Privacy policy
Last updated: 2026-05-28
Who we are
This platform is operated by Dimitrios Rarras, based in Greece. No legal entity is yet registered for this service; it is currently operated by an individual and is not a monetised service. For any privacy-related question, contact:
- Email: demetriosrarras@gmail.com
Who this policy covers
This policy describes the personal data that the platform itself collects from operators who manage tenants on the system and from visitors to the platform's public surfaces (the request-account form, this page, the terms page).
If you booked an appointment through one of our tenants, the tenant is the data controller for your booking — please contact the tenant directly to exercise your rights. Each tenant publishes its own privacy policy at
/p/{tenant-slug}/privacy.
What we collect
The platform collects personal data in four narrow contexts:
Account-request form. When you submit the request-access form on our website, we collect the name, email address, organisation, optional phone number, and the message you supply. We also record the IP address and browser user-agent of the submitting device for abuse-prevention purposes.
Admin authentication. Operators who manage a tenant have an admin account on the platform. We store the operator's name, email address, a salted password hash (or a one-time-token reset trail), Better Auth session identifiers, and, where enabled, two-factor authentication factors (TOTP secret, recovery codes hashed).
Server access logs. Every HTTP request to the platform is logged with: IP address, user-agent, request path, response code, timestamp, request duration. These logs are used for security monitoring, debugging, and abuse triage.
Error telemetry. When our backend or admin SPA encounters an unhandled error, we send a structured event to Sentry. Personal-data fields (customer email, customer phone, customer notes, request Authorization headers, token query parameters) are scrubbed in our beforeSend hook before any event leaves our servers.
We do not collect special-category data (Art. 9 GDPR) on any of these surfaces. We do not use cookies on the public-facing pages beyond a strictly-necessary session cookie on the admin dashboard.
Lawful basis
We process the data above on the following lawful bases under the General Data Protection Regulation (Regulation (EU) 2016/679):
- Art. 6(1)(b) GDPR — performance of a contract. We need an operator's admin account details to provide the platform to them.
- Art. 6(1)(f) GDPR — legitimate interest. Security monitoring, abuse triage, error tracking, and bot protection on the public form rely on this basis. We have weighed our interest against the rights of data subjects and concluded that the processing is proportionate (minimal data, short retention, robust scrubbing).
Where your data lives
The platform's stack is hosted entirely in the European Union. We share personal data only with the sub-processors below, and only to the extent strictly necessary:
| Sub-processor | Purpose | Location |
|---|---|---|
| Our hosting provider | Operation of the application servers and PostgreSQL database | EU |
| Resend, Inc. | Delivery of platform transactional emails (account-request confirmation, super-admin notification, admin password reset) | EU region |
| Cloudflare, Inc. | Bot protection on the admin login and the account-request form (Cloudflare Turnstile) | Global edge — only the visitor IP and the challenge response are processed at the edge; form body content is never forwarded to Cloudflare |
| Functional Software, Inc. (Sentry) | Backend and admin SPA error tracking | EU region. Personal-data fields are stripped client-side before any event leaves our servers. |
Where a sub-processor is established outside the European Economic Area, the transfer is governed by the European Commission's Standard Contractual Clauses (SCC) and, where applicable, supplementary safeguards.
We do not sell or rent your personal data to any third party.
How long we keep your data
| Type of record | Retention period |
|---|---|
Account-request rows (status new) |
Until triaged, then 90 days |
Account-request rows (status reviewed / archived) |
90 days from triage date, then automatically purged |
| Admin accounts | Duration of the operator's use of the platform; deleted on request or when the account is closed |
| Server access logs | 30 days, then rotated out |
| Sentry error events | Governed by the Sentry project's retention setting (90 days by default) |
Your rights
Under the GDPR, you have the following rights with respect to your personal data:
- Right of access (Art. 15) — obtain a copy of the data we hold about you
- Right of rectification (Art. 16) — correct inaccurate or incomplete data
- Right to erasure (Art. 17) — request deletion (subject to legal retention obligations)
- Right to restriction (Art. 18) — pause processing in certain circumstances
- Right to data portability (Art. 20) — receive your data in a structured, machine-readable format
- Right to object (Art. 21) — object to processing on grounds relating to your particular situation
- Right to withdraw consent (Art. 7(3)) — where processing is based on consent
To exercise any of these rights, email demetriosrarras@gmail.com. We respond within one month as required by Art. 12(3) GDPR.
If you are an end-customer who booked an appointment through one of our tenants, please exercise your rights through the tenant directly — the tenant is the controller for your booking data.
Right to lodge a complaint
You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.
The competent supervisory authority for the platform is the Hellenic Data Protection Authority (Αρχή Προστασίας Δεδομένων Προσωπικού Χαρακτήρα), Kifisias 1-3, 11523 Athens, Greece. Website: dpa.gr.
Security
We protect your data with appropriate technical and organisational measures, including:
- TLS encryption in transit
- Encryption at rest for sensitive secrets (calendar OAuth tokens, SMTP passwords)
- Strict tenant isolation in our PostgreSQL database
- Per-API-key origin restrictions for the embeddable booking widget
- Cloudflare Turnstile on the public form and admin login
- Audit logging of administrative data-subject-rights operations
- Sentry
beforeSendscrubbing of personal-data fields
Changes to this policy
We may update this policy from time to time. The version in force is the version published at this URL; the git commit hash and timestamp of the file in our repository is the version record. Substantive changes will be announced to operators by email.
Privacy policy