Privacy Policy

Welcome to Go Book Me In! We are pleased that you are visiting this website or any of our other top-level domain (TLD) (such as www.gobookmein.com, www.gobookmein.business, www.gobookmein.pro, www.gobookmein.co.uk or www.gobookme.in) our “website”. Data protection and data security when using our website are very important to us.

In this Privacy Policy, you will find all the information about which Personal Data we collect and process and for what purpose. Equally, we will also inform you of your data protection rights and how you can assert them.

GENERAL PRINCIPLES

What is Personal Data?

Personal Data is "any information relating to an identified or identifiable natural person. This includes, for example, name or address data, telephone number, mobile number, or online identifiers such as your device ID and your IP address.

What is processing?

"Processing" means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means. The term is broad and covers virtually any handling of data.

Who is responsible for data processing?

The responsible party for data processing is Go Book Me In Ltd, The Long Lodge 265-269 Kingston Road, Wimbledon, London, SW19 3NW (“Go Book Me In Ltd”, “we”, “us”, “our”). If you have any questions or if you wish to exercise your rights, please contact us by email using [email protected], or write to us at the above address.

What law applies?

Our use of your Personal Data is subject to the UK's Data Protection Act (“DPA”), and the EU's General Data Protection Regulation (“GDPR”), and of course we process your Personal Data accordingly.

What are the Legal Bases for processing Personal Data?

In accordance with the DPA and the GDPR, we have to have at least one of the following legal bases to process your Personal Data: a) you have given your consent, b) the data is necessary for the fulfilment of a contract / pre-contractual measures, c) the data is necessary for the fulfilment of a legal obligation, or d) the data is necessary to protect our legitimate interests, provided that your interests are not overridden.

Who is the competent data protection authority?

The Information Commissioner’s Office (ICO) (www.ico.org.uk). If you believe that the processing of your Personal Data is not lawful, you can lodge a complaint with the ICO or your local data protection supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach the ICO or any other supervisory authority.

How long will you keep my data?

We process and store your Personal Data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period exists (in particular commercial and tax law in accordance with the UK`s Commercial and Fiscal Rules and Regulations for up to 6 years. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.

WHAT PERSONAL DATA DO WE PROCESS?

Technical Data

When you access our website, some access data is recorded automatically and stored in a log file on our website's server. This means if you browse and simply have a look at our website, we process a) the IP address of your computer, b) the date and time of your access, c) the name and URL of the accessed file, d) the browser used, e) the amount of bytes transferred, f) the status of the page request, g) the session ID and g) the referrer URL. The legal basis for processing is our legitimate interest.

Hosting of our website

We use our own servers for the purpose of hosting and displaying our website. This means that all data collected on our website is processed by us alone and with the involvement of any third party. The basis for processing is our legitimate interest, and the initiation and/or fulfilment of a contract.

Fonts

We use Google Fonts from Google LLC on our website to display external fonts. To enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is called up. Through the connection to Google, which is established when our website is called up, Google can determine from which website your request originates and to which IP address the display of the font should be transmitted. This constitutes a legitimate interest.

Cookies

We use so-called cookies on our website. Cookies are pieces of information that are transmitted from our web server or third-party web servers to your web browser and stored there for later retrieval. For further information on the cookies we use, please refer to our Cookie Policy. The legal basis for the use of Cookies is depending on the specific cookie used, our legitimate interest and/or your consent.

Cookie consent

Our website uses a cookie consent tool to obtain your consent to the storage of cookies and to document this consent. When you enter our website, the following Personal Data is transferred to us: a) Your consent(s) or revocation of your consent(s); b) Your IP address; c) Information about your browser; d) Information about your device; d) Time of your visit to our website. The basis for processing is our legitimate interest and your consent.

Links to other websites

Please note that if you use a link from our website to a third-party website, that third-party may also set new cookies that are not covered by this or our cookie Notice. In such cases, we recommend that you read the cookie Notice on the third-party website itself.

