Privacy Policy
The following Book Me Innovations LLP. (this includes its affiliated
companies and subsidiaries, collectively, “Book Me” ,“our,” “we,” or “us”) is
a service provider platform which offers various services, including
connecting users with service providers in industries such as hair salons, nail
salons, barbershops, pet services, event planning, and more. At Book Me, we
are committed to protecting the privacy and security of our consumers’ and
users’ personal data. We are committed to transparency, accountability and
confidentiality of your data. This is why our Privacy and Cookie Policy
(“Privacy Policy”) describes how we collect, use, store, share, and protect
personal data from Application Visitors, Book Me Users, and/or Vendors
(“Data Subjects”) who engage with our services. It applies to our Application
and all related sites, applications, services and tools (collectively, our
“Services”).
While our services are primarily designed for businesses and organisations
(“Merchants”), we recognise that individual consumers may interact with us
through Merchants or website visits. We are committed to responsibly
processing personal data for everyone involved. We generally process
personal data at the direction of and on behalf of Merchants. When we do, we
do so as a service provider or a “Data Processor” to those Merchants, but we
do not control and are not responsible for the privacy practices of those
Merchants. If you are a Customer of a Book Me Merchant, you should read
that Merchant’s Privacy Policy and direct any privacy inquiries to that
Merchant.
This Privacy Policy does not apply to services not owned or controlled by
Book Me, including third-party websites and the services of Book Me’s
Merchants. This Privacy Policy applies to all forms of systems, operations and
processes within the Book Me environment that involve processing personal
data.
While offering the Services to you, Book Me may create different products as
part of the Services.
When you opt in to use one of our products, we will use your data for specific
purposes, such as providing and improving the service. We may also share
your data with subprocessors and partners, but only as necessary to offer the
service you have opted into. We will handle your personal data in line with
the purposes and methods outlined in this Privacy Policy.
1. THE INFORMATION WE COLLECT
The personal data we collect depends on how you interact with us, the
services you use, and the choices you make. We may collect information from
different sources and in various ways, including information you provide
directly, information collected automatically, third-party data sources, and
data we infer or generate from other data.
1.1 Personal Data You Provide Directly
We collect personal data you provide to us. For example:
Contact information: As part of our operations, Book Me may collect
information such as your name, telephone number, email address, address,
etc. to provide you with certain services.
Payment information: If you make a purchase or other financial transaction,
such as when you checkout with a third party or Merchant’s website, your
credit card numbers, financial account information, and other payment details
may be collected.
Communications: If you contact us directly, for example, with an inquiry or a
support request, we may receive additional personal data about you,
including your email address and the content of your communications.
1.2 Personal Data We Collect Automatically
Device Information: We receive information about the device and software
you use to access our Services, including Internet Protocol (IP) address, web
browser type, operating system version, and device identifiers.
Usage Information: To help us understand how you use our Services,
including the Demo portion of our Application (if any), and to help us
improve them, we automatically receive information about your interactions
with our Services. This information includes records of your transactions and
information about your other activities related to our services, such as the
date and time of your sessions, the pages you view, links to/from any page,
and time spent in a session. Some of the data we gather through cookies and
similar technologies as discussed below.
Location Information: We may collect or infer your general location
information when you use our Services. For example, your IP address may
indicate your general geographic region, which will be matched against our IP
whitelist.
1.3 Personal Data That We Receive from Others
Partners: We may retrieve additional personal data about you from third
parties and other identification/verification services, such as your financial
institution and payment processor. We may combine that data with other
information we have about you.
Publicly available sources: We may also gather additional data about you
from public sources of information, such as open government databases.
Inferences: We may infer additional Personal Data based on the Personal
Data described above. For example, we may infer your interests for website
visitors based on the web pages you view.
When you are asked to provide personal data, you may decline. And you may
use web browser or operating system controls to prevent certain types of
automatic data collection. But if you choose not to provide or allow
information necessary for certain services or features, those services or
features may not be available or fully functional.
