Privacy Policy

Last updated: 05/08/2025

Introduction

At Rebookly, we respect your privacy and are committed to protecting your personal information. This Privacy Policy outlines how we collect, use, disclose, and protect your information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws in Canada.

What Information We Collect

We may collect a variety of personal and business-related information, including but not limited to:

- Contact information (such as your name, email address, and phone number)

- Business details (such as your clinic name and address)

- Login credentials and data about your use of our services

- Communications you send to us via support or feedback channels

- Billing and payment information

- Technical data such as your IP address, browser type, device information, and how you interact with our website and services

How We Use Your Information

Your information may be used for the following purposes:

- To provide, operate, and improve our services

- To communicate with you about your account, updates, support, and promotional offers

- To manage billing, payments, and subscriptions

- To monitor and improve our platform experience through usage analytics

- To detect and prevent fraud or misuse

- To comply with legal or regulatory requirements

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience, understand usage patterns, and improve our site functionality. You can control cookie settings through your browser at any time.

International Data Transfers

Our services rely on third-party platforms, such as GoHighLevel, whose servers are located in the United States. As a result, some of your data may be transferred to or stored outside of Canada. While these providers implement robust security measures, your information may be subject to the laws and lawful access requirements of the jurisdiction in which it is stored.

By using our services, you consent to the transfer and storage of your personal information outside of Canada.

Data Sharing

We do not sell or rent your personal data. Your information may only be shared:

- With third-party service providers under contract, for the purpose of delivering our services

- When required by law or court order

- To protect our legal rights

- With your explicit consent

Your Rights Under PIPEDA

You have the following rights regarding your personal information:

- To request access to your personal data

- To request corrections to inaccurate or outdated information

- To withdraw consent for specific uses, where applicable

- To request deletion of your data, subject to any legal obligations

- To request a copy of your data in a portable format (where applicable)

- To file a complaint with the Office of the Privacy Commissioner of Canada

To exercise any of these rights, please contact our Privacy Officer listed below.

Security Measures

We use a combination of administrative, physical, and technical safeguards to protect your data. These include secure data storage, encrypted connections, and access restrictions.

Although we take reasonable measures to protect your information, no system is completely secure. In the event of a data breach that poses a real risk of significant harm, we will notify affected individuals and report the incident to the appropriate privacy authorities.

Children’s Privacy

Our services are not intended for children under the age of 13. We do not knowingly collect personal information from children. If we become aware that such information has been collected, we will delete it immediately.

Privacy Officer Contact

If you have questions or concerns regarding this Privacy Policy or our data handling practices, please contact us:

Privacy Officer: Chris Eder
Email: [email protected]

Access to Personal Information

Individuals have the right to access and request corrections to their personal information held within the Rebookly system. If you’d like to know what information we hold about you, or if you believe any details are inaccurate, please email: [email protected]

We will respond to all verified access or correction requests within 30 calendar days. Clients may request deletion of their data at any time. We will fulfill verified deletion requests within 30 days, unless the data is required for ongoing business purposes or legal obligations.

Third-Party Service Providers

We work with trusted third-party service providers who assist in delivering our technology, including infrastructure, messaging, and analytics. These providers are contractually obligated to maintain high standards of data security and to comply with privacy laws equivalent to Canadian regulations.

Examples include:

- Data hosting (e.g. Amazon Web Services, Google Cloud)

- Messaging delivery (e.g. Twilio, LeadConnector)

- Automation and CRM infrastructure (e.g. GoHighLevel)

How to Challenge Compliance or Submit a Complaint

If you have questions, concerns, or wish to challenge our compliance with PIPEDA, you can contact us directly:

Privacy Officer: Chris Eder [email protected]

If your concern remains unresolved, you may escalate it to the Office of the Privacy Commissioner of Canada (OPC) at www.priv.gc.ca.

Data Retention and Deletion

We only retain personal information for as long as necessary to deliver our services and support our clients' operations. Inactive customer data is automatically purged or anonymized after 24 months unless otherwise required for legal or regulatory reasons. Clients may request deletion of their data at any time. We will fulfill verified deletion requests within 30 days, unless the data is required for ongoing business purposes or legal obligations.

Last Updated

This policy was last updated on 05/08/2025. We review our privacy practices regularly and may update this policy to reflect changes in regulations, technology, or business practices.