Privacy Policy

1. Who We Are

Oviee operates a booking and payment-enablement platform for independent freelancers and service businesses. Depending on the context, Oviee may act as a data controller, joint controller, or processor. Providers using Oviee may also be independent controllers of customer data for services they deliver.

2. Categories of Personal Data We Collect

• Identity and contact data: name, email address, phone number, and account identifiers.
• Booking and service data: booking history, selected services, appointment date/time, notes, and policy acknowledgements.
• Payment and transaction data: tokenized payment references, transaction status, dispute/chargeback events, and related records.
• Provider profile data: business profile details, services, availability, settings, and booking policy configuration.
• Support and communication data: support messages, email/chat/call summaries, and issue resolution records.
• Technical and usage data: IP address, device/browser metadata, cookies, app events, logs, and diagnostics.
• Marketing preference data: consent and opt-out records for marketing communications.

3. How We Collect Data

• Directly from you when you create an account, make a booking, complete checkout, or contact support.
• From Providers when they configure profiles, services, policies, and booking workflows.
• From payment processors and service integrations as part of transaction processing and risk controls.
• Automatically via cookies, server logs, analytics events, and device/browser telemetry.

4. Why We Use Personal Data

Key takeaway: we use your data to operate bookings/payments, provide support, prevent abuse, and improve the Platform.

• To create and manage user accounts and authenticate access.
• To process bookings, confirmations, reminders, cancellations, and related communications.
• To process payments, detect fraud, manage disputes, and reconcile financial records.
• To support Providers with scheduling, business operations, and booking link features.
• To deliver customer support and troubleshoot technical issues.
• To improve product functionality, security, reliability, and performance.
• To send service updates and, where permitted, marketing communications.
• To enforce platform terms, investigate abuse, and comply with legal obligations.

5. Lawful Bases (UK GDPR)

• Contract: where processing is necessary to provide the Platform and perform booking/payment workflows.
• Legitimate interests: service improvement, fraud prevention, security, and operational analytics.
• Legal obligation: compliance with tax, accounting, anti-fraud, and lawful authority requests.
• Consent: where required for marketing and certain cookie/analytics categories.

We will only send marketing communications if you have opted in, where opt-in is required by law. You can opt out at any time.

6. Who We Share Data With

We share personal data only where necessary and proportionate, including with:

• Providers you book with, so they can deliver and manage your services.
• Payment processors (for example Stripe) and finance/compliance vendors.
• Cloud hosting, database, messaging, and infrastructure providers.
• Analytics and monitoring providers used to operate and improve the Platform.
• Professional advisers (legal, audit, accounting) where required.
• Regulators, law enforcement, or courts where required by law.
• Potential acquirers/investors in a merger, acquisition, or asset sale context.

7. International Data Transfers

We may process data in locations outside the UK where our providers operate. When we transfer personal data internationally, we apply appropriate safeguards (for example standard contractual clauses or equivalent legal mechanisms) as required by data protection law.

8. Payment Processing

Payments are processed by specialist third-party providers. Oviee does not store full payment card numbers.

• Payment providers process card/payment details under their own privacy notices.
• Oviee may store pseudonymized payment references, brand, and last 4 digits where provided.
• Payment data is used for booking confirmation, settlement, refunds, anti-fraud, and dispute handling.

Third-party provider policies may apply, including Stripe Privacy Policy.

9. Data Retention

We retain personal data only for as long as needed for operational, contractual, legal, and compliance purposes. Typical retention depends on data type, account status, disputes, and legal obligations. Some records may be retained longer where required for fraud prevention, legal claims, tax/accounting, or regulatory reasons.

10. Security and Integrity

We implement technical and organizational measures to protect personal data, including access controls, encryption in transit, logging, and monitoring. No internet-based system is completely secure.

You are responsible for safeguarding your credentials and notifying us promptly if you suspect unauthorized access.

Where required by law, we will notify affected users and relevant regulators in the event of a personal data breach.

11. Automated Decisions and Risk Controls

We may use automated signals (for example anomaly and fraud indicators) to protect users, bookings, and payments. These controls may influence risk scoring, verification checks, and whether certain actions are delayed, reviewed, or blocked.

12. Your Privacy Rights

Subject to applicable law, you may request:

• Access to a copy of personal data we hold about you.
• Correction of inaccurate or incomplete data.
• Deletion of data in circumstances allowed by law.
• Restriction of processing while issues are reviewed.
• Objection to certain processing (including direct marketing).
• Data portability where technically and legally applicable.
• Withdrawal of consent where processing relies on consent.

You may also lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe your data rights have been infringed.

13. Provider-Controlled Data

Providers using Oviee may independently control personal data they collect (for example consultation notes, service-specific preferences, and direct communications). For those activities, the Provider may be a separate controller and their own privacy terms may apply.

14. Cookies and Similar Technologies

We use cookies and similar technologies for essential functionality, security, analytics, and service improvement. Where required by law, non-essential cookies are used only after consent. You can manage cookie preferences via browser settings and cookie controls where provided.

Analytics providers may have separate privacy notices, including Google Privacy Policy.

15. External Links and Third-Party Sites

The Platform may contain links to external sites. Oviee is not responsible for the privacy practices of third parties. Please review their policies before submitting personal data.

16. Children

The Platform is not intended for children under 18. We do not knowingly collect personal data from children. If you believe a child has provided data to us, contact us so we can investigate and remove it where appropriate.

17. Changes to This Privacy Policy

We may update this policy from time to time. Material changes will be published here with an updated effective date. Continued use of the Platform after changes means you accept the updated policy.

18. Contact Us

Privacy requests: privacy@oviee.uk
Data queries and support: support@oviee.uk
Legal notices: legal@oviee.uk

Important Note

This Privacy Policy is a practical launch framework and does not replace jurisdiction-specific legal advice.