1.Overview
This Privacy Policy explains how GetBook (“we”, “us”) collects, uses, shares and protects personal information when you use our booking platform, websites and related services (the “Service”). It also describes your rights and how to exercise them.
We are based in the Philippines and handle personal information in line with the Data Privacy Act of 2012 (Republic Act No. 10173) and its implementing rules. Where we serve users in other regions, we also honour comparable rights such as those under the GDPR.
2.Our role: controller and processor
GetBook acts in two different roles depending on whose data is involved:
- As a controller — for the account and billing data of the businesses and people who sign up to use GetBook directly. We decide how that data is used to provide and improve the Service.
- As a processor — for the End-Client data that a business (our customer) stores in GetBook, such as their clients’ contact details and booking history. The business is the controller of that data; we process it on the business’s behalf and under its instructions.
3.Information we collect
Information you provide
- Account & profile — name, email, phone, password (stored hashed), business name, business type and role.
- Business content — services, prices, staff, schedules, gallery images, and website settings you add.
- Customer & booking data — details of End Clients and their bookings, notes, invoices and payment records that a business enters or receives.
- Communications — messages you send us, including support requests.
Information collected automatically
- Usage & device data — pages viewed, actions taken, approximate location from IP, browser and device type, and log data.
- Cookies & similar technologies — see our Cookies Policy for the full list.
Payment information
When you pay for a subscription, payment is handled by our payment processor. We do not store full card numbers — we receive limited details such as the last four digits, card type, and a transaction reference. See Data Storage.
4.How we use information
We use personal information to:
- provide, operate, secure and maintain the Service and your account;
- process bookings, payments, subscriptions and invoices;
- send transactional messages (booking confirmations, reminders, receipts, security and service notices);
- provide customer support and respond to your requests;
- understand usage and improve, develop and troubleshoot the Service (using aggregated or de-identified data where possible);
- detect, prevent and address fraud, abuse and security issues; and
- comply with legal obligations and enforce our terms.
We send marketing messages only where permitted, and you can opt out at any time. We do not sell your personal information.
5.Legal bases for processing
Where the law requires a legal basis, we rely on: performance of a contract (to provide the Service you signed up for); your consent (which you may withdraw); our legitimate interests (to secure, improve and promote the Service, balanced against your rights); and compliance with legal obligations. Under the Data Privacy Act, processing is based on your consent, contractual necessity, legal obligation, or our legitimate interests as a personal information controller.
7.International data transfers
Some of our service providers may process data outside your country, including outside the Philippines. Where we transfer personal information across borders, we take steps to ensure an adequate level of protection through contractual safeguards and provider commitments, consistent with applicable data-protection laws.
8.Data retention
We keep personal information for as long as your account is active and as needed to provide the Service, then for the period required to meet legal, accounting, or reporting obligations, resolve disputes, and enforce our agreements. When data is no longer needed, we delete or anonymise it. Businesses control the retention of their own End-Client data — see Data Storage for details on deletion and export.
9.How we protect information
We use technical and organisational safeguards — encryption in transit, database-level access controls and tenant isolation, least-privilege access, and monitoring — to protect personal information. No system is perfectly secure, but we work to protect your data and to respond promptly to incidents. Read more in Data Storage.
10.Your rights and choices
Subject to applicable law, you may have the right to access, correct, update, port, or delete your personal information; to object to or restrict certain processing; to withdraw consent; and, under the Data Privacy Act, to be informed, to object, to rectification, to erasure or blocking, and to damages, as well as to lodge a complaint with the National Privacy Commission.
To exercise a right, email us at hello@getbook.cloud. We may need to verify your identity. If your request relates to data held by a business using GetBook, we will refer you to, or coordinate with, that business as the controller.
11.Children's privacy
The Service is not directed to children and is intended for account holders who are at least 18. We do not knowingly collect personal information from children for our own purposes. A business may record limited details about a minor End Client (for example for a booking); that business is responsible for obtaining any parental consent required.
12.Changes to this policy
We may update this Privacy Policy from time to time. We will post the updated version with a new “Last updated” date and, for material changes, provide additional notice such as an email or in-app message.
Questions?
If anything here is unclear, or you want to exercise a right described above, contact the GetBook team at hello@getbook.cloud. We aim to respond within 30 days.