Your privacy is important to us. This policy explains how we protect your privacy, our online information practices, and the choices you can make about the way your information is collected and used. Our practices are in line with the European Union (EU) General Data Protection Regulation (GDPR).
Schedapple LLC collects and stores information to enable online scheduling of appointments between consumers and businesses.
Personally Identifiable Information
Business Account Holders. When a business signs up for an account, we collect registration information from the new account holder including log-in and password, business information such as business name, email address, telephone number and services, and billing information such as credit card or bank account number. By signing up for an account with Schedapple, businesses are consenting to having such data collected. Businesses can opt out at any time by canceling their account.
Website Visitors. When a consumer schedules an appointment with a business using Schedapple, they may be required by the business account holder to provide such information as their name, telephone number, email address, and other personal data.
Non Personally Identifiable Information
As is true of most web sites, we gather certain information automatically regarding the use of Schedapple's services and Schedapple site activity by visitors and business account holders. To do this we use cookies and Google Analytics.
Cookies are files with small amounts of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device.
Google Analytics gathers anonymized (thus GDPR compliant) tracking data. The information gathered includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, web site traffic volume, frequency of visits, type and time of transactions, and date/time stamp. The data gathered does not identify individual users and is stored in web server generated access and error log files.
We use the information we collect in a variety of ways to operate, maintain, improve our services, to provide the features and information that our business account holders request, to respond to questions and comments, and to provide support to users of our services. We process consumer data solely in accordance with providing our services to business account holders.
Personally Identifiable Information
Business account holder information is presented to consumers wanting to schedule appointments with that business, and is used to authenticate business account holders during log-in and to charge the business for our services.
Business account holders' billing information is shared with and stored by a third party Stripe, Inc. which complies with the Payment Card Industry (PCI) Data Security Standards (DSIs), the European Union (EU) General Data Protection Regulation (GDPR), and is certified to the EU-US and Swiss-US Privacy Shield. Their privacy policy can be found here.
Consumer appointment information is provided to the business with which they have made an appointment.
We do not send any promotional emails to business account holders or consumers but we may use business account holder information to contact you regarding your Schedapple account. If you want to opt out of such emails you may do so by canceling your account.
Schedapple does not sell, rent or share consumers' and business holder data with any third parties for marketing purposes nor do we use or share the personally identifiable information provided to us online in ways unrelated to the ones described above.
Non Personally Identifiable Information
Cookies: We use cookies to keep business users logged in and to remember their selected preferences and settings.
Schedapple does not use cookies for consumers scheduling appointments.
Google Analytics: We use this information, which is anonymized and does not identify individual users, to analyze trends, and to track users' movements around the sales site. No tracking is used on business account holders nor on consumers scheduling appointments.
The data collected in our access and error logs does not identify individual users and is used to help diagnose and debug technical problems, administer the site, improve the quality and types of service delivered, and defend against security attacks.
The information collected by Schedapple as described above is stored and process on third party servers in data centers owned by Linode LLC. Linode complies with the GDPR, and is certified to the EU-US and Swiss-US Privacy Shield. Their privacy policy can be found here. The primary data centers for Schedapple data are the Linode data center in Newark, New Jersey, USA and in Frankfurt, Germany (for EU and Swiss business account holders).
We comply with laws requiring disclosure of data to law enforcement and regulatory authorities.
If at some point Schedapple sells all or a portion of its assets, or merges with another entity, user information is an asset that may be transferred or acquired by a third party. After such a transaction, the third party that becomes the custodian of the user information would have the right to continue using the user information as set forth in this policy.
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online. Please see our Application Security Statement for more details.
We cannot guarantee that unauthorized third parties will never be able to defeat our security measures or use your personal information for improper purposes. No method of transmission over the internet or method of electronic storage is 100% secure therefore we cannot guarantee the absolute security of any information shared with us or transmitted to us over the Internet, and we accept no liability for any unintentional disclosure of such information. Should a personal data breach occur that could result in a risk to the rights and freedoms of individuals, Schedapple will alert the business account holders affected as well as the relevant authorities within 72 hours of becoming aware of the breach.
Protecting the privacy of the very young is especially important. For that reason, we never collect or maintain information at our website from those we actually know are under 16, and no part of our website is structured to attract anyone under 16.
Business account holders may view or modify their account information at any time by accessing the My Account and Settings sections when logged into their Schedapple account. Business account holders may export their data and cancel their Schedapple account at any time.
Consumers should contact the business with which they made an appointment directly to update their records. Account holders may ask consumers to opt-in for promotional emails from the business when scheduling an appointment. Consumers can opt-out of these emails when scheduling their next appointment or via an opt-out link included on email messages sent via schedapple.com.
Our data retention policy is that 19 days after cancellation or expiration of an account, the data related to that account will be fully and permanently deleted. This means the appointments, clients, and settings data will no longer be stored anywhere by Schedapple, including in the archived backups of the database. The account name and account holder contact information, and account payment and status histories are retained for accounting purposes.
Database backups of business holder and consumer information are held for less than a week.
All server log files are automatically deleted after 10 days, except for web server access logs which are deleted after 60 days.
Should you have other questions or concerns about the use of your data or our privacy policy, please contact our support team.