providers.
For our business operations which involve the transfer of personal data from the EU and/or EEA to the United Kingdom, we rely on the decision of the European Commission dated on the 28th day of June, 2021 (see more info here).
VII. Our Cookies Policy:
you can always change cookies settings from your browser and delete cookies completely
when you delete/disable cookies, you may find it hard to use our website efficiently
while cookies do not typically contain any information that personally identifies a user, personal information that we store about you may be linked to the information stored in and obtained from cookies.
What types of cookies do we use, for what purposes and which third parties are involved?
Strictly Necessary cookies - which are essential for the purposes of enabling to use simplymeet.me website and the SimplyMeet.me Software Solution as well as to:
assist you when when you visit our website and as you navigate our website
determine your login status such as if you are logged into our website
show and edit your account information
Advertising & Analytics cookies - which are pixels used to deliver relevant ads, track email marketing or ad campaign performance and efficiency.
The purposes of those cookies include: understanding, improving and researching products and services we offer and may be interesting for you when you use your device.
By the way, you can check our Cookies Policy for our Website here.
VIII. Direct Marketing Communications:
Any direct marketing communication solely for marketing and promotion purposes shall be performed if you have clearly consent to once you signed up for your SimplyMeet.me Account and you may withdraw your consent at any time by clicking on the unsubscribe option available.
For the user communication related to system usage, we use a self hosted version of marketing automation tools to avoid external access to our user's data. Therefore, we track user's actions within our system and send appropriate email and system messages to assist with the usage, where users have allowed us to communicate with them, by checking the marketing communication box during sign up.In all cases, your personal data will be processed based on our instructions as data controller of your data and in compliance with the provisions of this Policy. We do not use marketing automation platforms and do not perform any automated decision-making processing of your personal data.
IX. Your rights as data subject:
As per GDPR, You are a “data subject” and have the below rights which you can exercise freely at any time via your SimplyMeet.me Account or by contacting our firstname.lastname@example.org
the right to access;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to object to processing;
the right to data portability;
the right to complain to a supervisory authority;
the right to withdraw consent.
X. That's all folks
In order to ensure that we comply with the GDPR and maybe change our business operations for better delivery, we may change this document at any time. We will notify you when the changes are crucial but in any case, keep an eye on our website for any updates.