PraxBook B.V. ("PraxBook", "we", "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and retain personal data in connection with our booking platform. It is governed by the EU General Data Protection Regulation (GDPR) and, where applicable, the Dutch Uitvoeringswet AVG (UAVG).
1. Who we are (data controller)
The data controller responsible for personal data processed through PraxBook is:
PraxBook B.V.
The Netherlands
Contact: [email protected]
Where you use PraxBook as an end-client of a subscribing business (a "Tenant"), that business is also an independent data controller for your booking data. Please refer to that business's own privacy policy for their data practices.
2. What we collect
Account data
When you create a PraxBook account: name, email address, phone number, business name, and billing details. Necessary to provide the Service.
Usage data
How you interact with the platform: pages visited, features used, device type, browser, OS, IP address, and session timestamps. Used to improve the Service and diagnose issues.
Booking data
When a client books through PraxBook: their name, email, phone number, and booking details (service, date, time, notes). Processed on behalf of the Tenant whose booking page was used.
Payment data
Payments are handled by Stripe (PCI DSS Level 1). PraxBook does not store full card numbers or CVV codes. We receive only transaction identifiers and non-sensitive metadata from Stripe.
3. How we use your data
- To provide, operate, and maintain the PraxBook platform
- To process payments and manage subscriptions
- To send transactional communications (booking confirmations, reminders, account alerts)
- To respond to support requests
- To analyse usage and improve the Service
- To comply with legal obligations under Dutch and EU law
- To detect, investigate, and prevent fraud and abuse
Legal bases: performance of contract, legitimate interests (security, fraud prevention, service improvement), legal obligation, and where required, consent.
4. Sharing your data
We do not sell personal data. We share data only with trusted processors:
- Stripe — payment processing
- Cloud infrastructure providers — hosting and storage (EU/EEA)
- Email delivery providers — transactional emails
All third-party processors are bound by data processing agreements. We disclose data to public authorities only where required by law.
5. Retention
We retain personal data for as long as your account is active. After termination we retain data for 90 days to allow reactivation or data export requests, then securely delete or anonymise it. Some data (e.g. billing records) may be retained longer where required by Dutch or EU tax law.
6. Your rights
Under the GDPR and UAVG, you have the right to:
- Access — request a copy of the data we hold about you
- Rectification — request correction of inaccurate data
- Erasure — request deletion, subject to legal obligations
- Portability — receive your data in a structured, machine-readable format
- Restriction — limit processing in certain circumstances
- Objection — object to processing based on legitimate interests
To exercise these rights, contact us. We will respond within 30 days. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local EU supervisory authority.
7. Cookies
We use cookies and similar technologies to operate and improve the Service. For details see our Cookie Policy.
8. Contact
For privacy-related questions or data subject requests, use the details on our Contact page. For data deletion requests, include "Data deletion request" in your subject line.