top of page
YourSessionBookings-long logo bakcground.jpg

Your Booking Manager

YourBookingManager Logo-light blue.png

Last updated: 26th January, 2026.

This Privacy Policy explains how Mendez Web Studio Ltd (company number 16956731) of 50b Southwark Bridge Road, London, England, SE1 0AR (“we”, “us”, “our”) collects, uses, shares, and protects personal data when you use Your Session Bookings, YourSessionBookings.com, and related pages/apps/services (together, the “Platform”).

The Platform is an IT booking platform used by:

  • Service Providers (e.g., barbers, hairdressers, beauty professionals and other small/micro businesses), and

  • their Customers (people booking appointments/sessions).

 

If you do not agree with this Privacy Policy, please do not use the Platform.

 

1) Key roles (who is responsible for what)

Service Providers typically decide what Customer data they collect and how they use it for their own business (for example, managing bookings, reminders, and their customer relationships). In many cases, the Service Provider is the data controller for Customer booking data, and we process that data to operate the Platform on the Service Provider’s behalf.

We are the data controller for:

  • our own business administration (including subscriptions, billing, and support),

  • Platform security and fraud prevention,

  • analytics needed to run and improve the Platform, and

  • Platform marketing to Service Providers (where permitted).

 

2) What data we collect

We collect personal data in three main categories:

A) Data Service Providers and team members provide

  • Name, business name, email, phone number

  • Business address/location (if provided)

  • Staff / team member names, roles, and availability

  • Services offered, pricing, booking rules, cancellation/no-show policies

  • Business profile content (descriptions, images, branding assets, links)

  • Messages or content sent via the Platform

 

B) Data Customers provide when booking

  • Name, email address, phone number

  • Appointment details (date/time/service selected, staff member selected)

  • Any notes entered by the Customer (we recommend not entering sensitive information)

 

C) Technical and usage data

  • IP address, device and browser details, operating system

  • Pages and actions on the Platform (for example: page views, clicks, session timestamps)

  • Cookie/identifier data (see Cookies section)

  • Diagnostic logs for security and reliability

 

Payment data note: If a Service Provider requires upfront payment, the Platform may redirect the Customer to a payment processor (such as Stripe). We do not store payment card details. Card entry and payment processing occur on the payment processor’s systems.

 

3) Why we use personal data (purposes)

We use personal data to:

  1. Operate the Platform

    • create and manage accounts

    • publish Service Provider profiles and booking pages

    • create, confirm, and manage bookings and scheduling

  2. Send service notifications and reminders

    • booking confirmations, changes, cancellations

    • appointment reminders and operational messages related to a booking
      (These are considered service/transactional messages.)

  3. Provide support

    • respond to enquiries and troubleshoot issues

  4. Security and fraud prevention

    • protect accounts, prevent abuse, investigate suspicious activity

  5. Improve the Platform

    • analytics and performance monitoring

    • feature development and debugging

  6. Platform offers and updates (marketing)

    • send Platform-related updates and special offers to Service Providers where permitted

    • send marketing to Customers only if they opt in, where required by law

 

4) Lawful bases (UK GDPR / EU GDPR)

Where applicable, we rely on these lawful bases:

  • Contract necessity: to provide the Platform features you request (accounts, bookings, notifications).

  • Legitimate interests: to secure the Platform, prevent fraud, improve services, and (in some cases) send Platform marketing—provided our interests are not overridden by your rights.

  • Legal obligation: where we must keep certain records for compliance.

  • Consent: where required (especially for certain marketing and cookie categories).

 

5) Who we share data with

We do not sell personal data.

 

We may share data with:

A) Service Providers (in context)
If you are a Customer booking an appointment, your booking details and contact information are shared with the relevant Service Provider (and their authorised team members) so they can deliver the service.

B) Platform infrastructure providers (Wix)
The Platform is built on Wix. Personal data is stored and processed using Wix infrastructure and Wix-approved subprocessors. Wix may process and store data across different locations as part of providing its services, and may transfer data internationally in accordance with its own data protection commitments.

