BookedBack
Get Started

Legal

Privacy Policy

Last updated: May 20, 2026

This Privacy Policy explains how Careminds Inc. ("Careminds", "we", "us", or "our") collects, uses, stores, and protects information in connection with BookedBack, our dormant-lead reactivation product available at bookedback.ai (the "Service"). This single policy covers both the bookedback.ai website and the connected Google account data that BookedBack reads when you authorize it through Google OAuth.

It is written in plain English on purpose. If anything below is unclear, email support@bookedback.ai.

1. General information we collect

Website

  • Cookies and analytics: bookedback.ai uses strictly necessary cookies and lightweight, privacy-respecting analytics (page views, form submissions) to understand traffic. We do not run third-party advertising pixels or cross-site tracking on the marketing site.
  • Server logs: IP address, browser, referrer URL, and pages visited. Used for security and abuse prevention.
  • Contact form: if you fill out a contact or demo form, we store the name, email, business name, and message you submit.

Account and authentication data

  • Email address and profile name returned by Google when you sign in with Google.
  • Account configuration (campaign settings, labels, templates) that you create inside BookedBack.
  • OAuth refresh and access tokens issued by Google, encrypted at rest (see Section 4).

2. Google API Services User Data

This section explains exactly what Google account data BookedBack accesses, what it does with it, how long it keeps it, and how you can delete it. BookedBack's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Scopes we request and why

  • https://www.googleapis.com/auth/gmail.readonly — We scan your Gmail inbox and historical mail to identify "dormant leads": past prospects who contacted you about your services but never converted (no reply for 30+ days). We read message headers, snippets, and full message bodies for threads our filter identifies as likely lead conversations, so we can surface them to you in the BookedBack dashboard.
  • https://www.googleapis.com/auth/gmail.modify — When you take a one-click reactivation action inside BookedBack, we apply Gmail labels (e.g., "bookedback-reactivated", "bookedback-replied") to the relevant thread so you can track outreach status inside your own Gmail. We use modify only to add or remove BookedBack-managed labels. We do not delete messages and do not modify message contents.
  • https://www.googleapis.com/auth/userinfo.email and https://www.googleapis.com/auth/userinfo.profile — Standard sign-in. We read your Google account email address and basic profile (name, profile picture) to create and identify your BookedBack account.

What we read

  • Message metadata (subject, sender, recipient, date, thread ID, labels) for messages in the date range you authorize for scanning.
  • Message bodies for threads our filter identifies as likely lead conversations.
  • Your Gmail label list, so BookedBack can create and manage its own labels without colliding with yours.

What we modify

  • BookedBack-managed labels on threads you act on inside the dashboard (e.g., adding "bookedback-reactivated" when you send a one-click reactivation email through BookedBack).
  • Nothing else. We do not move, archive, delete, mark as read, forward, or alter the contents of any Gmail message.

How we use Google user data — Limited Use compliance

BookedBack's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We do not use Google user data to train, develop, or improve generalized AI or machine learning models. We do not send Google user data to any third-party AI provider for training.
  • We do not sell, rent, or trade Google user data to any party for any purpose.
  • We do not transfer Google user data to others except (a) as necessary to provide or improve user-facing features that are prominent within the BookedBack UI, (b) for security purposes such as investigating abuse, (c) to comply with applicable law, or (d) as part of a merger, acquisition, or sale of assets with notice to users.
  • We do not use Google user data to serve advertisements, including retargeting, personalized, or interest-based advertising.
  • Humans do not read Google user data except (a) with your explicit consent for a specific message, (b) for security purposes such as investigating abuse, (c) to comply with applicable law, or (d) where the data is aggregated and used for internal operations in accordance with applicable privacy and other laws.

Where Google user data is processed

Google user data is fetched and processed by BookedBack's backend on Hetzner servers in Germany. It is held only long enough to render the dormant-lead dashboard, apply labels you request, and store the summary records described below. The data is encrypted in transit (TLS 1.2+) and OAuth tokens are encrypted at rest (AES-256) in a Postgres database accessible only to the BookedBack application user.

Retention of Google user data

  • OAuth tokens: stored encrypted while your account is active. Deleted within 7 days of account deletion or disconnection.
  • Dormant-lead index (subject lines, sender addresses, dates, our scoring metadata): stored while your account is active so the dashboard works without rescanning. Deleted within 30 days of account deletion.
  • Full message bodies: not stored on our servers as a persistent record. They are read on demand when you open a thread in the dashboard, held in memory during the request, and discarded.
  • Labels written by BookedBack: remain in your Gmail until you remove them. Deleting your BookedBack account does not remove labels we already wrote, since they are now data inside your own Gmail. You can delete them from Gmail at any time.

