Dotbooker is committed to maintaining the privacy, confidentiality, and security of your personal information. This Privacy Policy explains, in a clear and structured manner, how we collect, use, protect, store, and share your information when you use our website, mobile applications, and services. By accessing Dotbooker, you consent to the practices described in this Policy.

• 1.Introduction

  This Privacy Policy outlines Dotbooker’s approach to data protection and privacy. It explains the categories of information we collect, the reasons we collect it, how we use it, and how we safeguard it. Dotbooker adheres to global privacy regulations, including the General Data Protection Regulation (GDPR), the Cayman Islands Data Protection Act (DPA), and applicable U.S. privacy laws. Our payment ecosystem complies with PCI-DSS standards, ensuring secure handling of payment-related information.

• 2.Information We Collect

  Dotbooker collects different types of information depending on how you interact with the platform.

  • 2.1Information Provided Directly by You

    When you create an account, book a service, communicate with us, or access any Dotbooker feature, you may provide personal information such as your name, email address, phone number, business details, and account preferences. If you contact our support team, we may also collect any information you voluntarily share during that interaction, including conversation history, attachments, and screenshots.

  • 2.2Booking and Interaction Data

    When you schedule appointments or interact with a business using Dotbooker, the booking details, appointment history, service selections, and related preferences are submitted to that business. Dotbooker processes this information solely to operate the platform on behalf of the business, such as enabling scheduling, reminders, billing, service delivery, and other operational functions.

    Each business determines how your booking data is used in their operations, while Dotbooker ensures its secure processing and storage in accordance with our platform standards.

  
  

  • 2.3Information Automatically Collected

    Dotbooker automatically collects technical information whenever you browse or use the platform. This may include your IP address, device type, operating system, session duration, browser information, pages visited, and usage patterns. These data points help maintain platform performance, diagnose issues, and enhance user experience.

  • 2.4Cookies and Similar Technologies

    Cookies and similar technologies may be used to authenticate users, maintain session continuity, store preferences, detect errors, prevent misuse, and enhance platform functionality. You may turn off cookies through your browser settings; however, certain features of Dotbooker may not operate correctly without them.

• 3Payment Information and Security Compliance

  Dotbooker handles payment information in accordance with strict security protocols and industry standards.

  • 3.1Handling of Payment Card Information

    Dotbooker does not store complete credit numbers, CVV codes, expiry dates, or any sensitive payment card data. When a payment is initiated through the platform, your information is securely transmitted to our PCI-DSS-certified payment partners, who convert your card details into an encrypted token.

  • 3.2Tokenization Process

    The token generated by the payment gateway is stored in our system to enable future transactions, refunds, and billing operations. This token does not reveal or reconstruct your actual card number. The only card information Dotbooker retains is the last four digits, displayed in your transaction history for identification purposes.

  • 3.3Payment Compliance

    All payment processing is handled in accordance with PCI-DSS regulations. This includes encrypted transmission of payment data, restricted access, monitoring for fraudulent activity, and regular security audits. Dotbooker does not come into direct possession of sensitive payment credentials at any time.

• 4How We Use Your Information

  Dotbooker uses the information collected to operate, maintain, and improve the platform.

  • 4.1Service Delivery and Operations

    Your information enables us to create accounts, process bookings, send confirmations and reminders, manage schedules, provide customer support, and generate invoices. These operational functions require accurate data to ensure a seamless experience.

  • 4.2Platform Enhancement

    Dotbooker uses technical and behavioral data to analyze system performance, troubleshoot issues, optimize user interfaces, develop new features, and enhance functionality. This ongoing improvement ensures that the platform remains stable, efficient, and user-friendly.

  • 4.3Security and Fraud Prevention

    Your information may be used to detect suspicious activity, enforce platform safeguards, comply with legal obligations, maintain account security, and protect the integrity of the Dotbooker system.

  • 4.4 Communication and Engagement

    Dotbooker may contact you regarding bookings, account activity, operational changes, policy updates, or customer service requests. Marketing communications are only sent with your explicit consent, and you may opt out at any time.

• 5Compliance with GDPR and Other Privacy Regulations

  Dotbooker processes personal data in alignment with GDPR principles for users located within the European Union and the United Kingdom.

  • 5.1Legal Basis for Processing

    Dotbooker processes personal information based on contractual requirements, legitimate interests, legal obligations, and your explicit consent (where applicable). These bases ensure that every instance of data processing is lawful and transparent.

  • 5.2Rights of EU/UK Users

    Suppose you reside in the EU or UK. In that case, you retain rights to access your personal data, correct inaccurate information, request deletion, restrict processing, object to marketing activities, and request the transfer of your data to another provider. You may exercise these rights by contacting [email protected].

