Privacy Policy
Last updated: May 2026
We take your privacy seriously. This policy explains how PagerSchedule collects, uses, and protects your personal data. We comply with the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR).
1. Introduction
PagerSchedule (“we”, “us”, “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect and use personal data when you use our scheduling platform at pagerschedule.com.
We will only use your personal data in accordance with this policy. Please read it carefully. If you have questions, contact us at legal@pagerschedule.com.
2. Data Controller
PagerSchedule is the data controller responsible for your personal data.
Contact: legal@pagerschedule.com
Website: pagerschedule.com
3. Data We Collect
Account Data
- Name and email address (required to create an account)
- Profile photo (optional)
- Password (stored in encrypted, hashed form — never readable by us)
- Timezone and language preferences
- Username and public profile information
- Connected calendar accounts (OAuth tokens stored encrypted)
Booking Data
- Meeting titles, descriptions, and notes
- Attendee names and email addresses
- Meeting times, durations, and locations
- Video call links (e.g. Zoom, Google Meet)
- Responses to booking form questions
- Cancellation and reschedule history
Usage Data
- Pages and features visited on PagerSchedule
- Device type, browser, and operating system
- IP address and approximate geographic location
- Referring website
- Session duration and interactions
- Error reports and performance data
Payment Data
- Billing name and address
- Payment method details (handled exclusively by Stripe — we never see or store card numbers or full payment credentials)
- Invoice and payment history
Communications Data
- Emails and messages you send to our support team
- Feedback and survey responses
4. How We Use Your Data
We use your personal data to:
- Create and manage your account
- Provide the scheduling and booking service
- Send booking confirmations, reminders, and cancellation notifications
- Process payments and issue invoices
- Send product updates and feature announcements (opt-out available at any time)
- Improve the platform through product analytics
- Detect and prevent fraud, abuse, and security incidents
- Respond to your support enquiries
- Comply with legal obligations
5. Legal Basis for Processing
Under UK GDPR and EU GDPR, we rely on the following legal bases:
- Contract: Processing necessary to provide the Service you have signed up for — account management, bookings, payments
- Legitimate interests: Security monitoring, fraud prevention, product improvement, and ensuring the reliability of the Service
- Consent: Marketing emails and optional analytics tracking. You may withdraw consent at any time
- Legal obligation: Tax records, compliance with applicable laws, responding to lawful requests from authorities
6. Data Sharing and Sub-processors
We share your data only with trusted service providers (“sub-processors”) who process data on our behalf. We have data processing agreements with all sub-processors.
| Provider | Purpose | Location |
|---|---|---|
| Vercel | Hosting and deployment | EU / US |
| Neon / Vercel Postgres | Database storage | European Union |
| Resend | Transactional email delivery | EU / US |
| Sentry | Error monitoring | EU / US |
| PostHog | Product analytics | EU |
| Twilio | SMS notifications | US |
| Stripe | Payment processing | EU / US |
| OpenAI | AI-powered scheduling features | US |
| UptimeRobot | Uptime monitoring | EU / US |
We never sell your data. We never share your personal data with advertisers or any party for their own marketing purposes.
7. Data Retention
- Account data: Retained while your account is active. Deleted within 30 days of account deletion
- Booking data: Retained for 2 years from the date of the booking
- Usage and analytics data: Retained for 12 months
- Payment records: Retained for 7 years as required by tax law
- Backup data: Overwritten within 30 days after account deletion
We may retain data for longer periods where required by law or for legitimate business purposes such as fraud prevention.
8. Your Rights Under GDPR
You have the following rights regarding your personal data:
- Access: Request a copy of the data we hold about you. You can export most data directly from your account Settings
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion of your data. You can delete your account from Settings, or email us
- Restriction: Request that we restrict processing of your data in certain circumstances
- Objection: Object to processing based on legitimate interests
- Portability: Receive your data in a structured, machine-readable format
- Withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior processing
To exercise any of these rights, contact us at legal@pagerschedule.com. We will respond within 30 days.
9. Cookies
We use cookies to operate the Service and understand how it is used. See our full Cookie Policy for details on which cookies we use and how to control them.
10. International Data Transfers
Your data is primarily stored within the European Union. Some of our sub-processors (such as Twilio and OpenAI) process data in the United States. Where data is transferred outside the EU or UK, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.
11. Security
We implement robust technical and organisational measures to protect your data:
- All data encrypted in transit using TLS 1.2 or higher
- All data encrypted at rest using AES-256
- Passwords stored using bcrypt hashing — never stored in plain text
- Regular security audits and vulnerability assessments
- Role-based access controls and audit logs
- Two-factor authentication available for all accounts
- Account lockout after repeated failed login attempts
See our full Security Policy for more details.
12. Children's Privacy
PagerSchedule is not directed at or intended for use by children under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will delete it promptly. If you believe we have inadvertently collected a child's data, please contact us at legal@pagerschedule.com.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Where changes are material, we will notify you by email at least 30 days before they take effect. The current version of this policy is always available at pagerschedule.com/privacy.
14. Contact and Complaints
For any privacy-related questions or concerns:
- Email: legal@pagerschedule.com
- Website: pagerschedule.com
If you are not satisfied with our response, you have the right to lodge a complaint with your national data protection authority. In the UK, this is the Information Commissioner's Office (ICO) at ico.org.uk. In the EU, you may contact the supervisory authority in your country of residence.