Privacy Policy
Your data, your control. Always.
Last updated: April 2026
1. Hello — what this is
We built Tymeslot to make scheduling painless, and we'd rather you trust us than not. This page tells you exactly what we collect when you use tymeslot.app, why we collect it, who we share it with, how long we keep it, and what you can ask us to do about it.
If anything here isn't clear, please contact us .
2. Who's responsible
The person legally responsible for your data when you use tymeslot.app is:
Diletta Luna OÜ
Sepapaja 6, 15551 Tallinn, Estonia
Estonian commercial registry code 14646450
VAT number EE102132685
The supervisory authority for data protection in Estonia is Andmekaitse Inspektsioon (the Estonian Data Protection Inspectorate, aki.ee). You can lodge a complaint with them about anything we do with your data.
To reach us about anything in this policy, use the contact form .
3. What we collect
From you
When you create an account or use the service, we collect:
- Your name and email
- Profile info you choose to add (timezone, photo, working hours)
- The booking pages you create and their settings
- Meeting details you set up (titles, descriptions, custom questions)
- Credentials for any calendars or video providers you connect — encrypted at rest with AES-256-GCM
- Your account password — stored as a one-way hash, never in plain text
Automatically
When you use the site, we collect:
- IP address (used for rate limiting and abuse prevention)
- Browser and device info from request headers
- Page-level usage as needed to debug problems
We use Umami, a privacy-first, cookieless analytics tool, to see which pages people use and roughly where visitors come from. We self-host Umami on the same Netcup servers as the rest of Tymeslot — no third-party analytics company is involved. Umami doesn't use cookies, doesn't fingerprint your browser, and doesn't collect personal data. We may add or change analytics providers in the future; we'll update this section before we do.
From people who book a meeting with you
When someone uses one of your booking pages, we store what they enter into the form (typically their name, email and any custom answers you ask for) and the time they pick. We do this on your behalf so you can run the meeting. They have the same rights over their data as anyone else — see §10.
4. Where it comes from
Almost everything comes directly from you. The exceptions are the bits you authorize:
- • When you connect Google, Microsoft, Apple, or another calendar provider, we receive whatever that provider lets us read (typically your free/busy times and the events on the calendars you select).
- • When you receive a payment, Stripe sends us the limited subscription info described in §6.
5. How we use your data — and why we're allowed to
GDPR requires us to tell you the legal basis for each thing we do. Here it is.
Run your account, host your booking pages, sync your calendars, send meeting confirmations
Basis: Contract
We can't deliver the service without doing this.
Charge for Pro subscriptions
Basis: Contract
Same reason.
Keep the service secure (rate limiting, abuse detection, fraud prevention)
Basis: Legitimate interest
We genuinely need this to keep the service usable for everyone, and you'd reasonably expect it.
Improve the product based on what works
Basis: Legitimate interest
We look at aggregate, non-personal patterns.
Comply with tax law (keep invoices) and respond to legal requests
Basis: Legal obligation
We have to.
Send marketing emails (only if you opt in)
Basis: Consent
You can withdraw it any time.
We do not make automated decisions about you with significant effects — no AI scoring, no profiling that affects what you can do.
6. Who we share your data with
We use four mandatory third-party services to run Tymeslot. Every account is exposed to all four; you can't opt out of them and stay on tymeslot.app.
Netcup GmbH
Server hosting (Nuremberg, Germany)
All your data lives on their servers.
Stripe Payments Europe Ltd
Subscription payments
Card numbers never touch our servers. Stripe's parent company is in the US, and any transfer of personal data outside the EU happens under the EU's Standard Contractual Clauses.
ActiveCampaign Postmark
Transactional email (booking confirmations, password resets, system notifications)
Postmark records when an email is delivered, bounces, and when it's opened (we use this to confirm delivery and to investigate deliverability problems). Click tracking is turned off. US-based; transfers happen under SCCs.
Google reCAPTCHA
Bot protection on signup and the contact form
US-based; transfers happen under SCCs.
Sub-processors change occasionally as we add features or move services. When they do, we update this list and re-publish this Privacy Policy.
We never sell your personal information.
We also don't share it with anyone except the four providers above and the integrations you choose to connect (see §7), unless we're legally required to (e.g. a court order).
7. Integrations you choose to connect
Tymeslot lets you plug into a calendar (Google, Outlook, Apple iCloud, or any CalDAV-compatible server like Nextcloud, Mailbox.org, Radicale, Zimbra, or your own) and a video provider (Google Meet, Microsoft Teams, MiroTalk, or any custom URL you supply).
When you connect one of these, your data flows to that provider because you authorized it. You decide which integrations are active, and you can disconnect any of them from your dashboard. Your relationship with that provider is governed by their own terms and privacy policy — we're not a party to it.
8. Data security
We're a small team and we take security seriously without overclaiming.
All traffic to and from tymeslot.app uses HTTPS.
Calendar and video credentials are encrypted at rest with AES-256-GCM.
Passwords are stored as one-way hashes — we can't read them, even if we wanted to.
Sensitive endpoints (login, signup, password reset, contact form) are rate-limited.
Bot protection (reCAPTCHA) on signup and the contact form.
Logs are scrubbed of secrets before they're written.
We don't currently offer two-factor authentication on your Tymeslot account itself — it's something we want to add. If your connected accounts (Google, Microsoft, etc.) support 2FA, we strongly recommend enabling it there.
9. How long we keep your data
As long as your account is open.
We delete account data within 30 days of closure.
Roll off after 30 days.
7 years, because Estonian tax law requires it.
You can ask us to delete your account at any time using the contact form. Right now this isn't a one-click button in the dashboard — it's a request that we handle by hand. We try to act on these within a few working days.
10. Your rights
Under GDPR you have the right to:
Get a copy of the personal data we hold about you.
Correct anything that's wrong.
Ask us to delete your data ("right to be forgotten").
Ask us to pause certain uses.
Get your data in a structured, machine-readable form.
Object to processing based on legitimate interest.
For anything we do based on your consent.
With the Estonian supervisory authority (AKI, aki.ee) or the equivalent in your country.
To exercise any of these, use the contact form. We respond within 30 days.
These rights apply equally to people who book meetings via Tymeslot booking pages — you don't need a Tymeslot account to use them.
11. Cookies
We use the bare minimum: a session cookie to keep you logged in, a CSRF cookie for security, and a cookie that remembers your timezone preference. That's it.
Our analytics (Umami) doesn't use cookies and doesn't track you across sites.
12. Children
Tymeslot is not for under-16s. We don't have an age check at signup, so we rely on you not creating an account for a child. If you find out a child has created an account, please tell us and we'll delete it.
13. Open-source transparency
The Tymeslot Core scheduling engine — the part that handles your bookings, your calendar sync, and your data — is open source on GitHub. You can read exactly what it does and how. The SaaS-specific layer (billing, marketing pages, this very document) is closed source and lives in a private repo.
14. Changes to this policy
We may update this policy. Material changes will prompt you to re-accept it the next time you sign in. Smaller edits (typos, formatting) we publish silently. Each version is recorded.