Privacy Policy
This Privacy Policy explains how personal data is handled in the BookingLounge mobile application and related services (the “Service”). Please read it together with our Terms of Use (EULA).
1. Who we are
The Service is provided by Andi Oliver Ion PFA, a sole proprietorship (Persoană Fizică Autorizată) established in Romania, operating under the “BookingLounge” brand (the “Provider”, “we”, “us”). We act as the data controller for the personal data described below.
Contact: andioliverion@gmail.com
2. Who this applies to
BookingLounge serves two kinds of users:
- Business owners — service professionals who run a single shop in the app.
- Clients — people who join an owner’s shop to request and manage appointments.
For data that an owner records about their own clients, the owner is the controller of that relationship and is responsible for handling it lawfully; we process it on their behalf to operate the booking features.
3. Data we collect
From business owners
- Account details: full name, email address, phone number, preferred language.
- Business content you create: shop name and identifier, professional/display name, welcome text, appearance/branding, services (names, durations, prices), weekly schedule and time-off.
- Media you upload: logo, banner and gallery images.
- Plan status: whether your account is on the Free or Pro tier and how access was granted. We do not store card or payment-instrument data — purchases are handled by Apple (see Section 6).
- Email verification data used to confirm ownership of your email address.
From clients
- Account details: full name, email address, phone number, preferred language.
- Shop membership and its status, and appointment information (chosen service, scheduled time, status, reschedule proposals).
On your device
- A local cache holding your session and profile (user id, role, name, email, phone, current shop, language, onboarding progress, cached shop styling) so the app works smoothly and can restore your session. This stays on your device and is removed when you delete the app or your account.
Sign in with Apple
If you choose Sign in with Apple, Apple may share your name and email with the app to pre-fill your registration. If you use Apple’s “Hide My Email” feature, we receive a private relay address instead of your real email.
4. What we do not collect
We do not collect location data, health data, contacts, or browsing history. We do not use advertising identifiers, analytics or tracking SDKs, and we do not track you across other apps or websites. We do not sell your data.
5. How we use your data
- To create and operate your account and shop.
- To enable booking, scheduling, cancellations, reschedules and related notifications between owners and their clients.
- To verify your email address and keep your account secure.
- To manage Free and Pro plan entitlements.
- To respond to support requests.
6. Payments
Any paid (Pro) subscription for owners is purchased and billed through the Apple App Store. Apple processes the payment and we never receive your card details. We only store whether your account is entitled to Pro and how it was granted.
7. Legal bases (GDPR)
- Performance of a contract — to provide the Service you signed up for.
- Consent — for optional content such as media you choose to upload; you can withdraw it at any time by removing the content or deleting your account.
- Legitimate interests — to keep the Service secure and functioning.
- Legal obligation — where we must retain limited records to comply with law.
8. Sharing
We host the Service on our own private server infrastructure in the European Union. We do not share your personal data with third parties for their own purposes. Data is shared only:
- between an owner and the clients of their shop, as required for the booking features;
- with Apple, for purchases and Sign in with Apple, under Apple’s own terms;
- where required by law.
9. Retention
We keep your personal data for as long as your account is active. When you delete your account, we permanently delete your account and associated data (see Section 10). Limited records may be retained only where the law requires.
10. Deleting your account and data
You can delete your account at any time from within the app (Profile/Manage → Delete account). This permanently removes your profile and associated data from our servers, including, for owners, your shop, services, schedule, media, badges and the appointments and client relationships of your shop; and for clients, your profile, shop memberships and your appointments. This action cannot be undone.
11. Your rights
Under the GDPR you have the right to access, correct, erase, export (portability), restrict or object to the processing of your personal data, and to withdraw consent. To exercise these rights, contact andioliverion@gmail.com. You also have the right to lodge a complaint with the Romanian supervisory authority (ANSPDCP, dataprotection.ro).
12. Children
BookingLounge is not directed to children. Accounts are intended for business owners and their adult clients. Owners are responsible for ensuring they have a lawful basis for any client information they record.
13. Security
We use reasonable technical and organisational measures to protect personal data. No method of transmission or storage is completely secure, but we work to safeguard your information.
14. Changes
We may update this Policy from time to time. Material changes will be reflected by updating the “Last updated” date on this page.
15. Contact
Questions about this Policy or your data: andioliverion@gmail.com.