2. HOW WE USE PERSONAL INFORMATION
We use the Personal Data we collect to:
i. Provide you with the required services in addition to related products
and services of interest,
ii. Respond to your questions or requests,
iii. Improve features and Application content, and analyse data to develop
products and services,
iv. Address inappropriate use of our Application,
v. Prevent, detect and manage risk against fraud and illegal activities
using internal and third-party screening tools,
vi. Send you marketing content, newsletters and service updates curated
by Book Me (only with your explicit consent),
vii. Verify your identity and the information you provide in line with Book
Me’s statutory obligations using internal and third-party tools,
viii. Maintain up-to-date records,
ix. Resolve disputes that may arise, including investigations by law
enforcement or regulatory bodies,
x. Any other purpose that we disclose to you in the course of providing
Book Me services to you.
3. HOW WE SHARE PERSONAL DATA
Book Me does not sell, trade or rent personal data to anyone. Further, we will
not share or disclose your data with or to a third party without your consent
except as necessary to provide the Services or as described in this Privacy
Policy.
Service providers: We share personal data with vendors or agents working
on our behalf for the purposes described in this statement. For example,
companies we’ve hired to provide customer service support, to protect and
secure our systems and services, or to perform sanctions screening and
identity verification services may need access to personal data to provide
those functions. The processing by such third parties shall be governed by a
written contract with Book Me to ensure adequate protection and security
measures are put in place for the protection of personal data in accordance
with the terms of this Privacy Policy.
Financial services & payment processing: When you provide payment data,
for example, to make a purchase, your payment and transactional data may
be shared by the payment platforms with banks and other entities as
necessary for payment processing, fraud prevention, credit risk reduction, or
other related financial services.
Affiliates: We enable access to personal data across our subsidiaries, affiliates,
and related companies, for example, where we share common data systems or
where access is needed to provide services and operate our business.
Partners: We may share your data with companies we partner with for
industry networking events, mixers, and other learning and development
opportunities, but only with your explicit consent and with the option to opt
out.
Corporate transactions: We may disclose personal data as part of a corporate
transaction or proceeding such as a merger, financing, acquisition,
bankruptcy, dissolution, transfer, divestiture, or sale of all or a portion of our
business or assets.
Legal and law enforcement: We may access, disclose, and preserve personal
data in accordance with applicable law and when we believe that doing so is
necessary to comply with applicable law or respond to valid legal processes,
including from law enforcement or other government agencies.
Security, safety, and protecting rights: We will disclose personal data if we
believe it is necessary to:
i. Protect our Users and others, for example, to prevent fraud or to help
prevent the loss of life or serious injury of anyone;
ii. Operate and maintain the security of our services, including to prevent
or stop an attack on our computer systems or networks; or
iii. protect the rights or property or ourselves or others, including enforcing
our agreements, terms, and policies.
We leverage third-party analytics to analyse personal data collected through
our application, including account information, marketing and
communications data, demographic data, content and files, geolocation data,
usage data, and inferences associated with identifiers and device information
(such as cookie IDs, device IDs, and IP address) as described in the Cookies
section of this statement. This data is aggregated and enables us to perform
analytics and track the performance of our Application.
Finally, we may share de-identified information in accordance with applicable
law.
Please note that merchants, sellers, and other Users you buy from or contract
with have their respective privacy policies, and although Book Me’s Terms of
Use does not allow the other transacting party to use your information for
anything other than as authorised by you, Book Me is not responsible for their
actions, including their data protection practices. If you provide personal data
to any of those third parties or allow us to share personal data with them, that
data is governed by their privacy policies.
4. COOKIES
We and our partners use cookies and similar technologies on our Application
to help collect information and operate the Application. We use cookies to
remember Users and make your user experience easier; customise our
services, content and advertising; help you ensure that your account security
is not compromised; mitigate risk and prevent fraud; and to promote trust
and safety on our Application. Cookies are small text files placed by a
website/application and stored by your Application on your device. You can
learn more about the types of cookies we use through the Cookie Banner on
our Application.
