Privacy Policy

We collect the information needed to provide the Lynna service. This includes account details (name, email address, authentication credentials, and the timestamp of your agreement to these terms), organisation and workspace configuration, service and pricing definitions, booking policy data, appointment records, customer contact details entered by workspace owners, calendar metadata, and technical information such as activity logs and session data.

If your workspace uses connected messaging channels, we also process the content of conversations initiated through those channels (customer messages, booking requests, and automated responses) for the purpose of delivering the booking assistant.

We use information to operate the platform, authenticate users, manage bookings, deliver appointment reminders, sync with connected calendar providers, process payments, prevent abuse, provide support, and maintain the security and reliability of the service.

We may use aggregated or de-identified data to understand how the platform is used and to improve product workflows, provided that information does not reasonably identify a specific person or business.

We share information with the following third-party service providers under Data Processing Agreements. Each provider receives only the data necessary to perform their function.

We apply fixed retention periods to all categories of personal data:

Depending on where you are located, you may have the right to access, correct, delete, restrict, object to, or receive a portable copy of the personal data we hold about you.

You can download a copy of your personal data (account details, organisation memberships, bookings, and active sessions) in machine-readable JSON format from your account settings page. To request account deletion, go to Account settings and follow the account closure steps. For all other data requests or questions, contact us using the details in the Contact section below.

We apply technical and organisational safeguards to protect personal data against unauthorised access, disclosure, alteration, and destruction. However, no system can guarantee absolute security. You are responsible for maintaining the security of your login credentials and for managing who has access to your workspace.

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours where required by law, and will notify affected individuals if the breach poses a high risk to their rights and freedoms.

Lynna and its subprocessors operate infrastructure in multiple countries. Where personal data is transferred outside the country in which it was collected, we take steps to ensure appropriate safeguards are in place in accordance with applicable data protection law.

We may update this policy as the product evolves, as integrations change, or as legal requirements change. When material changes are made we will update the date at the top of this page. Continued use of the service after an update takes effect constitutes acceptance of the revised policy.

For data protection queries, to exercise your rights under applicable privacy law, or to report a concern, contact us through the support channel available in your workspace settings.

If you are located in the EU or EEA and believe we have not handled your data correctly, you have the right to lodge a complaint with your local supervisory authority.