Last updated: July 4, 2026
Your privacy matters to us. This Privacy Policy describes how we collect, use, and protect your personal data when you use Kairoo.
The data controller for your personal data is Kairoo, contactable via the contact form available on the platform (on the homepage or in the application sidebar). Data processing is carried out in accordance with Regulation (EU) 2016/679 (GDPR) and applicable national legislation. Full identification of the data controller is available upon request through the contact form.
We collect information you provide directly, namely when you create an account, configure an establishment, create or receive an appointment, or communicate with us. Data categories include: name, email address, phone number (optional), appointment history, and configuration preferences.
When you use Google Sign-In, we receive your name, email address, and profile picture from Google, in accordance with the permissions you grant.
We use essential cookies to operate the Service and, with your consent, analytics cookies (Google Analytics 4) to improve the platform. You can manage your cookie preferences at any time through the settings panel in the Service or by consulting our Cookie Policy.
We process your personal data on the following legal bases under Article 6 of the GDPR:
We use the information collected to:
Your data (name, email, and appointment details) is shared with the establishment where you book an appointment, to enable the delivery of the service. The establishment owner is responsible for the appropriate handling of such data. We do not sell or share personal data with third parties for commercial or advertising purposes.
Kairoo uses the following sub-processors to deliver the Service:
We retain personal data only for as long as necessary for the purposes for which it was collected:
We adopt appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or destruction. No electronic transmission or storage system is completely secure. In the event of a data breach affecting your rights, we will notify the relevant authorities and, where applicable, affected users, within the timeframes required by the GDPR.
Under the GDPR, you have the following rights regarding your personal data:
To exercise any of these rights, please use the contact form available on the platform. We will respond within 30 days. You also have the right to lodge a complaint with the Portuguese Data Protection Authority (CNPD) at www.cnpd.pt.
For questions about this Privacy Policy, please use the contact form available on our homepage or in the application sidebar.