Economic analyses and market research

For business reasons, we analyse the data we have on web and server traffic patterns, website interactions, browsing behaviour etc. The analyses serve us alone and are not disclosed externally and processed using anonymous analyses with summarised and or anonymised values. For this purpose we use Google Analytics from Google LLC. The legal basis is our legitimate interest and your consent. For further information on our use of Google Analytics, please refer to our Cookie Policy.

Contacting us

You can contact us in various ways and data is always collected in the process. You provide us with most of the data that we process when you contact us such as your name, and email address. This data is collected and processed exclusively for the purpose of contacting you and processing your request and then deleted again, provided that there is no legal obligation to retain it.

We also offer to contact us via the messaging services of WhatsApp. If you contact us via WhatsApp we store and use the mobile phone number, you use and - if provided - your first and last name in accordance with the provision of a contractual or pre-contractual measure to process and respond to your request.

Contracting with us

We process the Personal Data that arises when you use our portal in order to provide our contractual services. In particular, this includes our support, correspondence with you, invoicing, fulfilment of our contractual, accounting and tax obligations. Accordingly, the data is processed on the basis of the fulfilment of our contractual obligations and our legal obligations.

If you register through our website, we will request mandatory and, where applicable, non-mandatory data in accordance with our registration form (Full Name, Email Address, Company Details). The entry of your data is encrypted so that third parties cannot read your data when it is entered. For the purpose of logging in to our Portal, you will provide your password together with your username. We will hold your data for further orders as long as you have your account and user contract with us. The legal basis for processing is our legitimate interest, the provision or initiation of a contractual service and your consent.

Alternatively, you are able to sign up using the convenience login and sign up from Google LLC. For convenience login and sign up, you will be asked to provide your basic information (i.e., name, email address, and display picture) linked to your account. When registering via convenience functions, you agree to the relevant terms and conditions and consent to certain data from your Patreon profile being transferred to us.

When using Go Book Me In in your business

When you are using Go Book Me In in your business, you become the data controller and we become the data processor. In this sense, we process the Personal Data that you or your clients or customers provide. This may include depending on your use of Go Book Me In, your client or customer contact details, business details or details relating to their booking and the services offered by you (“Service Data”).

We process your Service Data within the framework of DPA and GDPR, exclusively for the purpose of handling the contractual relationship between you and us and in accordance with your instructions. In this sense, we recognise that you own your Service Data and provide you with complete control of your Service Data by providing you the ability to (i) access your Service Data, (ii) share your Service Data, and (iii) request export or deletion of your Service Data.

We ensure that access to your Service Data by our employees is only available on a need-to-know basis, restricted to specific individuals, and is logged and audited. We communicate our privacy and security guidelines to our employees and enforce privacy and protection safeguards strictly.

Some jurisdictions may require you to disclose your use of our services as your processor in your privacy policy and/or data processing agreement as applicable. For this purpose all Personal Data processed by us will be stored on our own in-house servers, our technology is supported by Reserve with Google and Google Maps by Google LLC and we take appropriate legal precautions and corresponding technical and organisational measures to ensure the protection of service data and Personal Data in accordance with the DPA and GDPR.

Further and if you are providing us with Personal Data relating to a third party, you agree a) that you have in place all necessary appropriate consents and b) that such third party has read this Privacy Policy. You agree to indemnify us in relation to all and any liabilities, penalties, fines, awards, or costs arising from your non-compliance with these requirements.

Support ticket

If you create a support ticket, we will request Personal Data and, where applicable, non-Personal Data in accordance with your request, this may include your name, email address and other order related data you voluntarily provide. The data provided is not shared with third parties and cannot read your data when it is entered. If you submit a support ticket, we process the data for the purpose of processing and handling your ticket.

