Appointly

Legal

Privacy Policy

Plain-language summary: how we collect, use, and protect your data when you use Appointly. Use the table of contents to jump to any section.

Effective date: April 1, 2026

1. Information We Collect

At Appointly (“we”, “us”, or “our”), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our scheduling platform at https://appointly.cloud.

Information you provide

  • Account data: name, email address, and password when you register.
  • Organization data: workspace name, addresses, and appointment type configurations.
  • Booking data: patient/attendee names, email addresses, phone numbers, and notes submitted through booking forms.
  • Payment data: billing information processed securely by Stripe. We do not store full card numbers.

Information collected automatically

  • Usage data: pages visited, features used, and timestamps.
  • Device data: browser type, operating system, and IP address.
  • Cookies: session tokens and preference cookies. See Section 7 for details.

Information from third parties

  • Payment processors: limited billing and subscription information from Stripe when you pay for the Service.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the Service.
  • Create and manage your account and workspace.
  • Send booking confirmations, reminders, and transactional emails.
  • Process payments and manage subscriptions via Stripe.
  • Attach calendar files (.ics) to booking emails so recipients can add appointments to their own calendars.
  • Respond to your support requests.
  • Monitor and analyse usage to improve performance and user experience.
  • Comply with legal obligations.

3. How We Share Your Information

We do not sell your personal data. We may share it with:

  • Service providers: Supabase (database and authentication), Stripe (payments), Resend (transactional email), and Vercel/Netlify (hosting).
  • Your patients/attendees: booking confirmation details are shared with the person who made the booking.
  • Legal authorities: when required by law or to protect our rights.

All third-party providers are bound by data processing agreements and handle data in accordance with applicable privacy laws.

4. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

Booking records may be retained for up to 7 years for tax and legal compliance purposes.

5. Security

We implement industry-standard safeguards including TLS encryption in transit, encrypted storage at rest via Supabase, and row-level security policies on all database tables. Where we store credentials or tokens for third-party services you choose to connect, we protect them with encryption and restrict access to what is needed to operate those features.

Despite our best efforts, no method of transmission over the internet is 100% secure. We encourage you to use a strong, unique password and enable any additional security features we offer.

6. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data via your account settings.
  • Delete your account and associated data.
  • Export your data in a portable format.
  • Object to certain processing activities.

To exercise these rights, please contact us at support@appointly.cloud.

7. Cookies

We use the following types of cookies:

  • Essential cookies: session tokens required to keep you signed in (e.g., Supabase auth cookies).
  • Preference cookies: store your locale and UI preferences.
  • Analytics cookies: Google Analytics (anonymised) to understand how the Service is used. You can opt out by enabling “Do Not Track” in your browser.

8. Third-party services

The Service may rely on third-party tools (for example hosting, email delivery, analytics, and payments). Those providers have their own privacy policies. We encourage you to review them when you use those parts of the Service.

9. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such information, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the Service. The updated policy will be effective on the date shown at the top of this page.

11. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

Appointly
Email: support@appointly.cloud
Website: https://appointly.cloud
Or use our contact form.

By using Appointly, you acknowledge that you have read and understood this Privacy Policy. See also our Terms of Service.

Terms of ServiceContactBack to home