InfinitBooking
Log InGet Started

Privacy Policy

Last Updated: December 6, 2025

1. Introduction

Welcome to LetsBook. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how Kyngsly Technologies ("we," "us," or "our") collects, uses, discloses, and safeguards your information when you use our multi-tenant booking platform.

LetsBook provides two distinct services:

  • For Business Owners: A SaaS platform to create and manage booking pages, accept appointments, process payments, and manage customer relationships.
  • For End Customers: Online booking services provided by businesses using our platform.

This policy applies to both types of users and explains what data we collect from each.

2. Information We Collect

2.1 Information from Business Owners

When you create a business account on LetsBook, we collect:

  • Account Information: Name, email address, phone number, business name, business category, and password
  • Business Details: Business address, operating hours, service offerings, pricing, staff information, business logo and images
  • Payment Information: Stripe Connect account details (stored securely by Stripe), tax settings (tax rate, tax collection preferences), deposit requirements
  • Communication Preferences: Email and SMS notification settings
  • Usage Data: How you interact with our platform, features used, login history

2.2 Information from End Customers

When you book an appointment through a business's LetsBook page, we collect:

  • Booking Information: Name, email address, phone number, appointment date/time, service selected, special notes or requests
  • Payment Information: Payment card details (processed and stored securely by Stripe), billing address, transaction history
  • Review Data: If you leave a review: rating, title, comment, and response to the business

2.3 Automatically Collected Information

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Analytics: Pages visited, time spent on pages, click patterns, referral sources
  • Cookies and Tracking: See our Cookie Policy for details

2.4 Information from Third Parties

  • Stripe: Payment processing information, payout status, account verification
  • Authentication Providers: If you sign up via Google or other OAuth providers

3. How We Use Your Information

3.1 For Business Owners

  • Create and manage your business booking page
  • Process and manage appointments and payments
  • Send booking confirmations, reminders, and updates
  • Facilitate Stripe Connect integration for direct payments
  • Enable staff management and scheduling
  • Generate analytics and reports on bookings and revenue
  • Send administrative emails about account status, feature updates, or security
  • Provide customer support and respond to inquiries
  • Improve our platform and develop new features
  • Ensure platform security and prevent fraud

3.2 For End Customers

  • Process your appointment bookings
  • Send booking confirmations and reminder notifications
  • Process payments securely via Stripe
  • Send payment receipts and invoices
  • Enable you to leave and manage reviews
  • Send review request emails after completed appointments
  • Communicate important updates about your booking
  • Provide customer support

3.3 Legal Bases for Processing (GDPR)

We process your personal data based on:

  • Contractual Necessity: To fulfill our services (booking management, payments)
  • Legitimate Interests: To improve our platform, prevent fraud, ensure security
  • Legal Obligations: To comply with tax laws, financial regulations, data protection laws
  • Consent: For marketing communications (you can opt-out anytime)

4. Data Sharing and Disclosure

Important: We do not sell your personal data to third parties.

4.1 Business-to-Customer Data Sharing

When an end customer books through a business's LetsBook page, that business receives:

  • Customer name, email, phone number
  • Appointment details (service, date, time, notes)
  • Payment status (paid amount, balance due)

This is necessary for the business to provide the booked service. Each business is independently responsible for how they use this data.

4.2 Third-Party Service Providers

We share data with trusted third-party providers who help us operate our platform:

  • Stripe: Payment processing, payout management (Stripe's own Privacy Policy applies)
  • Supabase: Database hosting, authentication, file storage
  • Email Service Provider: Sending booking confirmations, payment links, review requests
  • Cloud Hosting: Infrastructure providers (AWS, Vercel, etc.)
  • Analytics: Anonymous usage analytics to improve our platform

4.3 Legal Requirements

We may disclose your information if required by law or in good faith belief that such action is necessary to:

  • Comply with legal obligations (subpoenas, court orders)
  • Protect and defend our rights or property
  • Prevent or investigate fraud or security issues
  • Protect the safety of users or the public

4.4 Business Transfers

If LetsBook is involved in a merger, acquisition, or asset sale, your personal data may be transferred. We will provide notice and ensure continued protection of your data.

5. Data Security

Encryption

All data transmitted between your device and our servers is encrypted using TLS/SSL

Secure Storage

Data is stored in secure, enterprise-grade databases with encryption at rest

Access Controls

Strict access controls and authentication requirements for our systems

Security Measures

  • Industry-standard encryption (AES-256)
  • Secure password hashing (bcrypt)
  • Regular security audits and vulnerability assessments
  • Two-factor authentication (2FA) available for business accounts
  • Automated backup systems
  • Payment data handled exclusively by PCI-DSS compliant Stripe
  • Staff training on data protection best practices

Note: While we implement robust security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but are committed to protecting your data.

