Privacy Policy

How we handle your personal data and the personal data of your clients. In line with Law ZRU-547 "On Personal Data".

Last updated: 2026-05-23 · Version 1.0-draft

Draft — pending legal review

This document is the current working draft (version 1.0-draft, effective 2026-05-23). It was prepared under the laws of the Republic of Uzbekistan but has not yet been formally approved by a licensed attorney. Changes are possible in the final version, and we will ask you to re-accept it.

1. Who we are

REALCODE MCHJ, STIR 311709011 (the "Company", "we"). Contact: hello@book4me.uz. Data-protection contact: hello@book4me.uz.

2. Scope

This policy applies to book4me.uz visitors, account users, and (as processor) to the tenants' clients.

3. What we collect

Account data: name, email, phone number.

Tenant business data: salon name, staff, services, schedule, bookings.

Tenant clients' personal data (only as processor, on the tenant's behalf): name, phone, visit history.

Technical data: IP, device, CF-IPCountry header, session cookies, analytics.

Contact-form submissions.

4. Purpose and legal basis

To provide the Service, billing, support, security, legal compliance, and to act on the tenant's documented instructions (as processor).

5. Controller vs processor

For tenant clients' data: the tenant is controller, we are processor.

For account/website data: we are controller.

6. Cookies and analytics

We use privacy-friendly analytics (Plausible). Essential cookies only: NEXT_LOCALE (language choice), session cookies, security. No marketing or tracking cookies.

7. Sharing and sub-processors

The Company processes data using the following approved sub-processors: Hetzner (hosting, EU), Cloudflare (CDN and security), Postmark (email), Eskiz.uz (SMS), Telegram (messaging). A data-processing agreement is in place with each.

8. Cross-border transfer

Data may be stored in the European Union (Hetzner). Safeguards required by ZRU-547 (adequacy / SCCs) apply. We do not collect biometric or genetic data.

9. Retention

Active accounts — for as long as the Service is provided. Closed accounts: 30-day soft delete, then hard delete. Contact-form leads — until answered or converted to a customer.

10. Your rights

You have the right to access, correct, delete, object to, and port your data. Contact us at hello@book4me.uz. You may also file a complaint with the authorised state body.

11. Security

TLS encryption (via Cloudflare), regular backups, access control, audit log. We will notify you of a known data breach within 72 hours.

12. Children

The Service is not directed to persons under 18.

13. Changes

The policy is versioned. We will notify you of material changes by email or in-app.

14. Contact

Privacy requests: hello@book4me.uz or Telegram: @book4me_uz.

Privacy Policy — book4me