Privacy Policy
Last updated: 27 February 2026
This Privacy Policy explains how BetterBooker ("we", "us", "our") collects, uses, and protects personal data when you use our appointment booking platform ("Service"). We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
BetterBooker provides a SaaS appointment booking platform for tradesmen and service businesses. In relation to personal data:
- For tradesman account holders: BetterBooker is the data controller for your account data.
- For end-customers: The tradesman/business you are booking with is the data controller. BetterBooker acts as a data processor on their behalf.
2. What Data We Collect
Account holder data (tradesmen)
| Data | Purpose |
|---|---|
| Name, email address | Account creation and authentication |
| Password (hashed) | Secure login |
| Business name, phone number, address | Service provision, displayed on booking pages |
| Google account ID (if using Google sign-in) | OAuth authentication |
| Terms acceptance timestamp | Record of consent to our Terms of Service |
End-customer data (people booking appointments)
| Data | Purpose |
|---|---|
| Name, phone number, email | Appointment booking and communication |
| Address, postcode | Service delivery location |
| Appointment details and preferences | Scheduling and job management |
3. How We Use Your Data
We process personal data for the following purposes:
- Service provision: Creating and managing accounts, processing bookings, sending appointment notifications
- Communication: Sending SMS messages (via ClickSend) and emails related to appointments
- Payment processing: Processing payments securely via Stripe
- Security: Protecting against fraud, abuse, and unauthorised access
- Improvement: Understanding how the Service is used to improve features
4. Legal Basis for Processing
We process personal data on the following legal bases under UK GDPR:
- Contract (Article 6(1)(b)): Processing necessary to provide the Service you have signed up for
- Legitimate interest (Article 6(1)(f)): Security monitoring, fraud prevention, and service improvement
- Consent (Article 6(1)(a)): Where you have given explicit consent, such as accepting our Terms of Service
- Legal obligation (Article 6(1)(c)): Where we are required to retain data by law
5. Data Sharing
We share personal data with the following third parties, solely for the purposes described:
| Provider | Purpose | Data shared |
|---|---|---|
| ClickSend | SMS notifications | Customer phone numbers, message content |
| Stripe | Payment processing | Payment details (handled directly by Stripe) |
| OAuth sign-in (optional) | Email address, name (provided by Google) |
We do not sell personal data to third parties. We do not share data with advertisers.
6. Data Retention
- Active accounts: Data is retained for as long as your account is active
- Closed accounts: Account data is deleted within 30 days of account closure, unless we are required by law to retain it
- Appointment data: Retained for as long as the account holder's account is active, then deleted when the account is closed
- Session data: Automatically expires after 30 days
7. Your Rights
Under UK GDPR, you have the right to:
- Access: Request a copy of the personal data we hold about you
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion of your data ("right to be forgotten")
- Restriction: Request that we limit how we process your data
- Portability: Request your data in a structured, machine-readable format
- Object: Object to processing based on legitimate interests
- Withdraw consent: Where processing is based on consent, withdraw it at any time
To exercise any of these rights, please contact us at hello@betterbooker.co. We will respond within one month.
End-customers: If you have booked an appointment through BetterBooker and wish to exercise your data rights, please contact the business you booked with directly, as they are the data controller. You may also contact us and we will forward your request.
8. Cookies
We use essential cookies to keep you signed in to the Service. We do not use analytics, advertising, or tracking cookies. For more details, see our Cookie Policy.
9. Data Security
We take appropriate technical and organisational measures to protect personal data, including:
- Passwords are hashed using bcrypt
- All data is transmitted over HTTPS
- Session cookies are HTTP-only and secure
- Access is restricted by tenant isolation (multi-tenant architecture)
10. International Transfers
Some of our third-party service providers (ClickSend, Stripe, Google) may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify account holders of material changes via email or an in-app notice. The "Last updated" date at the top will reflect the most recent version.
12. Contact
If you have any questions about this Privacy Policy or how we handle your data, please contact us at hello@betterbooker.co.
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