Our employees will also have access to data that you knowingly share with us for technical support or to import data into our services. We communicate our privacy and security guidelines to our employees and enforce privacy safeguards strictly. The legal basis of the data processing is our obligation to fulfil the contract and/or our legitimate interest in processing your support ticket.

Payment Data

Payment Data will be processed via the payment service provider Stripe, and solely be processed through the payment system of Stripe. The legal basis for the provision of a payment system is the establishment and implementation of the user contract for the use of the service.

Administrative Tasks

Equally, we process data in the context of administrative tasks as well as organisation of our business, financial accounting and compliance with legal obligations, such as invoicing and archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The purpose and our interest in the processing lies in the administration, financial accounting, office organisation, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The legal basis for processing the above is our legitimate interest, the provision or initiation of a contractual service.

Aggregated Data

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose including improving our website. Aggregated Data could be derived from your Personal Data but is not considered Personal Data in law as this data will not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this policy.

Promotional use of your data

We use your data (name and email address) within the legally permissible scope for marketing purposes, e.g., to draw your attention to special promotions and discount offers. You can unsubscribe at any time via the link provided for this purpose in each email we send or by sending us an informal message. After unsubscribing, your email address will be deleted immediately.

DATA SHARING

In certain cases, it is necessary to transmit the processed Personal Data in the course of data processing. In this respect, there are different recipient bodies and categories of recipients.

Internal

If necessary, we transfer your Personal Data within Go Book Me In Ltd. Of course, we comply with the associated legal framework and ensure that your data is processed properly. Access to your Personal Data is only granted to authorised employees who need access to the data due to their job, e.g., to provide our services or to contact you in case of queries.

We may also share your Personal Data with our Business Partners (including staff members or entities with which we have an ongoing business relationship to provide our services or information) for the purposes described in this Privacy Policy, including (but not limited to) conducting the services you request, or customising our business to better meet your needs.

External bodies

Personal Data is transferred to our service providers in the following instances:

  • in the context of fulfilling our contract with you,
  • to use marketing services and to advertise our services online,
  • to communicate with you,
  • to provide our website, and
  • to state authorities and institutions as far as this is required or necessary.

International transfers

We may transfer your Personal Data to other companies as necessary for the purposes described in this Privacy Policy. In order to provide adequate protection for your Personal Data when it is transferred, we have contractual arrangements regarding such transfers. We take all reasonable technical and organisational measures to protect the Personal Data we transfer.

SECURITY OF YOUR DATA

In order to protect the data stored with us in the best possible way against accidental or intentional manipulation, loss, destruction or access by unauthorised persons, we use appropriate technical and organisational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.

Nevertheless, internet-based data transmissions can always have security gaps, so that absolute protection cannot be guaranteed. And databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised as expeditiously as possible after which the breach was discovered.

YOUR RIGHTS AND PRIVILEGES

Privacy rights

Under the DPA and GDPR, you can exercise the following rights:

  • The right to access;
  • The right to rectification;
  • The right to erasure;
  • The right to restrict processing;
  • The right to object to processing;
  • The right to data portability;
  • The right to complaint to a supervisory authority

Updating your information and withdrawing your consent

If you believe that the information we hold about you is inaccurate or request its rectification, deletion, or object to its processing, please do so by contacting us.

Access Request

In the event you want to make a Data Subject Access Request, please contact us. We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days, we will tell you why and when we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we will tell you why.

WHAT WE DO NOT DO

  • We do not request Personal Data from minors and children;
  • We do not process Special Category Data without specific and expressly given consent;
  • We do not use Automated decision-making including profiling; and
  • We do not sell your Personal Data.

CHANGES

We may update this Privacy Policy from time to time. If we make changes to this Privacy Policy, we will revise the effective date.

EFFECTIVE DATE

Friday, 24th of May, 2024

QUESTIONS

If you feel that the above is not sufficient or if you have any queries as regards the collection, processing or use of your information we are looking forward to hearing from you. We will make every effort to reply as soon as possible and take into consideration any suggestions from your end.