The paperwork
Privacy Policy
Effective date: July 8, 2026
GoBookingSuite (“we”, “us”, “our”) is an online appointment-booking platform operated by Dmytro Veretelnikov. This policy explains what data we collect, how we use it, and the choices you have. It applies to our website (gobookingsuite.com), the admin application (app.gobookingsuite.com), and the booking widgets our customers embed on their own websites.
Contact: support@gobookingsuite.com
Who the data belongs to
Two kinds of people interact with GoBookingSuite:
- Business owners — salons, studios, and service providers who subscribe to GoBookingSuite and manage bookings through the admin app.
- End clients — people who book appointments, buy gift cards, packages, or products through a booking widget on a business's website.
When an end client books through a business's widget, we process that dataon behalf of the business. The business owns its client list; we act as a processor and never use end-client data for our own marketing.
What we collect
Account data (business owners): name, email address, business name and contact details, timezone, password (stored as a salted hash — we never see or store your plain password), and billing status.
Booking data (end clients, on behalf of the business): name, email, phone number (optional), selected service, appointment date and time, answers to intake forms the business configures, and gift card / package / product purchase details.
Payment data: card payments are processed by Stripe. Card numbers never touch or get stored on our servers. Each business connects its own Stripe account; payments for services go directly to the business.
Technical data: session cookies required for signing in, security challenge tokens (Cloudflare Turnstile) used to block bots, and standard server logs (IP address, user agent) kept for security and troubleshooting.
We do not run third-party advertising or analytics trackers, and we do not sell personal data to anyone.
How we use data
- To provide the service: scheduling, reminders, payments, gift cards.
- To send transactional email (booking confirmations, reschedule and cancellation notices, receipts, password resets) via Resend.
- To send transactional SMS where the end client has opted in (see below).
- To secure the platform (fraud and abuse prevention, rate limiting).
- To respond to support requests.
SMS / Text Messaging
Booking widgets may offer optional SMS appointment notifications (booking confirmations, reschedule or cancellation notices, and appointment reminders).
- Opt-in: SMS are sent only if the end client provides a phone number AND ticks an unchecked-by-default consent checkbox on the booking form:“I agree to receive SMS appointment reminders. Msg & data rates may apply. Reply STOP to opt out.” Consent is not a condition of booking or purchase.
- Content: transactional messages about the client's own appointments only. No marketing or promotional SMS.
- Frequency: varies with booking activity (typically 1–3 messages per appointment). Message and data rates may apply.
- Opt-out: reply STOP to any message to stop receiving SMS; reply HELP for help. Opt-outs are honored automatically and immediately.
- No third-party sharing: mobile phone numbers and SMS consent arenot shared with or sold to third parties or affiliates for marketing purposes. Numbers are used solely to deliver the messages described above through our SMS carrier (Twilio).
Service providers (processors)
We share data only with the infrastructure providers needed to run the service, under their own privacy and security terms:
- Stripe — payment processing
- Twilio — SMS delivery
- Resend — transactional email delivery
- Cloudflare — DNS, CDN, bot protection, and infrastructure
- Our hosting provider — application and database servers
Data ownership, export, and deletion
Your data is yours. Business owners can export their client list and booking history as CSV at any time from the admin app, and can request full account deletion by emailing support@gobookingsuite.com. End clients can ask the business they booked with (the data controller) to correct or delete their data, or contact us and we will assist.
We retain booking records while the business account is active. After account deletion, personal data is removed from production systems within 30 days, except where law requires longer retention of payment records.
Your rights (GDPR / CCPA)
Depending on where you live, you may have the right to access, correct, export, restrict, or delete your personal data, and to object to processing. To exercise any of these rights, email support@gobookingsuite.com. We respond within 30 days. We do not discriminate against you for exercising your rights, and we do not sell personal information as defined by the CCPA.
Children
GoBookingSuite is not directed at children under 16, and we do not knowingly collect their data.
Changes
We will post any changes to this policy on this page and update the effective date. Material changes will be announced to business owners by email.
Contact
GoBookingSuite · Dmytro Veretelnikov
support@gobookingsuite.com