Privacy Policy

Last Updated: May 28, 2025

1. Introduction

Welcome to AppointEase! This Privacy Policy explains how NetHive Technologies ("AppointEase", "we", "us", or "our") collects, uses, shares, and protects your personal information when you use our website, services, and applications (collectively, the "Service"). We are committed to protecting your privacy and complying with applicable data protection laws in the United Kingdom, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy applies to:

• Service Providers: Professionals or businesses who create an account with AppointEase to manage their appointments.
• Clients: Individuals who book appointments with Service Providers through the AppointEase platform.
• Website Visitors: Individuals who browse our website.

By using our Service, you agree to the collection and use of information in accordance with this policy. Our Terms of Service also apply to your use of the Service.

2. Who We Are and How to Contact Us

For the purpose of the UK GDPR, [Your Company Name] is the data controller for the personal information of our Service Providers and Website Visitors that we process. Our registered address is [Your Company Registered Address].

If you have any questions about this Privacy Policy or our data protection practices, or if you wish to exercise your data protection rights, please contact us at:

Email: [email protected]

Postal Address: [Your Company Address for Correspondence, if different from registered]

Our Role Regarding Client Data

When a Service Provider uses AppointEase to manage their appointments, they are the Data Controller for the personal information of their Clients. AppointEase acts as a Data Processor on behalf of the Service Provider for this Client data. This means we process Client data based on the instructions of the Service Provider and our Terms of Service.

3. Information We Collect

We collect different types of information depending on your interaction with our Service:

3.1. Information You Provide to Us

• For Service Providers (Account Holders):
  • Account Information: Name, email address, password, business name, phone number, address, and other information you provide when you register for an AppointEase account.
  • Service Information: Details about the services you offer, your availability, pricing, and public calendar settings.
  • Payment Information: If you subscribe to paid services, we (or our third-party payment processor) will collect payment details (e.g., credit card information). AppointEase does not typically store full credit card numbers.
  • Communications: Information you provide when you contact us for support or other enquiries.
• For Clients (Booking Appointments):
  • Booking Information: Your name, email address, phone number, and any other information required by the Service Provider to book an appointment. This information is collected by us on behalf of the Service Provider.
• For Website Visitors:
  • Information you provide if you fill out a contact form or subscribe to a newsletter (e.g., name, email address).

3.2. Information We Collect Automatically

• Usage Data: Information about how you access and use the Service, such as your IP address, browser type, device type, operating system, pages viewed, features used, dates and times of access, and referring website addresses.
• Cookies and Similar Technologies: We use cookies and similar tracking technologies to track activity on our Service and hold certain information. This helps us to operate and improve our Service. For more details, please see Section 9 (Cookies and Tracking Technologies).

4. How We Use Your Information

We use the information we collect for various purposes:

• To Provide and Maintain Our Service:
  • Creating and managing Service Provider accounts.
  • Enabling Clients to book appointments with Service Providers.
  • Facilitating communication between Service Providers and their Clients (e.g., sending appointment confirmations and reminders on behalf of Service Providers).
  • Processing payments for paid services.
• To Improve Our Service:
  • Understanding how users interact with our Service to enhance functionality and user experience.
  • Developing new features and services.
• For Customer Support:
  • Responding to your inquiries and resolving issues.
• For Communication:
  • Sending you service-related announcements, updates, security alerts, and administrative messages.
  • Sending you marketing communications (e.g., newsletters, special offers) if you have opted-in to receive them. You can opt-out at any time.
• For Legal and Security Purposes:
  • Complying with applicable legal obligations, legal processes, or governmental requests.
  • Enforcing our Terms of Service.
  • Protecting the rights, property, or safety of AppointEase, our users, or the public.
  • Detecting, preventing, and addressing fraud, security, or technical issues.

5. Legal Basis for Processing Your Information

Under UK GDPR, we rely on the following legal bases to process your personal information:

• Performance of a Contract: We process your information where it is necessary for the performance of a contract with you (e.g., to provide the AppointEase Service as described in our Terms of Service). This applies primarily to Service Providers.
• Legitimate Interests: We process your information for our legitimate interests (or those of a third party), provided that these interests are not overridden by your rights and interests. Examples include improving our Service, ensuring security, and (for Service Providers) marketing our services. We will conduct a balancing test for legitimate interests.
• Consent: We will obtain your consent for certain processing activities, such as sending direct marketing emails or using non-essential cookies. You can withdraw your consent at any time.
• Legal Obligation: We may process your information if it is necessary to comply with a legal obligation (e.g., tax laws, law enforcement requests).

When we act as a Data Processor for Client data on behalf of a Service Provider, the Service Provider is responsible for establishing the legal basis for processing that Client data.

6. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

• With Service Providers: If you are a Client booking an appointment, we share your booking information with the Service Provider you are booking with, as they are the Data Controller for your data in that context.
• With Third-Party Service Providers (Sub-processors): We engage trusted third-party companies and individuals to perform services on our behalf (e.g., website hosting, data storage, payment processing, email/SMS delivery for reminders, analytics services, customer support tools). These sub-processors are only given access to your information as is necessary to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. We have data processing agreements in place with them. Examples include:
  • Cloud hosting providers (e.g., NetHive Technologies)
  • Email/SMS delivery services (e.g., TxtBuddy.co.uk)
  • Analytics providers (e.g., Google Analytics)
  • Payment processors (e.g., Stripe, PayPal, Apple Pay & Google Pay)
• For Legal Reasons: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency), or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
• Business Transfers: If AppointEase is involved in a merger, acquisition, or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.
• With Your Consent: We may share your information with other third parties if you have given us your explicit consent to do so.

7. International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of the United Kingdom (UK) where the data protection laws may differ. For example, some of our third-party service providers may be based outside the UK.

If we transfer your personal data out of the UK, we will ensure a similar degree of protection is afforded to it by ensuring appropriate safeguards are in place, such as:

• Transferring to countries that have been deemed to provide an adequate level of protection for personal data by the UK authorities (adequacy regulations).
• Using specific contracts approved by the UK authorities which give personal data the same protection it has in the UK (e.g., the UK's International Data Transfer Agreement or Addendum to the EU Standard Contractual Clauses).

Please contact us if you want further information on the specific mechanisms used by us when transferring your personal data out of the UK.

8. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. The criteria used to determine our retention periods include:

• The length of time you have an active account with us or use our Service.
• Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them).
• Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

For Service Provider account data, we generally retain information as long as the account is active and for a reasonable period thereafter in case you decide to re-activate the Services, or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Client data processed on behalf of Service Providers is retained according to the Service Provider's instructions or as long as the Service Provider's account is active. Service Providers are responsible for managing the retention of their Client's data.

When we no longer need to retain your personal information, we will securely delete or anonymise / redact it.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (like web beacons and pixels) to collect and track information about your use of our Service and to improve and analyze our Service. Cookies are small files stored on your device (computer or mobile device).

We use:

• Essential Cookies: These are necessary for the Service to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as logging in or filling in forms.
• Performance and Analytics Cookies: These allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. (e.g., Google Analytics).
• Functionality Cookies: These enable the website to provide enhanced functionality and personalisation.
• Marketing Cookies (if applicable): These may be set through our site by our advertising partners to build a profile of your interests and show you relevant adverts on other sites.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept essential cookies, you may not be able to use some portions of our Service. For non-essential cookies, we will seek your consent before placing them on your device. You can typically manage your cookie preferences through your browser settings or through a cookie consent banner on our website.

10. Your Data Protection Rights

Under UK data protection law, you have certain rights regarding your personal information. These include:

• The right to access: You have the right to request copies of your personal information.
• The right to rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The right to erasure (right to be forgotten): You have the right to request that we erase your personal information, under certain conditions.
• The right to restrict processing: You have the right to request that we restrict the processing of your personal information, under certain conditions.
• The right to object to processing: You have the right to object to our processing of your personal information, under certain conditions (e.g., for direct marketing or where we rely on legitimate interests).
• The right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
• The right to withdraw consent: If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time.

If you wish to exercise any of these rights, please contact us using the details in Section 2. We will respond to your request within one month, in accordance with UK GDPR requirements. We may need to verify your identity before processing your request.

If you are a Client of one of our Service Providers and wish to exercise your rights regarding data held by them, please contact the Service Provider directly, as they are the Data Controller for your information.

You also have the right to lodge a complaint with a supervisory authority. In the UK, the supervisory authority is the Information Commissioner's Office (ICO). You can contact them at:
Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk

11. Security of Your Information

We take the security of your personal information seriously and use appropriate technical and organizational measures to protect it against unauthorized or unlawful processing and against accidental loss, destruction, or damage. These measures may include encryption, access controls, and secure data storage.

However, please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

12. Children's Privacy

Our Service is not directed to individuals under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from Children. If you are a parent or guardian and you are aware that your Child has provided us with personal information, please contact us. If we become aware that we have collected personal information from Children without verification of parental consent, we will take steps to remove that information from our servers.

13. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top. If we make material changes, we will provide a more prominent notice (such as by email or a notification on our Service) prior to the change becoming effective.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

14. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Email: [email protected]

Postal Address: [Your Company Name], [Your Company Registered Address (or correspondence address)]