Draft — Pending Legal Review

Privacy Policy

Last updated: February 14, 2026

BookFreely (“BookFreely”, “we”, “our”, “us”) operates a service marketplace that connects customers with independent service businesses. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the choices you have. By using BookFreely you agree to the practices described here.

1. Who we are & scope

BookFreely is an online marketplace that connects customers with independent local service providers. Customers browse services, book appointments, and pay securely online; Businesses manage bookings and receive payouts through Stripe Connect. Independent Businesses on the platform are separate data controllers for their own customer relationships (e.g. service delivery, direct communications). This policy covers information we collect through the BookFreely website, apps, and payment flows.

2. Eligibility & age requirements

  • Under 13 — Not permitted to create any BookFreely account.
  • Customers 13–17 — Permitted only with the permission and supervision of a parent or legal guardian; the guardian’s name and email must be on file at signup.
  • Customers 18+ — Permitted independently.
  • Business owners 18+ — Permitted independently.
  • Business owners 13–17 — Permitted only with guardian supervision. The guardian is legally responsible for identity verification, taxes, payouts, and compliance.

We collect date of birth at signup to enforce these gates and to comply with children’s privacy laws. If we discover an account belongs to someone under 13, we will terminate the account and delete the associated data.

3. Information we collect

  • Account details: name, preferred name, email, hashed password, role (customer / business / super admin), date of birth (collected at signup to enforce age gates), and — for accounts belonging to users aged 13–17 — the parent or legal guardian’s full name and email.
  • Business profile: business name, description, category, contact phone, website, service location and radius, uploaded profile photo, and the mobile team details (name / photo) a Business chooses to publish.
  • Booking data: services requested, scheduled times, deposit amounts, downpayment status, appointment PINs, provider timeline events (on-the-way, arrived, in progress, completed).
  • Payment metadata received from Stripe: payment status, last-4, card brand, Stripe IDs, amounts. Full card numbers, CVV, bank account numbers, and identity documents submitted for Stripe KYC are handled by Stripe directly — see §5.
  • Device & session data: session tokens, remembered-device tokens, IP address, user-agent, cookie preferences.
  • Messages, reviews, reports, and case data submitted through the platform.
  • Analytics: aggregated page-view and performance metrics.

4. How we use your information

  • Provide the marketplace: accounts, bookings, subscriptions, calendar, reminders.
  • Payments and payouts: process customer downpayments and route funds to businesses via Stripe Connect.
  • Safety and moderation: prioritise and investigate reports, run the strike / suspension ladder, prevent fraud (see §6).
  • Communication: transactional emails (booking confirmations, reminders, security alerts) and, if you opt in, product updates.
  • Legal compliance and accounting.

We do not sell your personal information.

5. Identity verification (Stripe Connect KYC)

BookFreely relies exclusively on Stripe Connect for Business identity verification. Government-issued IDs, business formation documents, tax information, and bank details are submitted directly to Stripe, verified by Stripe, and stored by Stripe under Stripe’s privacy policy. BookFreely does not collect, review, or retain government-issued IDs separately from Stripe. A Business becomes active on BookFreely automatically once Stripe confirms verification. The same process applies to Businesses that offer mobile, in-home, or in-person services — there is no additional manual review.

6. AI moderation (human-supervised)

Reports of policy violations are automatically summarised and severity-scored by an AI moderation assistant (Anthropic’s Claude model, accessed via Emergent Integrations). The AI is a triage aid only — it never issues warnings, strikes, suspensions, or removals on its own. Every enforcement decision is reviewed and finalised by a BookFreely administrator. Report content is transmitted to the AI provider solely for triage and is not used for advertising, profiling, or model training on our behalf.

7. Suspension & account enforcement

BookFreely may suspend, restrict, or terminate any account that violates our Terms of Service or Community Guidelines, engages in fraud, threatens safety, or otherwise poses risk to the community. Enforcement actions and their reasons are recorded in our internal audit log so we can respond to appeals and legal requests.

8. Authorized personnel access & audit log

Only authorized BookFreely personnel may access account or booking information, and only when necessary for customer support, fraud investigation, dispute resolution, legal compliance, or platform security. Every such access to sensitive records (payment metadata, private messages, dispute history, business details) is logged with the reviewer’s identity, timestamp, target, reason code, and optional note. These audit logs are reviewed internally and retained for accountability. We do not permit casual browsing of user data.

9. Payment processing (Stripe)

All payments and payouts are processed by Stripe, Inc. and by Stripe Connect connected accounts owned by each Business. Card numbers, bank details, and identity documents submitted for Stripe KYC are handled directly by Stripe under their terms and privacy policy (stripe.com/privacy). BookFreely receives only the operational metadata described in §3.

10. Email delivery

Transactional emails are delivered via our email service provider. Recipient email address, subject, and message content are shared with the provider solely for delivery.

11. Cookies, sessions, and Trusted Devices

We use a session token for authentication and an optional “Trusted Device” token so signed-in users on a remembered device can skip step-up verification for up to 30 days. You can review and revoke trusted devices from your account settings. Optional analytics and marketing cookies are controlled from the “Cookie preferences” link in the footer.

12. Sharing your information

  • With the Business you book from: your name, contact phone/email (revealed only after confirmation), and — for mobile services — service address (revealed only within the arrival window).
  • With our sub-processors: Stripe (payments and KYC), our transactional email provider, our AI moderation provider (Anthropic via Emergent Integrations), and our hosting provider.
  • When legally required (subpoena, safety emergency, fraud investigation).
  • In connection with a business transfer (merger or acquisition) with continued protection of your information.

13. Your rights and choices

  • Access, correct, or delete your account data from your dashboard.
  • Export your data: Businesses can download a full account export from Business Dashboard → Account.
  • Delete your account: Businesses use the deletion flow (30-day grace period). Customers can request deletion by emailing bookfreely.support@gmail.com.
  • Revoke trusted devices, opt out of marketing emails, adjust cookie preferences at any time.
  • Applicable law may give you additional rights (GDPR, CCPA) — contact us to exercise them.

14. Data security

We use industry-standard security measures to protect your data, including encrypted transport, password hashing, step-up verification for sensitive actions, and audit logs on privileged access. No system is perfectly secure, so please use a strong, unique password and enable step-up verification when prompted.

15. International transfers

Your data may be stored or processed by sub-processors in countries other than your own. Where required, we rely on appropriate safeguards (such as standard contractual clauses) for cross-border transfers.

16. Changes to this policy

We may update this policy. Material changes will be announced by email or in-app notice. The “Last updated” date at the top always reflects the current version.

17. Contact

Questions or requests: bookfreely.support@gmail.com.

This document is a working draft and has not yet been reviewed by legal counsel. It is provided for transparency about our current practices and will be finalised prior to public launch.

A quick note about cookies

Essential cookies keep you signed in and your account secure. Functional cookies save your preferences, and analytics helps us make BookFreely better over time. Marketing cookies are optional and off unless you turn them on. Learn more.

ways' to create profiles for anonymous users as well, session_recording: { recordCrossOriginIframes: true, capturePerformance: false, }, });