Logo Rezzervo

Rezzervo Privacy Policy

This policy explains how Rezzervo collects, uses, shares, and protects personal data when you interact with our scheduling platform. It reflects the requirements of Kosovo's Law on Personal Data Protection and, where applicable, the GDPR.

Data Controller & Purpose

Rezzervo (“we”, “us”, or “our”) operates from Kosovo and provides scheduling and booking solutions to businesses worldwide. We process personal data in line with the Law No. 06/L-082 on Personal Data Protection of the Republic of Kosovo and with the EU General Data Protection Regulation (GDPR) where it applies.

When we refer to “you” in this Privacy Policy, it covers platform administrators, staff members, and end customers who interact with booking pages hosted by Rezzervo. If you use Rezzervo on behalf of a business, that business is usually the data controller for the information it collects via the platform, while Rezzervo acts as its data processor.

Personal Data We Collect

We only collect personal data that is necessary to deliver and improve the Service. The categories include:

  • Account and identification data (name, job title, phone number, business registration and fiscal numbers, billing contacts).
  • Authentication data (password hashes, session tokens, multi-factor tokens).
  • Booking data (customer contact details, service preferences, appointment notes, payment status, marketing consents).
  • Device, browser, and activity logs generated when you access the dashboard or hosted pages.
  • Support correspondence, survey responses, and product feedback.

Lawful Bases for Processing

We rely on several legal grounds recognised under Kosovo law and the GDPR:

  • Performance of a contract — providing the Service, processing bookings, or fulfilling subscription purchases.
  • Compliance with legal obligations — maintaining accounting records, responding to authorised public authorities, or enforcing consumer protection rules.
  • Legitimate interests — improving security, preventing fraud, ensuring platform reliability, or informing existing customers about relevant updates.
  • Consent — sending optional marketing communications or enabling features that require access to third-party calendars or contact lists.

How We Use the Data

Personal data is processed to authenticate users, configure organisations, send notifications, route bookings, facilitate payments, and provide customer support. Aggregated or anonymised information may be used for analytics that help us understand feature adoption or system performance. We never sell personal data.

Sharing & Processors

Rezzervo only shares personal data with carefully selected subprocessors that support infrastructure hosting, payment processing, communications, analytics, or compliance workflows. Each partner is bound by written data processing agreements that mirror the protections set in this policy.

We may disclose information if required by Kosovo courts or supervisory authorities, or when necessary to prevent fraud or defend legal claims.

International Transfers

Data may be stored on servers located in the European Union or other jurisdictions offering adequate protection. When transfers occur outside Kosovo or the European Economic Area, we use GDPR-approved safeguards such as Standard Contractual Clauses, and we assess the legal environment of the destination country.

Retention

Personal data is retained only for as long as the business relationship requires, plus any additional period necessary to meet statutory obligations such as tax or financial reporting (typically up to seven years under Kosovo legislation). Customer content may be deleted sooner at your request, unless the law requires us to keep a record.

Security Measures

We apply technical and organisational safeguards such as encryption in transit, role-based access control, multi-factor authentication for administrators, regular penetration testing, and staff security training. Incident response procedures follow the notification timelines set by the Kosovo Information and Privacy Agency and, where applicable, the GDPR.

Your Rights

Under Kosovo data protection rules (and GDPR where applicable) you have the following rights:

  • Access — request confirmation about whether we process your personal data and obtain a copy.
  • Rectification — ask us to correct inaccurate or incomplete information.
  • Erasure — request deletion where the data is no longer needed or you withdraw consent.
  • Restriction — limit processing while we verify contested information or handle an objection.
  • Portability — receive data you provided in a structured, commonly used format and transmit it to another controller.
  • Objection — challenge processing based on our legitimate interests or direct marketing.
  • Withdrawal of consent — opt out of marketing or specific integrations without affecting processing done before withdrawal.

Cookies & Tracking

Essential cookies keep your session alive and secure. Optional analytics or marketing cookies are only placed with consent, and you may update preferences through your browser or banner controls. For more detail on cookie categories, contact us via the email below.

Children

Rezzervo is intended for professional users and is not directed at children under 16. If we learn that a child has provided personal data without parental consent, we will delete that information promptly.

Updates & Contact

We review this Privacy Policy whenever Kosovo legislation changes or when we launch new processing activities. Substantive updates will be announced through the dashboard or by email. Continued use of the Service after updates take effect constitutes acceptance.

To exercise your rights or raise a concern, email privacy@rezzervo.com or contact@rezzervo.com. You may also lodge a complaint with the Kosovo Information and Privacy Agency if you believe we have not handled your data lawfully.

Rezzervo

Book quickly. Manage simply