Our cookies hold a unique random reference to you so that once you visit our
platform, we can recognise who you are and provide certain content to you.
Most web browsers are set to accept cookies by default. You can go to your
browser settings to learn how to delete or reject cookies. If you choose to
delete or reject cookies, this may impact your experience using our website.
5. HOW WE PROTECT YOUR INFORMATION
Book Me has established adequate technical and organizational controls to
protect the integrity and confidentiality of personal data, both in digital and
physical format and to prevent personal data from being accidentally or
deliberately compromised.
Book Me is committed to managing your data in line with applicable data
protection laws and best practices. We protect your data using physical,
technical, and administrative security measures to reduce the risks of loss,
misuse, unauthorised access, disclosure and alteration, we also use industryrecommended
security protocols to safeguard your data. Other security
safeguards include but are not limited to data encryption, firewalls, and
physical access controls to our building and files. They only grant access to
personal data to employees who require it to fulfil their job responsibilities.
Employees may have access to personal data only as is appropriate for the
type and scope of the task in question and are contractually forbidden to use
personal data for their own private or commercial purposes or to disclose
them to unauthorised persons, or to make them available in any other way.
Personal Data Breach
At Book Me, we take the security of personal data seriously and have
implemented measures to prevent data breaches from occurring. However, in
the event of a data breach, we have established procedures for reporting and
managing incidents. Book Me also maintains a data breach procedure to deal
with incidents concerning personal data or practices leading to the accidental
or unlawful destruction, loss, alteration, unauthorised disclosure of, or access
to, personal data transmitted, stored or otherwise processed. You may contact
our Data Protection Officer (DPO) upon becoming aware of any breach of
personal data or if your access credentials have been compromised to enable
us to take the necessary steps towards ensuring the security of your data or
account.
When we become aware of a data breach that affects personal data, we will
notify the affected individuals and relevant authorities in accordance with
applicable data protection laws and regulations. The notification will include
the following information: The notification will include the following
information:
i. A description of the nature of the data breach, including the categories
of personal data involved
ii. The likely consequences of the data breach
iii. The measures taken or proposed to be taken by Book Me to address the
data breach, including any measures to mitigate its possible adverse
effects
We will notify affected individuals without undue delay, but no later than 72
hours after becoming aware of the data breach, unless there are exceptional
circumstances that prevent us from doing so. We will also record any data
breaches and provide this information to the relevant authorities upon
request.
We encourage all users and customers to take reasonable steps to protect their
data, such as using strong passwords, regularly updating their account
information, and reporting any suspicious activity to us immediately.
We will report any breaches that will compromise your rights and freedoms
to the Relevant Authority within 72 hours of discovery.
6. STORAGE LIMITATION
We will retain your information for the following periods:
i. As long as reasonably necessary for providing our services to you
ii. For the duration your account is active (if applicable) and we have your
consent
iii. For the period needed to comply with our legal and statutory
obligations
iv. As needed to verify your information with a financial institution
Upon expiration of the applicable storage limitation periods, we will delete,
erase, anonymise or pseudonymise any information we hold about you.
This Privacy Policy also applies when we retain your Personal Information
after our relationship ends. We may also retain your Personal Information for
the duration of any period necessary to establish, exercise or defend any legal
rights. We may keep Personal Information indefinitely in a de-identified
format for statistical purposes, which may include, for example, statistics of
how you use the Services.
7. TRANSFER OF DATA
As part of our service provision, we may rely on third-party servers, resident
in foreign jurisdictions, which constitutes transferring your data to computers
or servers in foreign countries. We take steps designed to ensure that the data
we collect under this Privacy Policy is processed and protected according to
the provisions of this Policy and applicable law, wherever the data is located.
At Book Me, we take the security of personal data seriously. When personal
data needs to be transferred to a country outside of Nigeria, we implement
adequate measures to ensure the data remains secure. We comply with all
relevant data protection regulations and guidelines to ensure that personal
data is always protected. Specifically, we use contractual terms to ensure that
the personal data is adequately protected or that the country to which the data
is being transferred has adequate data protection laws in place. We take
additional measures to ensure that the country to which the data is being
transferred meets our standards for data protection.