C) Payment processors (for Service Providers)
If a Service Provider uses upfront payments, Customers may be redirected to a payment processor to complete payment. The payment processor handles payment details under its own terms and policies. We may receive limited information confirming payment status (for example, paid/unpaid) to manage bookings.

D) Communications providers
Email/SMS delivery services used to send booking confirmations and reminders.

E) Analytics and support tools
Tools that help us understand performance, fix issues, and support users (configured to the extent possible to minimise data).

 

F) Legal and safety
Where required by law, court order, or to protect rights, safety, and prevent fraud.

 

6) Marketing communications (special offers)

 

Service Providers
We may contact Service Providers with Platform updates and special offers where permitted by law. You can opt out at any time using the unsubscribe option in messages or by contacting us.

 

Customers
Customers will receive booking-related messages (confirmations, changes, reminders).
We will only send Platform marketing to Customers where we have a valid legal basis (typically opt-in consent, where required).

Practical note: If you are a Customer, you may see an optional marketing opt-in box at booking. If you do not opt in, you will still receive essential booking-related messages.

 

7) Data retention

We keep personal data no longer than necessary for the purposes described in this Policy.

Our standard approach:

  • We keep account, profile, and booking data while you are actively using the Platform.

  • After your last activity, we generally retain your personal data for up to 3 years for purposes such as customer support, fraud prevention, resolving disputes, and maintaining Platform integrity.

  • At the end of that period, we will delete or anonymise the data so it can no longer be linked to you.

 

Exceptions:
We may keep some information for longer where necessary to comply with legal obligations (for example accounting/tax requirements), or to establish, exercise, or defend legal claims. Where we retain data for these reasons, we restrict access and keep it only as long as required.

Practical note: For best privacy practice, we aim to minimise retention wherever possible and will delete/anonymise sooner if data is no longer needed.

 

8) Your rights (UK GDPR / EU GDPR)

 

You may have the right to:

  • access your data,

  • correct your data,

  • delete your data,

  • restrict processing,

  • object (including to direct marketing),

  • withdraw consent (where we rely on consent),

  • data portability.

 

How to request: Email contact@yourbookingmanager.com or write to:
Mendez Web Studio Ltd, 50b Southwark Bridge Road, London, England, SE1 0AR.

Timeframe: We respond without undue delay and within one month. If a request is complex, we may extend by up to two additional months, and we will inform you within the first month.

 

9) Deletion requests and service impact (Service Providers)

If a Service Provider requests deletion of their account data, we may be unable to continue providing the Platform to them after deletion.

Where deletion causes termination of a paid subscription, we do not offer refunds, except where required by applicable law.

We may retain limited records where necessary for legal obligations or to establish/defend legal claims.

 

10) International transfers

Because our Platform relies on third-party infrastructure providers, personal data may be processed and stored in multiple locations and may be transferred internationally. Where international transfers occur, we take steps to ensure appropriate safeguards are in place as required by applicable data protection laws.

 

11) Security

We use appropriate technical and organisational measures to protect personal data (access controls, least-privilege access, monitoring, and secure platform infrastructure). No system is 100% secure, so please use strong passwords and keep login credentials confidential.

 

12) Cookies and similar technologies

We use cookies and similar technologies to:

  • keep the Platform functioning (essential cookies),

  • remember preferences,

  • measure performance and usage,

  • improve user experience and security.

Where required, we use a cookie banner/consent tool to manage non-essential cookies. You can also control cookies through browser settings, but some features may not work properly.

13) Children

The Platform is intended for adults and businesses. We do not knowingly collect personal data directly from children. If a Service Provider books appointments for minors, the Service Provider is responsible for any required parent/guardian consent.

 

14) Changes to this Privacy Policy

We may update this Policy from time to time. The latest version will be posted on the Platform with the updated date.

 

15) Contact

For privacy requests (access, deletion, correction, objections):
Email: contact@yourbookingmanager.com
Post: Mendez Web Studio Ltd, 50b Southwark Bridge Road, London, England, SE1 0AR

Privacy Policy of YourBookingManager.com

bottom of page