For Users in the European Economic Area (EEA) & United Kingdom
This section supplements our Privacy Policy and applies specifically to individuals located in the European Economic Area (EEA) and UK, in accordance with the General Data Protection Regulation (GDPR) and UK GDPR.
1. Lawful Basis for Processing
We process your personal data under the following legal bases:
| Purpose | Legal Basis | Details |
|---|---|---|
| Appointment bookings | Consent | You voluntarily provide data when booking via TidyCal. |
| Client communications | Contractual Necessity | Required to fulfill service requests. |
| Website analytics | Legitimate Interest | To improve our services securely. |
You may withdraw consent at any time by contacting us (does not affect prior processing).
2. Your GDPR Rights
As an EEA/UK resident, you have the right to:
| Right | What It Means |
|---|---|
| Access | Request a copy of your personal data we hold. |
| Rectification | Correct inaccurate or incomplete data. |
| Erasure (“Right to Be Forgotten”) | Request deletion of your data under certain conditions. |
| Restriction of Processing | Limit how we use your data (e.g., while disputing accuracy). |
| Data Portability | Receive your data in a structured, machine-readable format. |
| Objection | Opt out of processing based on legitimate interests or direct marketing. |
To exercise these rights, email [email protected]. We respond within 30 days (may extend for complex requests).
3. International Data Transfers
Your data may be transferred outside the EEA/UK (e.g., to our service providers in the US). We ensure safeguards such as:
- Standard Contractual Clauses (SCCs) with third parties.
- Data Processing Agreements (DPAs) compliant with GDPR Article 28.
4. Data Retention
We retain personal data only as long as necessary:
- Booking data: 3 years (unless you request deletion).
- Analytics data: Anonymized after 12 months.
5. Complaints
If you believe we violate GDPR, you may lodge a complaint with:
- Your local EEA Data Protection Authority (DPA).
- The UK Information Commissioner’s Office (ICO).
We’d appreciate the chance to address your concerns first, please contact us at [email protected]