1. Who we are
This policy describes how we process personal data for Agendoaki services. The controller is the entity identified in official channels.
2. Data we collect
Account data (name, email, phone, user type), usage data, booking data, and payment data processed by partners where applicable.
We ask for a phone number to confirm appointments and communicate operationally. When you book, we may share your contact information (including phone) with the Establishment for matters related to the booked service.
3. Purposes and legal bases
We process data to perform our contract, comply with law, pursue legitimate interests (security, improvement, fraud prevention), and, where required, based on consent.
Marketing communications depend on applicable law and preferences available in your account settings.
4. Sharing
We share data with Establishments involved in your booking, technology vendors, and authorities when legally required.
5. Retention and security
We retain data as long as needed for the purposes above and as required by law, then delete or anonymize when reasonable.
We use reasonable technical and organizational security measures; no system is perfectly secure.
6. Your rights
Depending on jurisdiction, you may have rights to access, correct, delete, object, restrict processing, or portability. Contact us through official channels. You may lodge a complaint with a supervisory authority.
8. Changes
We may update this policy; check the «Last updated» date above.