At SuperSaaS we recognize that privacy is important. We are based in the European Union and as such we are in full compliance with the General Data Protection Regulation (GDPR) that protects your privacy. When you ask your users to make appointments with you via SuperSaaS, you may need to take action to ensure compliance with the GDPR rules, as explained in our page with information on the GDPR.
Last Updated: May 2022
Information we collect and how we use it
We offer a variety of services, some of which require your users’ registration or personal information. This document will refer to your users as “end users”. In order to provide our full range of services, we may collect the following types of information:
- Information you provide – When you sign up for a SuperSaaS account we ask you for personal information (such as your name, email address and an account password). We may combine the information you submit under your account with information from other SuperSaaS services or third parties in order to provide you with a better experience and to improve the quality of our services. For certain services, we may give you the opportunity to opt out of combining such information. For our premium accounts, we use a payment provider who will store your payment account information on their secure servers. This information is not shared or combined with others.
- Log information – When you use SuperSaaS services, our servers automatically record information that your browser sends whenever you use a web application. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.
- User communications – When you send email or other communication to SuperSaaS, we may retain those communications in order to process your inquiries, respond to your requests and improve our services.
SuperSaaS processes personal information for the purposes described above, and in addition to the above we use the information to:
- provide our products and services to users, including the display of customized content and advertising
- audit, research and analyze in order to maintain, protect and improve our services
- ensure the technical functioning of our network
- develop new services
SuperSaaS processes personal information and appointment and booking data on our servers in the Netherlands and in other countries. In some cases, we process personal information on a server outside your own country but we do not process information on servers outside the European Union. We may process your personal information to provide our own services. In some cases, we may process personal information on behalf of and according to the instructions of a third party, such as our advertising partners. We will not use personal information of your end users that may be stored in our system to provide our own services.
Right to be forgotten
If you want to completely remove your account and all associated data from our servers, you can erase all your data with a single click. This also erases any data of users who may have created an appointment via your account. If you are on a paid plan this link will also cancel your subscription. However, please know that you are welcome to keep your account around as a free account, in case you possibly want to use it again in the future.
Options regarding your personal information
When you sign up for a particular service that requires registration, we ask you to provide personal information. If we intend to use this information in a manner other than the purpose for which it was collected, we will ask for your consent prior to such use.
If we propose to use personal information for any purposes other than those described in this Policy and/or in the specific service notices, we will offer you an effective way to opt out of the use of personal information for those other purposes. We will not collect or use sensitive information for purposes other than those described in this Policy and/or in the specific service notices, unless we have obtained your prior consent.
You can decline to submit personal information to any of our services, in which case SuperSaaS may not be able to provide those services to you.
Third-Party advertisements on the free version
Integration into another site
European Union user consent policy and the GDPR
When using SuperSaaS embedded into another site, certain disclosures must be given to and consents obtained from end users in the European Union where the law requires such disclosures and consents. For end users in the European Union you must use commercially reasonable efforts to ensure that an end user is provided with clear and comprehensive information about this site’s policies. If you have end users in the European Union you will need to ensure that your use of the system complies with the General Data Protection Regulation (GDPR), as explained on our page about the GDPR.
SuperSaaS only shares personal information with other companies or individuals outside SuperSaaS in the following limited circumstances:
- We have your consent. We require opt-in consent for the sharing of any sensitive personal information.
- We may provide such information to affiliated companies or other trusted businesses or persons for the purpose of processing personal information on our behalf. We require that these parties agree to process such information based on our instructions and in compliance with this Policy and any other appropriate confidentiality and security measures.
- We have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against imminent harm to the rights, property or safety of SuperSaaS, its users or the public as required or permitted by law.
We may share with third parties certain pieces of aggregated, non-personal information. Such information does not identify you individually.
We take appropriate security measures to protect against unauthorized access or unauthorized alteration, disclosure or destruction of data. We restrict access to personal information to SuperSaaS employees, contractors and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination, if they fail to meet these obligations.
SuperSaaS processes personal information only for the purposes for which it was collected and in accordance with this Policy or any applicable service-specific privacy notice. We review our data collection, storage and processing practices ensuring that we only collect, store and process the personal information needed to provide or improve our services. We take reasonable steps to ensure that the personal information we process is accurate, complete, and current, but we depend on our users to update or correct their personal information whenever necessary.
Accessing and updating personal information
When you use SuperSaaS services, we make good faith efforts to provide you with access to your personal information and either to correct this data if it is inaccurate or to delete such data at your request if it is not otherwise required to be retained by law or for legitimate business purposes. We ask individual users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup tapes), or for which access is not otherwise required. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.
Changes to this Policy
2018-04-24: Updated to include information about the GDPR
2022-05-24: Updated to explicitly highlight the right to be forgotten
2022-05-31: Updated to explicitly add contact information