This Privacy Policy sets out how the Service Provider (Chronos Web Tech Kft.) processes personal data in connection with the use of its website and services. The Service Provider is committed to protecting personal data and complying with applicable data protection laws, including Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”).
The Service Provider processes Users’ personal data for the following purposes and on the following legal bases:
The Service Provider processes the following categories of personal data:
The Service enables Users to connect their Google Calendar account to the appointment booking system. In the course of this integration, the Service Provider accesses the User’s calendar data via the Google Calendar API exclusively for the purpose of synchronizing appointments.
Access to calendar data is strictly limited to the scope of permissions granted by the User. Such data is not used for any other purpose and is not disclosed to third parties.
The legal basis for this data processing is the User’s consent (Article 6(1)(a) GDPR). Consent may be withdrawn at any time via the service settings or through the User’s Google account settings.
Further information is available in Google’s Privacy Policy: https://policies.google.com/privacy
The use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
When connecting a Google account, the Service Provider accesses only the data necessary for appointment booking and calendar synchronization features.
Google user data:
Data accessed through the Google Calendar API is retained only for as long as necessary to provide the Service or while the User actively uses the Google integration.
If the User:
related Google user data will be deleted from the Service Provider’s systems within a reasonable timeframe unless retention is required by law.
Users may request deletion of Google user data at any time:
Once access is revoked, the Service Provider will cease further access to Google user data and related authentication tokens will be deleted.
Payments are processed by Stripe Payments Europe Ltd.
The Service Provider retains personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, accounting, and reporting obligations.
The Service Provider may engage third-party service providers (data processors) to support the operation of the Website and services (e.g. hosting providers, invoicing systems, IT support).
These processors act on behalf of the Service Provider and process personal data only in accordance with its instructions and applicable data processing agreements.
Where personal data is transferred outside the European Economic Area (EEA), the Service Provider ensures appropriate safeguards in accordance with GDPR (e.g. Standard Contractual Clauses).
The Service Provider does not intentionally collect or process special categories of personal data under Article 9 GDPR (such as health data, religious beliefs, or political opinions), unless voluntarily provided by the User through the Service.
If such data is uploaded by the User, the Service Provider applies appropriate technical and organizational safeguards, including:
Such data is processed solely for the operation of the Service and is never used for advertising, profiling, or marketing purposes.
Users have the following rights under the GDPR:
Requests may be submitted using the contact details provided by the Service Provider.
If a User believes that their personal data has been processed unlawfully, they have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of their habitual residence or place of work.
This Privacy Notice is continuously accessible on the Website. The Service Provider reserves the right to amend it at any time. Users will be notified in advance of any material changes.