1. Introduction
Welcome to Rvoo ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our appointment management platform at rvoo.gr (the "Service").
Data controller: The entity responsible for processing your personal data in connection with the Service is Rvoo. You can contact us at info@rvoo.gr or via our website https://rvoo.gr.
If you have any questions or concerns about this policy or our practices with regard to your personal information, please contact us at info@rvoo.gr.
2. Information We Collect
2.1 Information You Provide
We collect information that you voluntarily provide when using our Service, including:
- Account Information: Name, email address, phone number, company name
- Client Information: Names, contact details, and appointment history of your clients
- Staff Information: Names and contact details of your staff members
- Appointment Data: Appointment schedules, notes, and related information
- Payment Information: Processed securely through Stripe (we do not store credit card details)
2.2 Automatically Collected Information
When you access our Service, we automatically collect certain information, including:
- Usage Data: Pages visited, features used, time spent on the platform
- Device Information: IP address, browser type, operating system
- Cookies and similar technologies: We use cookies and similar technologies for essential operation of the Service. Non-essential cookies (e.g. for analytics) are used only with your consent, which you can give or withdraw via our cookie banner.
3. How We Use Your Information
We use the information we collect for the following purposes:
- To provide, operate, and maintain our Service
- To manage your account and provide customer support
- To process your transactions and send appointment notifications
- To send you technical notices, updates, and administrative messages
- To respond to your inquiries and requests
- To monitor and analyze usage and trends to improve user experience (where we have your consent for non-essential cookies or our legitimate interest applies)
- To detect, prevent, and address technical issues and security threats
- To comply with legal obligations
- To send you marketing or promotional communications only where you have given prior consent; you may withdraw that consent at any time
4. How We Share Your Information
We do not sell your personal information. We may share your information in the following situations:
- Service Providers: We share information with third-party service providers who perform services on our behalf (e.g., Clerk for authentication, MongoDB for data storage, Stripe for payments, Resend for email notifications)
- Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities
- Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business
- With Your Consent: We may share your information for any other purpose with your consent
5. Data Security
We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit using SSL/TLS
- Secure authentication through Clerk
- Regular security assessments and updates
- Access controls and authentication requirements
- Multi-tenant data isolation to ensure organization data separation
However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
6. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or regulatory purposes.
7. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
- Access: Request access to your personal information
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information
- Data Portability: Request a copy of your data in a structured, machine-readable format
- Objection: Object to our processing of your personal information
- Restriction: Request restriction of processing your personal information
- Withdraw consent: Where we rely on your consent (e.g. for marketing or non-essential cookies), you may withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal
- Lodge a complaint: You have the right to lodge a complaint with a supervisory authority in your country of residence. In Greece, this is the Hellenic Data Protection Authority (HDPA), www.dpa.gr. For other EEA countries, see EDPB members.
To exercise these rights, please contact us at info@rvoo.gr. We will respond to your request within 30 days.
8. GDPR Compliance (EU Users)
If you are located in the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR). We process your personal information based on the following legal grounds:
- Contract Performance: Processing necessary to provide our Service to you
- Legitimate Interests: Processing for our legitimate business interests (e.g., improving our Service, security, analytics in accordance with your cookie choices)
- Consent: Where you have given explicit consent (e.g. marketing communications, non-essential cookies)
- Legal Obligation: Where required by law
We do not use your personal data for automated decision-making or profiling that produces legal effects or similarly significantly affects you.
9. Children's Privacy
Our Service is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@rvoo.gr.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence (including, for example, where our service providers operate). Where such transfers are outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
- Transfers to countries recognised by the European Commission as providing an adequate level of data protection
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Other mechanisms permitted under applicable data protection law
We take these measures so that your personal information remains protected in accordance with this Privacy Policy and applicable law.
11. Third-Party Links
Our Service may contain links to third-party websites or services that are not owned or controlled by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes. Changes are effective when posted on this page.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: