THIS PRIVACY POLICY explains how Rendevio ("we," "us," or "our") collects, uses, and protects personal data when you use our website, web application, and mobile application (collectively, the "Platform").
1. Introduction
1.1 Purpose of the Privacy Policy
This Policy outlines the manner in which we collect, use, store, and process personal data through the Platform. It explains our practices regarding sensitive personal data or information as defined under Greek law.
1.2 Scope and Application
This Policy applies to all individuals (hereinafter referred to as "You" or "User(s)") who access or use the Platform, including clients who make bookings and service providers who offer services through the Platform. By using the Platform, users acknowledge that they have read and understood the terms of this Policy.
2. Identity of the Data Controller
For the purposes of this Policy, the data controller responsible for the processing of personal data is the company. Users may contact us regarding matters arising under this Policy at the following address: support@rendevio.com.
3. Categories of Personal Data Collected
3.1 Client Data
We collect only the minimum personal data required to enable the functioning of our booking system. For clients making bookings, this includes first name, last name, phone number, optional email address used for sign-up, optional comments, selected service, date and time of booking, and basic usage analytics that are non-identifiable.
3.2 Service Provider Data
For service providers offering services through the Platform, we collect first name, last name, email address, phone number, optional profile photo, services offered, pricing information, availability schedule, and basic usage analytics that are non-identifiable.
3.3 Technical and Usage Data
When users access the Platform, certain technical information may be processed automatically, including device information, browser information, IP address (where applicable), and Platform activity logs. Such information is processed solely for operational, security, and performance-related purposes.
4. Legal Bases for Processing
4.1 Contractual Necessity
Personal data is processed to enable the creation, management, and operation of user accounts and booking activities, and to facilitate the communication of booking confirmations, notifications, and scheduling updates.
4.2 Legitimate Interests
We process certain technical and operational data to ensure the stability, security, and improvement of the Platform. Such processing is limited to purposes necessary for the functioning and enhancement of the Platform.
4.3 Consent
Where analytics cookies or optional functionalities require user consent, such processing occurs only after the user has provided explicit consent through the cookie banner or preference interface. Consent may be withdrawn at any time without affecting the lawfulness of processing undertaken prior to withdrawal.
5. Purposes of Processing Personal Data
5.1 Operation of Booking and Scheduling Services
Personal data is processed to facilitate bookings, maintain service provider availability schedules, and enable communication between clients and service providers.
5.2 Communication and Notification Delivery
We process personal data to send communications relating to bookings, reminders, and account activity. Email delivery is supported through Mailtrap, and notifications are supported through Expo, each of which processes only the information required to carry out its respective function.
5.3 In-App Notifications for Bookings
The Platform offers in-app notifications for booking-related updates, which may include confirmations, reminders, modifications, and other communications necessary for the functioning of the booking service. These notifications operate strictly for service-related purposes and rely only on the information required to deliver such updates. No additional data is processed beyond what is necessary to issue the notification.
5.4 Platform Performance and Improvement
Non-identifiable usage analytics may be processed to assess Platform performance and to identify areas requiring improvement.
6. Third-Party Service Providers
6.1 Hosting and Infrastructure Providers
The Platform provides back-end hosting services necessary for the operation of the Platform and may process technical information required to maintain infrastructure functionality.
6.2 Analytics Providers
Google Analytics processes non-identifiable usage analytics for performance and product improvement purposes. Such processing occurs only where the user has consented to analytics cookies.
6.3 Email and Notification Providers
Mailtrap supports the delivery of email communications, and Expo supports the issuance of notifications. Each provider processes only the information necessary for its operational purpose.
6.4 Limitation of Third-Party Processing
No additional purposes are inferred beyond those expressly described above, and third-party processing is limited to the operation, improvement, and communication functions of the Platform.
7. Data Retention
7.1 Retention of User Data
We retain personal data for an indefinite period, provided that such data remains necessary for the operational purposes for which it was originally collected, including the maintenance of user accounts, booking histories, and Platform functionality.
7.2 Deletion and User Requests
Users may request the deletion of their personal data at any time. Upon receiving such a request, we will delete the data unless retention is required by law or necessary for legitimate operational purposes.
8. Security Measures
8.1 Technical and Organisational Measures
We implement measures appropriate to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include secure infrastructure, restricted access, and controlled data environments.
9. International Data Transfers
9.1 Transfer Framework
Where personal data is transferred outside the European Union as part of third-party service provision, such transfers are conducted in accordance with the applicable legal framework. Transfers are limited to the purposes described in this Policy.
10. User Rights Under GDPR and Greek Law
10.1 Available Rights
Users have the right to access, correct, delete, restrict, or object to the processing of their personal data, as well as the right to withdraw consent where processing is based on consent. Users also retain the right to data portability where applicable.
10.2 Exercising User Rights
Requests regarding the exercise of these rights may be directed to support@rendevio.com.
10.3 Right to Lodge a Complaint
Users may lodge a complaint with the competent supervisory authority, the Hellenic Data Protection Authority, located at Kifisias 1-3, 11523 Athens, Greece, or through its official portal at www.dpa.gr.
11. Amendments to This Policy
11.1 Right to Amend
We reserve the right to amend this Privacy Policy to reflect legal, regulatory, or operational developments. Any amended version will be published on the Platform.
11.2 Effect of Continued Use
Continued use of the Platform after the following publication of an amended Policy constitutes acknowledgement of the updated terms.
12. Contact Information
For questions or requests relating to this Privacy Policy, users may contact us at support@rendevio.com.