Should you wish to transfer your personal data to a country deemed to have
inadequate data protection laws, Book Me will take all necessary steps to
ensure that it is transferred under relevant, appropriate safeguards, and
where relevant, with your informed consent, and that you are made aware of
the risks associated with such a transfer. In any instance, Book Me will ensure
personal data is transmitted safely and securely. Details of the protection
given when your data is transferred abroad and details of the basis of such
transfers shall be provided to you upon request.
8. GROUNDS FOR PROCESSING OF PERSONAL DATA
Processing of Personal Information by Book Me will be lawful if one of the
following applies:
i. The Data Subject has given consent to the processing of his/her
Personal Information for one or more specific purposes. You can revoke
your consent by closing your Book Me account (where applicable)
and/or by emailing us;
ii. The processing is necessary for the performance of a contract to which
the Data Subject is party or to take steps at the request of the Data
Subject prior to entering into a contract;
iii. Processing is necessary for compliance with a legal obligation to which
Book Me is subject;
iv. Processing is necessary for legitimate interests pursued by Book Me or
by a third party, except where such interests are overridden by the
interests or fundamental rights and freedoms of the data subject, which
require the protection of personal data; and
v. Processing is necessary for the performance of a task carried out in the
public interest or in exercise of official public mandate vested in Book
Me.
9. CHOICES AND RIGHTS
At Book Me we respect the rights of our customers and users, and we allow
you to exercise them under the applicable data protection laws and
regulations. Individuals who have Personal Information held by Book Me are
entitled to reach out to Book Me to exercise the following rights:
i. Right to request for and access any Personal Information collected and
stored by Book Me. This right allows you to request a copy of your
personal information held by Book Me. To exercise this right, you can
submit a request to the Data Protection Officer (DPO) or to our Data
Subject Rights Team at bookmebusinessservice@gmail.com;
ii. Right to be informed regarding the use of your Personal Information;
iii. Right to be informed about appropriate safeguards in place whenever
your personal information is transferred abroad;
iv. Right to object to automated decision making and processing. You have
the right to object to the processing of your personal information and to
exercise this right you can submit a request to the DPO or our Data
Subject Rights Team;
v. Right to request rectification and modification of Personal Information
whenever you want us to correct your inaccurate or incomplete
personal information which Book Me keeps;
vi. Right to request the deletion of their personal information;
vii. Right to request the movement of your personal information from Book
Me to a third party – this is the right to the portability of data;
viii. Right to revoke consent;
ix. Right to object to direct marketing, and to request that Book Me restricts
the processing of their information; and
x. Right to submit a complaint to the Nigeria Data Protection Commission
(NDPC).
Your request will be reviewed and answered by Book Me’s Data Protection
Officer within a 30-day period.
10. COMPLIANCE TO CHILDREN’S PRIVACY
Our Services are all directed to people at least 18 years old or older.
We do not knowingly collect any “personal data” (as defined by the Nigeria
Data Protection Regulation) from anyone under 18 without valid parental
consent. If we become aware that we have collected such personal data
without parental consent, we will take reasonable steps to delete it as soon as
possible.
11. CHANGES TO THIS PRIVACY POLICY
We may need to update, modify or amend our Privacy Policy as our
technology evolves and as required by law. If we materially change how we
use or share personal data previously collected from you through our
Services, we will provide notice or obtain consent regarding such changes as
may be required by law. The Privacy Policy will apply from the effective date
provided on our website.
12. POLICY VIOLATIONS
Any violation of this Privacy Policy should be brought to the attention of the
Data Protection Officer (details below) for appropriate sanctioning and
treatment.
13. CONTACT PAYSTACK’S DATA PROTECTION OFFICER (DPO)
If you have any questions relating to this Privacy Policy or would like to find
out more about exercising your data protection rights, please reach out to our
DPO via email at bookmebusinessservice@gmail.com.