Privacy Policy

This Privacy Policy explains how QueBooking ("we", "our", or "us") collects, uses, and protects your personal and business data when you use our business platform to manage appointment tokens and bookings. We are committed to complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable UK privacy laws.

1. Who We Are

QueBooking is a UK-based company providing an online appointment token management system for businesses. We act as the Data Controller for the information you provide through our Business Website and applications.

2. What Personal and Business Data We Collect

• Business contact details (name, email, phone number)
• Employee user information for platform access
• Booking and appointment records
• Device, IP address, browser type
• Cookies and usage data (see our Cookie Policy)

3. Legal Basis for Processing

We process your data under the following legal bases:

• Contract – to provide you with our appointment token and booking management services.
• Legal obligation – to comply with UK laws and regulations.
• Legitimate interests – to improve and secure our platform.

4. How We Use Your Data

• To enable your business to manage appointment tokens and bookings
• To communicate important updates and notifications
• To provide customer support and respond to enquiries
• To monitor and improve our platform's performance and security
• To comply with legal and regulatory requirements

5. Data Sharing and Third Parties

We may share your data with:

• Service providers supporting our platform (hosting, analytics, notifications)
• Regulatory or legal authorities as required by law
• Third parties when legally obligated or with your consent

All third parties are required to process your data in compliance with UK GDPR.

6. Data Retention

We retain your data only as long as necessary to provide our services or as legally required. After this period, data is securely deleted or anonymised.

7. Your Rights

Under UK GDPR, you have rights including to:

• Access the personal and business data we hold about you
• Request correction of inaccurate data
• Request deletion of data where applicable
• Object to or restrict certain processing activities
• Withdraw consent where it applies
• Data portability in certain circumstances

To exercise your rights, please contact us at: policies@quebooking.com

8. International Transfers

If your data is transferred outside the UK, we ensure appropriate safeguards such as UK ICO-approved standard contractual clauses (SCCs) are in place.

9. Cookies

We use essential and analytical cookies..

10. Camera Access

Our mobile application may request access to your device’s camera solely to scan QR codes related to appointments and bookings. This functionality is essential for checking in users, verifying tokens, or accessing booking-related information efficiently.

Camera access is limited to real-time scanning and does not involve storing or transmitting any images or video data. We do not access your photo library or record video. No camera data is stored on our servers or shared with third parties.

By using the QR scanning feature, you consent to this limited use of the device’s camera. You may revoke camera permissions at any time through your device settings, though this may disable QR-related functionality.

11. Location Access

Our application may request access to your device’s location (via GPS or network-based services) solely for the purpose of capturing the shop’s coordinates during the shop registration process. This helps verify the shop’s physical address and improve the accuracy of our listings.

Location access is requested only when required and is never collected or tracked continuously. We do not use your location for analytics, advertising, or background tracking.

The captured location is stored securely with the shop profile and is not shared with third parties. You may choose to deny location access; however, manual input of shop coordinates or address may then be required.

12. Account Deletion Policy

You may request deletion of your business account at any time from the Profile section within the app. When you initiate this request, the following terms apply:

a. Deletion Request Flow

• Upon submitting a deletion request, your account enters a pending deletion state.
• You will be logged out of all sessions for security purposes.
• A 7-day grace period begins from the time of your request.

b. Grace Period and Reversal

• If you do not log in during this period, your business account and associated data will be permanently deleted.
• If you log in within 7 days, the deletion request is automatically cancelled.

c. Final Deletion

After 7 days, deletion is irreversible. All business-related data — including user profiles, appointment history, and credentials — will be securely removed from our systems.

d. How to Cancel a Deletion Request

Simply log back into your account within 7 days. Your request will be automatically voided without any additional action.

e. Legal and Backup Retention

In some cases, anonymized or legally required data may be retained for compliance, in accordance with the UK GDPR and other relevant regulations.

13. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always be available here with the effective date updated accordingly.

14. Contact Us

If you have any questions or concerns about this policy or your data, please contact:

You may also contact the Information Commissioner's Office (ICO) at ico.org.uk if you are not satisfied with our response.