Privacy Policy

Effective Date: 19 February 2026

1. Introduction

SimplyBook.me Ltd (“SimplyBook.me”, “we”, “us”, or “our”) is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share personal data when you use the SimplyBook.me Tech Support Portal at https://tech-support.simplybook.me (the “Portal”).

SimplyBook.me Ltd acts as the data controller for personal data processed through the Portal. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Cypriot data protection law.

2. Who This Policy Applies To

This policy applies to SimplyBook.me customers who register for and use the Portal to submit or access technical support content.

3. Personal Data We Collect

We collect the following categories of personal data when you use the Portal:

  • Registration data: your name and email address, collected when you create an account;

  • Support content: posts, comments, and messages you submit through the Portal;

  • Attachments and screenshots: files you upload in connection with your support requests;

  • Technical and system information: URLs, error logs, system configurations, or other technical details you share to facilitate support;

  • Usage data: information about how you interact with the Portal, including login timestamps and IP address, collected automatically.

:warning: Please avoid submitting sensitive personal data (as defined under Article 9 GDPR) or the personal data of third parties (such as your end users) unless strictly necessary for resolving your support request.

4. Legal Basis for Processing

We process your personal data on the following legal bases:

(a) Performance of a contract (Article 6(1)(b) GDPR): processing your registration data and support content is necessary to provide the Portal service to you; (b) Legitimate interests (Article 6(1)(f) GDPR): we may process usage data and technical information to ensure the security, integrity, and improvement of the Portal; (c) Compliance with legal obligations (Article 6(1)(c) GDPR): where we are required by law to retain or disclose certain information.

5. How We Use Your Personal Data

We use your personal data for the following purposes:

  • To create and manage your Portal account;

  • To receive, process, and respond to your technical support requests;

  • To enable collaboration between users and SimplyBook.me support staff within the Portal;

  • To monitor and improve the quality and security of the Portal;

  • To comply with applicable legal and regulatory obligations.

6. Portal Technology Provider

The Portal is powered by Civilized Discourse Construction Kit, Inc. (“Discourse” or “CDCK”), a company incorporated in the United States, acting as a data processor on behalf of SimplyBook.me.

Discourse processes personal data only in accordance with our documented instructions and is bound by Discourse’s Data Processing Addendum, which incorporates Standard Contractual Clauses (SCCs) approved by the European Commission as the legal mechanism for transfers of personal data from the EEA to the United States.

Please note that Discourse stores data primarily on servers located in the United States, including via Amazon Web Services (AWS) S3. As a US-based entity, Discourse may be subject to US government access requests under applicable US law, including Section 702 of the Foreign Intelligence Surveillance Act (FISA).

SimplyBook.me has assessed this transfer risk and relies on the SCCs incorporated into the Discourse DPA as the applicable transfer safeguard under Article 46 GDPR.

7. Data Sharing and Disclosure

We do not sell your personal data. We may share your personal data in the following circumstances:

  • With the Portal Provider as described in Section 6 above;

  • With SimplyBook.me group companies where necessary to deliver support services;

  • With law enforcement or regulatory authorities where required by applicable law or court order;

  • In connection with a merger, acquisition, or sale of assets, provided that the recipient agrees to handle your personal data in accordance with this policy.

8. International Transfers

SimplyBook.me is incorporated in Cyprus and operates within the European Economic Area (EEA). Personal data collected through the Portal is transferred to the United States for processing by Discourse (CDCK), as described in Section 6.

This transfer is governed by Standard Contractual Clauses (SCCs) incorporated into the Discourse Data Processing Addendum, which constitutes the applicable safeguard under Article 46(2)(c) GDPR. A Transfer Impact Assessment (TIA) has been conducted by SimplyBook.me in connection with this transfer.

9. Data Retention

We retain your personal data for as long as your Portal account is active or as necessary to fulfil the purposes described in this policy.

  • Account registration data and support content will be retained for 3 years following the closure of your account, unless a longer retention period is required by law.

  • You may request deletion of your data at any time (see Section 11).

  • Server logs, including IP addresses recorded in connection with your use of the Portal, are retained for a maximum of 90 days, after which they are automatically deleted.

10. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures are reviewed regularly and updated in line with our ISO 27001:2022 certified Information Security Management System.

11. Your Rights

Under the GDPR, you have the following rights in relation to your personal data. To exercise any of these rights, please contact our Data Protection Officer at: dpo@simplybook.me.

  • Right of access: to request a copy of the personal data we hold about you;

  • Right to rectification: to request correction of inaccurate or incomplete data;

  • Right to erasure: to request deletion of your personal data, subject to legal retention requirements;

  • Right to restriction: to request that we limit how we process your data in certain circumstances;

  • Right to data portability: to receive your data in a structured, machine-readable format;

  • Right to object: to object to processing based on legitimate interests;

  • Right to lodge a complaint: with the Office of the Commissioner for Personal Data Protection in Cyprus or your local supervisory authority.

12. Cookies

The Portal may use cookies and similar technologies to support functionality and analyse usage. Please refer to our main Cookie Policy for details.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify registered users of material changes. Continued use of the Portal following any update constitutes acceptance of the revised policy.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact:

Data Protection Officer SimplyBook.me Ltd Email: dpo@simplybook.me Website: https://simplybook.me