6. Data Retention

6.1 Business Owner Data

  • Active Accounts: Data retained while your account is active
  • Closed Accounts: Account data deleted within 90 days of account closure, except where retention is required by law
  • Financial Records: Payment and tax records retained for 7 years per legal requirements

6.2 Customer Appointment Data

  • Active Bookings: Retained until appointment completion + 30 days
  • Historical Appointments: Businesses can configure retention (12-36 months, or indefinitely)
  • Payment Records: Retained for 7 years for tax and legal compliance

6.3 Review Data

Published reviews are retained indefinitely unless deleted by the business owner or per legal request. Unpublished/pending reviews are deleted after 90 days of inactivity.

6.4 Right to Deletion

You can request deletion of your data at any time (subject to legal retention requirements). See "Your Privacy Rights" below.

7. Your Privacy Rights

7.1 Rights for All Users

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your data (Right to be Forgotten)
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing of your data for marketing purposes

7.2 GDPR Rights (EU/UK/EEA Users)

If you are in the European Economic Area, UK, or Switzerland, you have additional rights:

  • Right to Restriction: Request restriction of processing in certain circumstances
  • Right to Object: Object to processing based on legitimate interests
  • Automated Decision-Making: Right not to be subject to automated decision-making (we don't use this)
  • Lodge a Complaint: File a complaint with your local data protection authority

7.3 CCPA Rights (California Users)

California residents have the right to:

  • Know what personal information is collected
  • Know whether personal information is sold or disclosed
  • Opt-out of the sale of personal information (we do not sell data)
  • Access your personal information
  • Delete your personal information
  • Non-discrimination for exercising your rights

7.4 How to Exercise Your Rights

To exercise any of these rights:

  • Business Owners: Log into your dashboard → Settings → Privacy & Data
  • End Customers: Contact the business you booked with, or email us at privacy@letsbook.com
  • Email: privacy@letsbook.com

We will respond to your request within 30 days (45 days for complex requests).

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience. For detailed information, please see our Cookie Policy.

Types of Cookies We Use

  • Essential Cookies: Required for the platform to function (authentication, security)
  • Analytics Cookies: Help us understand how you use our platform
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling certain cookies may affect platform functionality.

9. Third-Party Services and Links

9.1 Payment Processing (Stripe)

All payment processing is handled by Stripe, Inc. When you make a payment:

  • Your payment card details are collected and processed directly by Stripe
  • We never store your full credit card information
  • Stripe's Privacy Policy applies to payment data: stripe.com/privacy

9.2 External Links

Business booking pages may contain links to external websites (e.g., social media, business websites). We are not responsible for the privacy practices of these external sites.

9.3 Third-Party Business Responsibility

Businesses using LetsBook are independent data controllers for customer data they collect. Each business is responsible for:

  • Having their own privacy policy
  • Obtaining necessary consents from customers
  • Complying with applicable data protection laws
  • Handling customer data requests (access, deletion, etc.)

10. Children's Privacy

LetsBook is not intended for use by children under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@letsbook.com and we will delete such information.

Minors aged 13-17 should only use LetsBook with parental consent.

11. International Data Transfers

LetsBook operates primarily in the United States. If you are accessing our platform from outside the U.S., your data may be transferred to and processed in the United States or other countries.

For EU/UK Users

We comply with the EU-U.S. Data Privacy Framework and UK GDPR requirements. When transferring data internationally, we use:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequate safeguards to ensure your data protection rights
  • Data processing agreements with all third-party processors

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes:

  • We will update the "Last Updated" date at the top of this policy
  • We will notify business owners via email
  • We will display a prominent notice on our platform
  • For significant changes, we may require you to re-accept the policy

We encourage you to review this policy periodically. Your continued use of LetsBook after changes indicates acceptance of the updated policy.

13. Contact Us

Questions About This Privacy Policy?

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices:

Email: privacy@letsbook.com

Mail: Kyngsly Technologies
Privacy Department
Bowie, Maryland 20716
United States

Support: Contact Form

Data Protection Officer: For GDPR-related inquiries, email dpo@letsbook.com

We aim to respond to all privacy inquiries within 30 days.

Related Resources

📄 Terms of Service🍪 Cookie Policy📚 Documentation✉️ Contact Support

Effective Date: December 6, 2025

By using LetsBook, you acknowledge that you have read and understood this Privacy Policy.