• 6Data Retention

  Dotbooker retains personal and business information only for as long as necessary to meet operational needs, contractual obligations, and applicable legal or regulatory requirements.

  For active clients, we securely maintain all relevant data in accordance with our internal data retention policies to ensure uninterrupted service delivery, account history access, compliance, and support.

  For non-clients or users who do not proceed with our services, we automatically delete all collected information, including inquiries, submitted forms, and account-related data, within 30 days, unless a more extended retention period is legally required.

  All data removal processes follow strict security and verification procedures to ensure complete deletion from active systems and backups in accordance with our data lifecycle policy.

  
  

  • 6.1Duration of Retention

    Account information, booking history, communication logs, and technical data are retained while your account remains active. Necessary financial records or anonymized transaction information may be retained after account deletion if statutory regulations require it.

  • 6.2Data Removal Process

    When you request deletion of your data, Dotbooker deactivates your account, permanently erases personally identifiable information from active systems, invalidates stored payment tokens, and removes all associated data through scheduled deletion workflows. Backup systems remove this data during their natural rotation cycle. Once deleted, the information cannot be restored.

• 7Sharing of Information

  Dotbooker does not sell or trade your personal information. However, sharing may occur under specific circumstances.

  • 7.1Service Providers

    We may share your information with trusted third-party service providers who support essential operational functions such as payment processing, cloud hosting, communication and messaging services, analytics, data storage, and fraud prevention. These providers are strictly limited to using your information solely to deliver the contracted services on our behalf.

    In addition, when a client requests specific third-party integrations, such as accounting tools, marketing platforms, CRM systems, or custom plugin connections, we may share only the data required to enable and maintain those integrations. All such third-party tools operate under their respective privacy and security policies, and we ensure that data shared is minimal, purpose-driven, and secure.

  
  

  • 7.2Interaction with Businesses

    When you book a class, appointment, or service through Dotbooker, the relevant business receives your information to manage your booking, provide the requested service, and perform business operations.

  • 7.1Legal and Safety Requirements

    Dotbooker may disclose information if required by law, to comply with a valid legal request, or to protect the safety, security, and rights of users or the platform.

• 8Data Security

  Dotbooker maintains a robust security framework designed to protect your personal information at every stage.

  • 8.1Technical Security Measures

    All data transmitted to and from Dotbooker is encrypted. Stored information is protected using advanced encryption standards, secure access restrictions, firewalls, and continuous monitoring for suspicious activity.

  • 8.2Administrative and Organizational Controls

    Dotbooker limits access to personal information to authorized personnel only. Internal policies ensure confidentiality, system monitoring, strong authentication, and ongoing security reviews.

  • 8.3Continuous Improvement

    Security practices are regularly reviewed and updated to address new threats and ensure compliance with evolving industry standards.

  • 8.4Multi-Factor Authentication Support

    Dotbooker also supports Multi-Factor Authentication (MFA) for account access. MFA provides an additional layer of protection by requiring users to verify their identity through a second authentication factor, significantly reducing the risk of unauthorized access even if login credentials are compromised.

• 9Mobile Application Security Requirements

  Supported Operating System Versions

  Mobile applications shall only be developed, tested, and supported on operating system (OS) versions that continue to receive active security updates from the OS provider. Supporting or allowing the application to run on outdated OS versions that no longer receive security patches exposes users and devices to known, unpatched vulnerabilities, creating a high-risk security scenario. Therefore, the minimum supported OS version must be defined based on the OS vendor’s official lifecycle documentation, and the application shall restrict installation or execution on unsupported OS versions to ensure compliance with secure development and maintenance practices in accordance with ISO/IEC 27034 and ISO/IEC 27002 guidelines.

  • 9.1International Transfers

    Because Dotbooker serves users in multiple countries, your data may be transferred across national borders. All such transfers comply with GDPR-approved mechanisms and other international data-protection rules, ensuring that your information receives consistent protection regardless of where it is processed.

• 10Your Choices and Controls

  You may update your account information, change communication preferences, adjust cookie settings, request a copy of your data, or delete your account at any time. Dotbooker respects all such requests and processes them in accordance with the policies described in this document.

• 11Changes to This Privacy Policy

  Dotbooker may revise this Privacy Policy from time to time. When changes are made, the updated version will be posted with a revised “Last Updated” date, and material updates may be communicated through email or account notifications.

• 12Contact Information

  For questions, privacy requests, or concerns about how Dotbooker handles your personal information, you may contact us at: [email protected]