Legal
Privacy Policy
Last Updated: 06.07.2026
1. Introduction
This Privacy Policy explains how SETBOOKGO ("we", "us" or "our") collects, uses and protects personal data in connection with the website https://setbookgo.com and the SETBOOKGO booking platform (together, the "Service"), in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. The Service is operated by Individual Entrepreneur Aleksei Khrebto (contact details in Section 13).
2. Who This Policy Covers and Our Role
- Website visitors — people browsing setbookgo.com. We act as the data controller.
- Merchants — business users who register an account. We act as the data controller for account and billing data.
- End Customers — people who book a Merchant's services through the Merchant's booking page or widget. For this Booking Data, the Merchant is the data controller and we act as a data processor on the Merchant's behalf. End Customers should also consult the privacy notice of the Merchant they book with. Where End Customers contact us directly, we handle their requests and forward them to the relevant Merchant where required.
3. Information We Collect
- Merchant account data: name, email address, phone number, business name and address, working hours, timezone, language, currency, password (stored only in hashed form), optional messenger contact.
- Booking Data (processed for Merchants): End Customer name, phone number, email address and/or WhatsApp contact, booking dates and times, booked item, price, and booking status.
- Payment data: where a Merchant enables card payments, payments are processed by Stripe. We do not receive or store card numbers; we receive transaction status and identifiers.
- Communications: messages you send us (email, contact or feedback forms).
- Technical data: IP address, browser type, device information and server logs collected automatically for security and troubleshooting.
- Preferences: cookie consent choice, interface language and theme (stored locally in your browser — see the Cookie Policy).
4. Legal Basis for Processing
- Performance of a contract (Art. 6(1)(b) GDPR): providing the Service to Merchants; registration; support.
- Merchant's instructions under a data processing agreement (Art. 28 GDPR): processing Booking Data as processor.
- Legitimate interests (Art. 6(1)(f) GDPR): securing and improving the Service, preventing abuse, maintaining server logs.
- Consent (Art. 6(1)(a) GDPR): marketing communications and non-essential cookies/analytics, if and when used.
- Legal obligation (Art. 6(1)(c) GDPR): accounting and tax requirements.
5. How We Use Information
- To create and operate Merchant accounts, booking pages and widgets.
- To process bookings and deliver booking notifications to Merchants and End Customers (email; SMS/WhatsApp via Twilio or Telegram, where enabled by the Merchant).
- To process payments through Stripe, where enabled.
- To respond to enquiries and provide support.
- To protect the Service against fraud, abuse and security incidents.
- To comply with legal obligations.
6. Cookies and Similar Technologies
The website uses only technically necessary cookies and browser local storage (cookie consent choice, language, theme, session identifiers for the administration panel). We currently do not use third-party advertising or analytics cookies; if analytics tools are introduced, they will be activated only with your consent via the cookie banner. See the Cookie Policy for details.
7. Data Sharing and Recipients
We share personal data only as necessary to operate the Service:
- Hosting: Contabo GmbH, Germany (servers located in Germany).
- Payments: Stripe (Stripe Payments Europe, Ltd. and affiliates), where card payments are enabled.
- SMS/WhatsApp notifications: Twilio Inc. (USA), where enabled by the Merchant.
- Messenger notifications: Telegram, where enabled by the Merchant.
- Email delivery: our email delivery provider (currently Google LLC / Gmail infrastructure) for transactional booking emails.
- Merchants: Booking Data is made available to the Merchant with whom the booking was made.
- Authorities: where required by law, court order or to protect legal rights.
We do not sell personal data.
8. International Transfers
Personal data is stored on servers located in Germany (EU). The Service is operated from Georgia, and our personnel may access data from Georgia for administration and support; Georgia is a party to Council of Europe Convention 108, and we apply the safeguards described in Section 10 to such access. Transfers to providers outside the EU/EEA (for example Twilio in the USA) rely on the European Commission's Standard Contractual Clauses and, where available, the EU–US Data Privacy Framework certifications of the respective provider.
9. Data Retention
- Merchant account data: for the life of the account and up to 12 months after deletion, unless a longer period is required by law (e.g. accounting records).
- Booking Data: for as long as the Merchant uses the Service, and per the Merchant's instructions; exported or deleted within 30 days after account termination on request.
- Support correspondence: up to 12 months after the last exchange.
- Server logs: up to 90 days, unless needed for security investigations.
10. Data Security
We apply technical and organisational measures appropriate to the risk, including HTTPS/TLS encryption in transit, hashed password storage, access controls and role separation, network-level protections, and regular backups. No system is completely immune from risk; in the event of a personal data breach we will notify the competent supervisory authority and affected persons where required by Articles 33–34 GDPR.
11. Your Rights
Subject to the GDPR and applicable law, you have the right to:
- Access your personal data and obtain a copy.
- Correct inaccurate or incomplete data.
- Request deletion of your personal data.
- Object to or restrict processing in certain cases.
- Receive your data in a portable format.
- Withdraw consent at any time, where processing is based on consent.
- Lodge a complaint with your national data protection authority.
You can exercise these rights by contacting us at privacy@setbookgo.com. If your request concerns a booking made with a Merchant, we may forward it to the Merchant as the data controller, and will assist in its handling.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes will be posted on this page and, where appropriate, notified by email. The "Last Updated" date at the top indicates the current version.
13. Contact Us
If you have any questions or requests regarding your personal data, please contact us at:
- Name: Individual Entrepreneur Aleksei Khrebto
- Identification Number: 326136818
- Registration Date: 28/03/2023
- Registered with: LEPL National Agency of Public Registry
- Address: Meskheti Street N31g, Office Space N3, Floor 0, Borjomi, 1200, Georgia
- Email: privacy@setbookgo.com
SETBOOKGO