Skip to content
1. Your Rights Under GDPR 2. How to Exercise Your Rights 3. Data Export 4. Account Deletion 5. Complaints

Your GDPR Rights

Last updated:

The General Data Protection Regulation (GDPR) gives individuals in the European Economic Area (EEA) specific rights over their personal data. This page explains your rights and how to exercise them with Schedio.

Applies to EEA Residents

While we extend many of these rights to all users, GDPR specifically applies to individuals in the European Economic Area, United Kingdom, and Switzerland.

1. Your Rights Under GDPR

1.1 Right to Access (Article 15)

You have the right to:

  • Confirm whether we process your personal data
  • Receive a copy of your personal data
  • Know the purposes of processing
  • Know the categories of data we hold
  • Know who we share your data with
  • Know how long we retain your data

1.2 Right to Rectification (Article 16)

You have the right to have inaccurate personal data corrected and incomplete data completed. You can update most information directly in your account settings.

1.3 Right to Erasure / "Right to be Forgotten" (Article 17)

You have the right to request deletion of your personal data when:

  • The data is no longer necessary for the purpose it was collected
  • You withdraw consent and there's no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • The data must be erased to comply with a legal obligation

Note: This right is not absolute. We may retain certain data if we have a legal obligation or legitimate reason to do so.

1.4 Right to Restrict Processing (Article 18)

You can request that we limit how we use your data when:

  • You contest the accuracy of your data (while we verify it)
  • Processing is unlawful but you don't want deletion
  • We no longer need the data but you need it for legal claims
  • You've objected to processing (while we verify our grounds)

1.5 Right to Data Portability (Article 20)

You have the right to:

  • Receive your data in a structured, commonly used, machine-readable format
  • Transmit that data to another controller
  • Have us transmit your data directly to another controller (where technically feasible)

1.6 Right to Object (Article 21)

You have the right to object to:

  • Direct marketing: We will stop processing your data for marketing purposes immediately upon request
  • Processing based on legitimate interests: We will stop unless we demonstrate compelling legitimate grounds

1.7 Rights Related to Automated Decision-Making (Article 22)

You have the right not to be subject to decisions based solely on automated processing that significantly affect you. Schedio does not currently make automated decisions that produce legal effects or similarly significant effects on individuals.

2. How to Exercise Your Rights

2.1 Self-Service Options

Many actions can be performed directly in your account:

Update Your Information

Edit your profile, business details, and preferences.

Settings → Profile

Download Your Data

Export all your data in a portable format.

Settings → Privacy → Export Data

Manage Communications

Control marketing and notification preferences.

Settings → Notifications

Delete Your Account

Permanently delete your account and data.

Settings → Privacy → Delete Account

2.2 Email Request

For requests that can't be handled through self-service, or if you prefer, email us at:

privacy@schedio.com

Please include:

  • Your full name and email address associated with your account
  • A clear description of the right you wish to exercise
  • Any specific details that will help us process your request

2.3 Verification Requirements

To protect your privacy, we must verify your identity before processing requests. Verification may include:

  • Confirming ownership of the email address associated with the account
  • Answering security questions
  • In some cases, providing government-issued ID (for sensitive requests)

2.4 Response Timeline

We will respond to your request within 30 days. If your request is complex or we receive many requests, we may extend this period by up to two additional months. We will inform you of any extension within the initial 30-day period.

2.5 Cost

Exercising your rights is free. However, if requests are manifestly unfounded or excessive (particularly if repetitive), we may charge a reasonable fee or refuse to act on the request.

3. Data Export

3.1 Available Formats

You can export your data in the following formats:

  • JSON: Machine-readable format, ideal for importing into other systems
  • CSV: Spreadsheet-compatible format, easy to view in Excel or Google Sheets

3.2 What's Included

Your data export includes:

  • Account information: Name, email, business details, settings
  • Appointments: All appointment records you've created or received
  • Customers: Customer records (if you're a Tenant)
  • Services: Service configurations
  • Staff: Staff/provider information
  • Activity logs: Record of actions taken on your account

3.3 Processing Time

Data exports are typically ready within:

  • Small accounts: Within minutes
  • Large accounts: Up to 24 hours

You will receive an email notification when your export is ready for download.

4. Account Deletion

4.1 What Gets Deleted

When you delete your account, we permanently remove:

  • Your user profile and settings
  • All appointments you've created
  • Customer records associated with your account
  • Service and staff configurations
  • Uploaded files and images
  • API keys and integrations

4.2 What We Must Retain

Due to legal obligations, we may retain certain data:

  • Financial records: Transaction history for tax and accounting purposes (typically 7 years)
  • Legal compliance: Data required for legal proceedings or regulatory requirements
  • Fraud prevention: Limited data to prevent fraudulent account re-creation

Retained data is kept secure and is not used for any purpose other than legal compliance.

4.3 Timeline

Phase Timeline Description
Request submitted Day 0 You request account deletion
Grace period 30 days Account deactivated; can be restored if you change your mind
Data deletion Day 31-45 Data permanently deleted from active systems
Backup purge Up to 90 days Data removed from backup systems

4.4 Before You Delete

We recommend you:

  • Export your data first (Settings → Privacy → Export Data)
  • Cancel any active subscriptions
  • Revoke any third-party integrations
  • Notify your customers of the change (if applicable)

5. Complaints

5.1 Contact Us First

If you're unhappy with how we've handled your data or a request, please contact us first. We take all complaints seriously and will work to resolve your concerns:

  • Email: privacy@schedio.com
  • Data Protection Officer: dpo@schedio.com

5.2 Supervisory Authority

If you're not satisfied with our response, you have the right to lodge a complaint with your local data protection authority. For EU residents, you can find your local authority at:

European Data Protection Board - Members List

5.3 For UK Residents

UK residents can contact the Information Commissioner's Office (ICO):

Need Help?

If you have questions about your rights or need assistance, our privacy team is here to help:

  • General privacy questions: privacy@schedio.com
  • Data Protection Officer: dpo@schedio.com
  • Technical support: support@schedio.com

Questions about this policy?

If you have any questions about this document, please contact us.

legal@schedio.com