Niyon Niyon Home
Privacy Policy

Privacy Policy

Last updated: February 18, 2026

This Privacy Policy explains how Niyon ("Niyon", "we", "us") collects, uses, and protects information when you use our scheduling product.

Data controller

The data controller responsible for your personal data is:

Who this applies to

  • Owners (businesses) who create an account and manage services/bookings.
  • Customers who book appointments through an owner's public booking link.

Data we collect

Owner account data

  • Name and email address
  • Optional business profile information (business name, location, phone, website, bio)
  • Timezone and locale preferences
  • Subscription and billing information (processed by Stripe)

    • Booking and customer data

  • Customer name, email, and phone number (entered on booking)
  • Service selected and appointment time
  • Booking status and history
  • IP address and device information (for security and analytics)

    • Google Calendar data (if connected)

  • Calendar availability (free/busy times) to block slots
  • Event details when we sync confirmed bookings to your calendar
  • We do not read or store other calendar events

    • How we use your data

  • To provide the booking and scheduling service
  • To send transactional emails (confirmations, reminders, cancellations)
  • To process payments (via Stripe)
  • To sync appointments with your Google Calendar (if enabled)
  • To improve and secure the service
  • To comply with legal obligations

    • Legal basis for processing

    We process your personal data under the following legal bases (GDPR Article 6):

  • Contract: Processing necessary to provide the service you signed up for.
  • Legitimate interest: Security monitoring, fraud prevention, service improvement.
  • Legal obligation: Compliance with tax, accounting, and other legal requirements.
  • Consent: For optional features like marketing communications (you can withdraw consent anytime).

    • Data sharing and third parties

    We share data only with services essential to running Niyon:

  • Stripe (payments) — processes subscription payments securely.
  • Resend (email) — sends transactional emails on our behalf.
  • Google Calendar API — syncs appointments if you connect your calendar.
  • Hosting providers — servers located in the EU (Netherlands/Germany).

    • We do not sell your data. We do not share data with advertisers.

    Data retention

  • Account data: Retained while your account is active. Deleted upon account deletion request.
  • Booking data: Retained for 3 years after the appointment date for business records, then deleted.
  • Payment records: Retained for 7 years as required by tax law.
  • Logs and analytics: Retained for up to 12 months.

    • Your rights

    Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict processing
  • Data portability (receive your data in a structured format)
  • Object to processing based on legitimate interest
  • Withdraw consent at any time

    • To exercise your rights, contact us at [email protected]. We will respond within 30 days.

    Cookies

    We use essential cookies for authentication and session management. We do not use third-party tracking cookies. See our cookie consent banner for details.

    Security

    We implement appropriate technical and organizational measures to protect your data:

  • HTTPS encryption for all data in transit
  • Encrypted database storage
  • Regular security updates and monitoring
  • Access controls and authentication

    • International transfers

    Your data is stored and processed in the European Union. If we transfer data outside the EU/EEA, we ensure appropriate safeguards (e.g., Standard Contractual Clauses).

    Children's privacy

    Niyon is not intended for use by children under 16. We do not knowingly collect data from children.

    Changes to this policy

    We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the service. Continued use after changes constitutes acceptance.

    Contact us

    For privacy-related questions or to exercise your rights:

    We use cookies to improve your experience and analyze site traffic. By clicking "Accept", you consent to our use of cookies. Learn more