Privacy policy
Last updated: May 18, 2026
Introduction
Appointa is a service provided by the owner of appointa.hr acting as data controller. This policy describes what data we collect, why, and your rights under GDPR.
What we collect
β’ Account: name, email, hashed password. β’ Salon data (for salon owners): name, contact, hours, services, staff, clients, appointments. β’ Technical: IP address, user-agent, server error logs.
Third parties (data processors)
| Name | Purpose | Data location |
|---|---|---|
| Better Auth | Authentication and sessions | EU (self-hosted, Hetzner DE) |
| Resend | Transactional email (confirmations, reminders) | EU + US |
| Hetzner Online GmbH | Database and application hosting | EU (Falkenstein, DE) |
| Cloudflare | DNS, CDN, DDoS protection | Global (DPA + SCC) |
Your rights
You have the right to access, rectify, erase, port, and object to processing. Account deletion is available in settings β we anonymize PII and retain appointments only as required for accounting/tax purposes.
Contact
Privacy questions: info@appointa.hr. Supervisory authority for Croatia: AZOP (azop.hr).