agendly

Privacy Policy

1. Data Controller

Nepomuk Software GmbH & Co. KG
Maria-Montessori-Allee 10
63457 Hanau
E-Mail: datenschutz@agendly.de

2. Hosting

Our website is hosted by Amazon Web Services (AWS) in the Frankfurt region (eu-central-1). AWS is certified according to ISO 27001, SOC 2 and other standards.

3. Data Collection on Our Website

Server Log Files

With each access, information is automatically collected (IP address, time, requested page, browser). This data is technically necessary and is deleted after 7 days.

Cookies

We only use technically necessary cookies for authentication and session management. No tracking cookies are used.

4. Registration and User Account

During registration, we collect:

  • Name and email address
  • Optional: Company name, phone number
  • Payment data (stored with Stripe)

This data is required for contract fulfillment (Art. 6 para. 1 lit. b GDPR).

5. Appointment Bookings

For appointment bookings, we collect:

  • Name and email of the booker
  • Selected appointment
  • If applicable, additional information (phone, message)

The appointment provider is responsible for their customers' data. We act as a data processor.

6. Calendar Synchronization

When connecting to Google Calendar or Microsoft 365, we receive read access to calendar data for availability checking. We only store busy times, not appointment details.

7. Payment Processing

Payment processing is handled by Stripe, Inc. Stripe receives the data necessary for payment. Stripe's privacy policy can be found at: https://stripe.com/de/privacy

8. Email Delivery

Transactional emails (booking confirmations, login links) are sent via Microsoft 365.

9. Your Rights

You have the right to:

  • Access to your stored data
  • Correction of incorrect data
  • Deletion of your data
  • Restriction of processing
  • Data portability
  • Object to processing

Please contact datenschutz@agendly.de.

10. Right to Complain

You have the right to complain to the competent supervisory authority. The supervisory authority responsible for us is the Hessian Commissioner for Data Protection and Freedom of Information.

11. Data Security

We implement technical and organizational measures to protect your data. Data transfer is encrypted via TLS/SSL.

12. Data Processing Agreement

With customers who use agendly for appointment booking, we conclude a data processing agreement in accordance with Art. 28 GDPR. This is available in the dashboard.

Last updated: January 2025