Last updated: 14 June 2026
BookingPage.ai (“we”, “us”, “our”) respects your privacy. This Privacy Policy explains how we collect, use, store, and protect personal information when you use our website at bookingpage.ai, register for a Google Business Profile Book Now button, use BookingPage Studio (branded booking pages and Google Calendar connection), pass through our Book Now redirect page, or otherwise interact with our services.
This policy is written for a global audience. If you are in the United Kingdom, European Economic Area (EEA), Switzerland, or another country with comprehensive privacy law, additional rights and obligations described below may apply to you.
BookingPage.ai provides tools to help businesses connect their Google Business Profile to an online booking experience — including free Book Now registration (often via a BookingPage redirect), paid plans without our redirect or branding, and BookingPage Studio (hosted booking pages with Google Calendar sync).
For the purposes of UK GDPR, EU GDPR, and similar laws, BookingPage.ai is the data controller for personal information we collect about business registrants, Studio customers, and visitors to our website, except where we act as a data processor on behalf of a business (see section 3).
Privacy contact: support@bookingpage.ai (subject line “Privacy enquiry” or “Privacy rights request”). We aim to respond within one month (UK/EEA) or within the period required by your local law.
Business customers using Studio or paid services may request a Data Processing Agreement (DPA) describing our processor role — email us with the subject “DPA request”.
Registered businesses that want to turn Book Now off can follow the opt-out instructions (business dashboard toggle or removal request).
How we treat data depends on who you are:
/redirect, we log technical click data (see section 4) as controller for billing, analytics,
and service operation.If you are an end customer wanting to access or delete appointment data, contact the business you booked with first. We will assist the business where we act as their processor.
We may collect the following categories of information:
We do not intentionally collect special category data (such as health information) through our registration forms. If your business category or service descriptions contain sensitive information, you are responsible for lawful grounds to publish that content on your booking page.
We use personal information to:
We process personal information lawfully and fairly. The rules that apply depend on where you live and where you do business. This section explains our main legal bases for users in the UK and EEA, how we approach users in other countries, and additional notice for United States residents where relevant.
If UK data protection law applies, we rely on: contract (providing services you request); legitimate interests (operating BookingPage.ai securely, measuring redirect clicks, preventing fraud, and ensuring genuine business registrations — balanced against your rights); consent where required (optional marketing, non-essential cookies); and legal obligation where we must retain or disclose information.
If EU GDPR applies, we use the same legal bases as above. Where we process end-customer booking details on behalf of a Studio business, we do so under contract with that business (Article 28 processor terms; DPA available on request).
If you are in Switzerland, Swiss Federal Act on Data Protection may apply. You have broadly similar rights to access, rectify, and delete personal data. Contact us to exercise your rights; you may also complain to the Federal Data Protection and Information Commissioner (FDPIC).
If you are in Canada, we collect, use, and disclose personal information with your consent or as permitted by applicable law (for example, where necessary to provide the service). You may request access to and correction of your personal information. Contact our privacy email above. You may complain to the Office of the Privacy Commissioner of Canada or your provincial privacy regulator where applicable.
If you are in Australia, we handle personal information in line with the Australian Privacy Principles where they apply to us. You may request access to or correction of your personal information, or complain to the Office of the Australian Information Commissioner (OAIC).
If you register from another country, local privacy laws may still apply. Where UK or EU GDPR does not apply, we generally process your data because it is necessary to perform our agreement with you, we have a legitimate business need that does not override your rights, you have given permission where required, or we must comply with the law. Contact us to exercise rights available in your jurisdiction.
We do not sell personal information and do not share it for cross-context behavioural advertising as those terms are commonly defined under US state privacy laws. In the preceding twelve months we have not “sold” personal information within the meaning of the California Consumer Privacy Act (CCPA), as amended by the CPRA.
Categories of personal information we collect (for business registrants) may include: identifiers (name, email, phone); commercial information (business name and address); internet or network activity (technical logs); and professional information (business details you provide). We use this information for the purposes described in sections 2 and 3 of this policy.
If you are a resident of California, Colorado, Connecticut, Virginia, or another US state with a comprehensive privacy law, you may have additional rights — such as to know what we collect, to delete certain information, to correct inaccurate information, and to opt out of sale or certain sharing (which we do not conduct). To submit a request, email support@bookingpage.ai with the subject line “US privacy request”. We will verify your identity before responding. You may designate an authorised agent where your state law allows. We will not discriminate against you for exercising privacy rights.
We may share information with:
| Provider / category | Purpose | Typical location |
|---|---|---|
| Cloud hosting (e.g. Netlify) | Website and API hosting | United States / global CDN |
| Database (Supabase) | Registrations, Studio config, redirect click logs, OAuth tokens | EU / UK / US (project region) |
| Email (Brevo) | Verification, transactional, and admin emails | EU / global |
| Google (OAuth, Calendar, Maps Places) | Book Now, Studio calendar sync, address autocomplete | Global |
A current list of subprocessors is available on request. We will notify business customers of material changes where required by contract or law.
We do not sell your personal information.
We are based in the United Kingdom. Your information may be processed in the UK and in other countries where our service providers operate (which may include the United States, European Union, or other regions).
Where UK or EU law requires it, we use appropriate safeguards for transfers outside the UK or EEA — such as UK International Data Transfer Agreements, EU Standard Contractual Clauses, or adequacy decisions. For users in other countries, we take reasonable steps to ensure your information receives a comparable level of protection through contractual commitments with our providers.
We keep information only as long as needed for the purposes above:
You may request deletion where you have the right to erasure. We may retain certain records where required by law or for establishing, exercising, or defending legal claims.
We use appropriate technical and organisational measures to protect personal information. No method of transmission over the internet is completely secure; we cannot guarantee absolute security.
Depending on your location, you may have some or all of the following rights:
To exercise any right, email support@bookingpage.ai with the subject line “Privacy rights request”. Tell us which right you are exercising and enough information to identify your account. We will respond within the time required by applicable law (for example, one month under UK/EU GDPR, or 45 days for many US state requests). We may need to verify your identity before responding. We will not discriminate against you for exercising privacy rights.
Automated decision-making: We do not make solely automated decisions with legal or similarly significant effects about business registrants. Redirect click counts may inform tier eligibility; you may contact us to discuss your account if you believe a threshold was applied incorrectly.
Our website uses cookies and similar technologies. When you first visit our homepage, you can choose Accept all or Essential only in our cookie banner.
You can also control cookies through your browser settings. Removing or blocking cookies may affect how the site works.
If you use Studio, you are responsible for providing your own privacy notice to end customers who book through your page, including: who the controller is; what data you collect; legal bases; how long you keep data; and customer rights. You must have a lawful basis to collect customer name, contact details, and appointment information and to instruct us to create calendar events on your behalf.
You remain the data controller for end-customer booking data. BookingPage.ai acts as your data processor for that data submitted through your Studio page. A DPA is available on request. Customer appointment details are stored in your Google Calendar, not in a BookingPage.ai booking database.
Our site may link to third-party websites (including Google and your own booking page). We are not responsible for their privacy practices. Please review their policies separately.
Our services are intended for businesses and are not directed at children under 16. We do not knowingly collect data from children.
We may update this Privacy Policy from time to time. The “Last updated” date at the top will change when we do. Continued use of our services after changes constitutes acceptance of the updated policy where permitted by law.