Privacy Policy
(for the Bookcessful.com booking system)

Effective date: 2026-02-20

When the Bookcessful.com booking system (the Service) is used, Bookcessful acts as a data processor for the personal data of your customers (bookers). The business or organisation using the Service acts as the data controller in every case.


1. Data processor details and role

Data processor:
The company operating the Service
Klick Team Kft.
1045 Budapest, Széchenyi tér 10.
01 09 423745
27059021241
hello@bookcessful.com


2. Purpose and legal framework of processing

Bookcessful processes personal data only on the documented instructions of the controller, including settings and actions made through the Service interface. Bookcessful does not determine the purposes or essential means of processing, does not make substantive decisions about your customers' data, and does not use such data for its own marketing purposes. Processing supports in particular:

  1. Creating and managing user accounts
  2. Operating the booking system
    – for administrators
    – for customers making a booking
  3. Providing sign-in and access control
  4. Maintaining contact (notifications, system messages)
  5. Providing security functions
    (password, session handling, audit mechanisms)
  6. Google Calendar integration and synchronization
    Google OAuth is used only to connect a user's Google Calendar to their account in our appointment booking admin interface. After explicit consent, the application receives OAuth tokens and uses the https://www.googleapis.com/auth/calendar.events scope to create, update, and delete booking-related calendar events, and to keep availability synchronized between our system and Google Calendar. OAuth is not used for “Sign in with Google”; it is used exclusively for calendar integration and scheduling sync.

3. Personal data processed

Processing is limited to the fields stored in the Service’s users table:

Field Content Purpose of processing
id Technical identifier User identification
name Full name (optional) User and admin identification; supporting billing and communication processes
email Email address Login, booking notifications
email_verified_at Verification timestamp Security and authentication
password Encrypted password Account login
phone Phone number (optional) Contact, booking notifications
is_admin_global Admin privilege flag Managing admin permissions
remember_token Token enabling automatic sign-in Convenience feature, login session
created_at / updated_at Creation and modification timestamps Technical logging, security audit

The Service does not process special categories of personal data.


4. Legal basis of processing

The legal basis for processing is determined and communicated to data subjects by the business or organisation acting as controller. Bookcessful, as processor, does not determine the legal basis under Article 6 GDPR; it provides the technical operation of the Service and carries out the controller's instructions.


5. Sub-processors

Third parties engaged by Bookcessful for the technical operation of the Service (e.g. hosting, email).
These sub-processors act only under documented agreements, in compliance with GDPR, and only to the extent necessary to perform controller instructions.


6. Storage period


7. Access to data

Access to personal data is restricted to:

Access is role- and account-based within the Service.


8. Security measures

Bookcessful, as processor, protects personal data through multiple layers:

According to information published by DiMa.hu, the servers are located in the modern and secure Dataplex data centre (DiMa.hu – Our servers). Dataplex is a reinforced, protected facility designed to safeguard security-sensitive equipment. Its multi-layer security system is supported by 24/7 security personnel, closed-circuit television inside and outside the building, vibration, door-opening and motion sensors, and alarm systems.

Based on DiMa.hu's published information, the service levels (SLA) for the infrastructure meet the strictest industry standards: power supply and climate control are provided with 99.999% annual availability. Continuous service is supported by uninterruptible power supply, and diesel generators can be started within 3 minutes when needed. The temperature is maintained at 22 °C (+/- 2 °C), and relative humidity at 50% (+/- 10%). Fire detection and nitrogen-based gas fire suppression are available throughout the building, avoiding damage to both the environment and the servers located there.


9. Data subject rights

The data subject has the right to:

Data subject requests should primarily be submitted to the business or organisation acting as controller. Bookcessful assists the controller, as processor, in fulfilling such requests.


10. Remedies

In case of complaints, the data subject may contact:

Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH)
Address: 1055 Budapest, Falk Miksa utca 9–11.
Web: www.naih.hu


11. Other provisions

Bookcessful reserves the right to modify this Privacy Policy.
Changes take effect upon publication within the Service.