Last updated: 27 May 2026
For questions about how we use any of these processors, or to receive a copy of the relevant transfer safeguards, email support@mybookr.app.
| Processor | What they do for Bookr | Data processed | Location | Transfer mechanism |
|---|---|---|---|---|
| Supabase Privacy policy ↗ | Database hosting, authentication, and API infrastructure | All personal data stored on the platform — accounts, bookings, reviews, messages | EU — Ireland (eu-west-1) | No transfer — data stays in UK/EU |
| Stripe Privacy policy ↗ | Payment processing and Stripe Connect payouts to businesses | Payment card data (handled directly by Stripe — Bookr never sees full card numbers); business identity documents (KYC, via Stripe Connect); booking amounts and refund records | USA / UK / EU | UK IDTA + EU SCCs |
| Resend Privacy policy ↗ | Transactional email delivery — booking confirmations, reminders, OTP codes, cancellation notices, refund notices, review requests | Name and email address; booking reference; email content | USA (infrastructure: EU Ireland via Amazon SES) | UK IDTA + EU SCCs |
| Vercel Privacy policy ↗ | Web hosting and edge delivery for mybookr.app | IP address and request logs (30-day retention); no booking or personal account data | USA / Global edge | UK IDTA + EU SCCs |
| Loops.so Privacy policy ↗ | Onboarding and product update email sequences for business owners | Business owner name and email address; plan tier (to personalise messaging) | USA | UK IDTA + EU SCCs; DPA in place |
| Apple Privacy policy ↗ | iOS push notification delivery; Apple Sign-In; App Store crash reports | Push notification token; name and email (Apple Sign-In only, for account creation); device model, OS version, stack trace (crash reports) | USA / Global | Standard Contractual Clauses |
| Google (Firebase / Play) Privacy policy ↗ | Android push notification delivery (FCM); Google Sign-In; Google Play crash reports | Push notification token; name and email (Google Sign-In only, for account creation); device model, OS version, stack trace (crash reports) | USA / Global | Standard Contractual Clauses |
| Expo (EAS) Privacy policy ↗ | App build and over-the-air update infrastructure for the iOS and Android apps | App bundle only — no personal data passed to Expo; builds are code only | USA | Standard Contractual Clauses |
We review this list whenever we add, remove, or change a sub-processor. For material additions, we will update this page at least 30 days in advance and post a notice to business owners via the app or by email. Removals and minor updates (such as processor address changes) are reflected on this page without advance notice.
If you have objections to a new sub-processor, please contact us at support@mybookr.app within the 30-day notice period.