Resend (email) — sends transactional emails on our behalf.
Google Calendar API — syncs appointments if you connect your calendar.
Hosting providers — servers located in the EU (Netherlands/Germany).
We do not sell your data. We do not share data with advertisers.
Data retention
Account data: Retained while your account is active. Deleted upon account deletion request.
Booking data: Retained for 3 years after the appointment date for business records, then deleted.
Payment records: Retained for 7 years as required by tax law.
Logs and analytics: Retained for up to 12 months.
Your rights
Under GDPR, you have the right to:
Access your personal data
Rectify inaccurate data
Erase your data ("right to be forgotten")
Restrict processing
Data portability (receive your data in a structured format)
Object to processing based on legitimate interest
Withdraw consent at any time
To exercise your rights, contact us at [email protected]. We will respond within 30 days.
Cookies
We use essential cookies for authentication and session management. We do not use third-party tracking cookies. See our cookie consent banner for details.
Security
We implement appropriate technical and organizational measures to protect your data:
HTTPS encryption for all data in transit
Encrypted database storage
Regular security updates and monitoring
Access controls and authentication
International transfers
Your data is stored and processed in the European Union. If we transfer data outside the EU/EEA, we ensure appropriate safeguards (e.g., Standard Contractual Clauses).
Children's privacy
Niyon is not intended for use by children under 16. We do not knowingly collect data from children.
Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the service. Continued use after changes constitutes acceptance.
Contact us
For privacy-related questions or to exercise your rights: