Privacy policy
Last updated 2026-04-21
TODO: juridical review. Working version – pending review by external counsel for each jurisdiction we operate in.
1. Who we are
Timepicker.online is a commercial product providing a messenger-native AI booking assistant for beauty professionals. In this document, "we" means the Timepicker.online team; "you" means a site visitor or customer. Contact for data questions: hello@timepicker.online.
2. What we collect
2.1 Form data
When you submit a form on our site (early access, contact, support), we collect: first and last name; email; business name; business category; country; preferred contact channel; anything you tell us in the message field; IP address and user-agent, for anti-spam and diagnostics.
2.2 Product usage data
When you use the assistant, we process: your clients' names, phone numbers, and booking details – only as needed to deliver the service; messenger handles (Telegram ID, WhatsApp number, Instagram handle) for message routing; service history and preferences you enter; calendar events we create on your behalf.
2.3 Attribution
In your browser we store: tp_visitor_id (1-year cookie + localStorage) – anonymous visitor ID, no PII; tp_session_id (sessionStorage) – session ID, cleared when tab closes; tp_first_touch, tp_last_touch (localStorage) – UTM params and landing page, for traffic-source reports.
2.4 Analytics events
Anonymous events (page views, CTA clicks, form starts/submits) go to PostHog (when configured) or to server logs. They reference visitor and session IDs, never form data.
3. How we use data
- Communication – to reply about early access, support, or billing.
- Service delivery – to run the booking, reminder, and rebook automations for your business.
- Product improvement – aggregated traffic and conversion statistics.
- Security – anti-spam on forms and incident investigation.
- Legal – compliance with applicable law.
We don't sell data or share it with third parties for marketing.
4. Who we share data with
Only third parties required to deliver the service:
- Messaging platforms (Telegram, WhatsApp Business, Instagram Messenger) – to send and receive messages.
- Analytics (PostHog, EU region) – anonymous events only.
- Payment processor (Stripe or equivalent) – for subscriptions when active.
- Infrastructure providers – hosting (Vercel), DNS, email.
- When legally required.
5. Retention
- Form data: until you close your account or 24 months after last contact, whichever is later. Earlier on request.
- Attribution IDs: 365 days.
- Analytics events: PostHog default retention (typically 24 months).
- Security logs: 90 days.
- Booking data: as long as your account is active, plus 12 months for tax/audit purposes. Full export available any time.
6. Your rights
Depending on your jurisdiction, you can:
- get a copy of your data;
- correct inaccuracies;
- request deletion;
- withdraw consent to processing;
- port your data;
- file a complaint with your local data protection regulator.
Email hello@timepicker.online – we respond within 30 days.
7. Cookies and tracking
We use only functional cookies (visitor ID, session, attribution). We do not use third-party advertising cookies. Blocking all cookies won't break the site but may affect form attribution.
8. Children
The service is for professional use. We don't collect data from anyone under 16 and don't target content to them.
9. Changes to this policy
Material changes are reflected in the updated date at the top. Prior versions available on request.
10. Jurisdiction and contact
TODO: set jurisdiction after company registration. Until then, contact us at hello@timepicker.online.