GDPR & Privacy Policy

Our Commitment to Privacy

Schedulion is fully committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR). This policy explains how we collect, use, and safeguard your personal data.

Data We Collect

We collect only what is necessary to operate the service:

• Account information (name, email, business details)
• Appointment and booking data
• Client information you enter into the system

We do not sell, rent, or share your personal data with third parties for marketing purposes.

How We Use Your Data

Your data is used solely to provide and improve the Schedulion service. Data processing is based on your consent and the legitimate interest of delivering the service you signed up for.

Data Storage & Security

All data is stored on AWS servers within the EU. We use AES-256 encryption at rest and TLS 1.3 for data in transit. Regular security audits are conducted to ensure compliance.

Your Rights

Under GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Withdraw consent at any time
• Lodge a complaint with a supervisory authority

Data Retention

We retain your data for as long as your account is active. Upon account deletion, all personal data is permanently removed within 30 days. Anonymized analytics data may be retained for service improvement.

Cookies

We use only the cookies that are strictly necessary to keep you signed in and your session secure. We do not use tracking, advertising, or analytics cookies. No cookie consent banner is required because no non-essential cookies are set.

Contact

To exercise any of your rights — or if you have questions about how we handle your data — please contact us at hello@schedulion.io. We will respond within 30 days.