← Slottify.

Privacy Policy

Last updated: February 2026

1. Data controller

Slottify is an online appointment management platform that acts as a data processor on behalf of the businesses (tenants) that use the service. Each business is responsible for their clients' data.

2. Data we collect

When making a booking, the following data is collected: - Full name (required) - Phone number (required) - Email address (optional, only if the client provides it) Phone and email data are stored in encrypted form (AES-256-GCM). Phone numbers are additionally hashed for blocking features.

3. Purpose of processing

Personal data is used exclusively to: - Manage and confirm booked appointments - Send email notifications (confirmation, reminder, cancellation) if the client provides their email - Prevent system abuse (blocking malicious users) - Generate anonymous usage statistics for the business

4. Legal basis

Data processing is based on user consent when making a booking. Email is completely optional and requires explicit client consent. Users can unsubscribe from email communications at any time via the link included in each email.

5. User rights

In accordance with GDPR, users have the right to: - Access: request what personal data is stored - Rectification: correct inaccurate data - Erasure: request deletion of their data - Objection: object to the processing of their data - Portability: receive their data in a structured format To exercise these rights, contact the business where you made your booking directly.

6. Cookies

Slottify uses essential technical cookies for site functionality and optional analytics cookies. A consent banner is shown on first access. You can accept or reject analytics cookies without affecting service functionality.

7. Data retention period

Booking data is retained for the time necessary to provide the service and comply with legal obligations. Data of clients who have unsubscribed from email communications is retained only in hashed form to respect their unsubscribe preference.

8. Security

We implement technical and organizational security measures to protect personal data, including AES-256-GCM encryption, HTTPS communications, access auditing, and access attempt rate limiting.

9. Changes

We reserve the right to update this privacy policy. Changes will be published on this page with the update date.