How to revoke access and delete your Google data from BookedBack

  • In-app: Settings → "Disconnect Google and delete my data". This revokes our OAuth token with Google and triggers deletion of all stored Google user data within 7 days.
  • In Google: visit myaccount.google.com/permissions and revoke BookedBack. Our backend detects the revoked token on next API call and deletes associated data within 7 days.
  • By email: send a deletion request to support@bookedback.ai from the Google account email used to sign in. We will confirm deletion within 7 days.

3. How we use information

  • Deliver and operate the Service: scan your inbox, surface dormant leads, send reactivation outreach you trigger, write labels back to Gmail.
  • Authenticate you and secure your account.
  • Communicate with you about your account, billing, support, and material product updates.
  • Detect and prevent abuse, debug errors, and comply with legal obligations.
  • Generate aggregated, anonymized metrics about how the Service performs. These metrics never identify any user, any lead, or any message content.

4. How we store and protect data

  • Encryption in transit: TLS 1.2 or higher for all connections to BookedBack and to Google APIs.
  • Encryption at rest: OAuth tokens and sensitive account fields are encrypted with AES-256 in our Postgres database. Disk volumes are encrypted at the provider level.
  • Access controls: production database access is limited to the application service account and to the founder (Pavel Tantsiura) for incident response. All access is logged.
  • Hosting: backend on a dedicated Hetzner server (Germany); marketing site on Vercel; database on the same Hetzner host inside a private network. No third-party data warehouse or analytics tool receives raw Gmail data.
  • Retention: see Section 2 for Google data. Other account data is retained while your account is active and deleted within 30 days of account deletion, except where we need to retain billing records for tax and accounting (up to 7 years).

5. How users can delete their data

You have two routes:

  • In-app: Settings → "Delete my account" removes your account, revokes Google OAuth, and triggers deletion of all associated data within 7 days for OAuth tokens and 30 days for everything else.
  • By email: send a deletion request to support@bookedback.ai from the email on your BookedBack account. We will confirm receipt within 2 business days and complete deletion within 30 days.

Deletion is permanent and unrecoverable.

6. Sub-processors

We use a small set of vendors to operate the Service. Each is bound by their own privacy and security commitments, and is used only to the extent necessary to deliver the Service:

  • Google LLC — Google Workspace APIs (Gmail) and Google Identity (sign-in). Source of the Google user data described in Section 2.
  • Hetzner Online GmbH — application servers and database hosting (Germany).
  • Vercel Inc. — static hosting for the bookedback.ai marketing site.
  • Anthropic PBC — language model API used to generate suggested reactivation email drafts. Anthropic acts as our sub-processor under our written instructions; it does not independently use, sell, or share the data we send. We send only the minimum fields needed to draft a reactivation message: sender display name, subject line, short message snippet (typically the first 200 characters), and the dormant-lead metadata we computed (e.g., last-contact date, lead score). We do not send full Gmail message bodies, attachments, message lists, or any other raw Google user data to Anthropic. Under Anthropic's API terms, API data is not used to train Anthropic's models; Anthropic's default retention is at most 30 days for abuse monitoring and is then deleted.
  • Stripe Inc. — payment processing for paid plans.

We do not currently use any third-party analytics provider that receives Gmail content. An up-to-date list of sub-processors is available on request.

7. What we do not do

  • We do not sell or rent your personal information or your Google user data.
  • We do not use Google user data to train machine learning models.
  • We do not show ads anywhere in the Service.
  • We do not share your Google user data with other BookedBack customers.

8. Your rights

Depending on where you live, you may have rights to access, correct, delete, port, or restrict processing of your personal information, and to object to certain uses. To exercise these rights, email support@bookedback.ai. We will respond within the timeframes required by applicable law.

California, Colorado, Connecticut, Virginia, Utah, and other U.S. state residents: you may request access, correction, deletion, and to opt out of any sale or sharing of personal information. We do not sell personal information. We do not engage in cross-context behavioral advertising.

EEA, UK, and Swiss residents: you have the right to lodge a complaint with your local supervisory authority.

9. Children

The Service is intended for businesses and is not directed at children. We do not knowingly collect personal information from children under 16. If you believe a child has provided information to us, contact us and we will delete it.

10. Changes to this Policy

We may update this Policy from time to time. We will post the new version here with a revised "Last updated" date. Material changes will be communicated to active users by email at least 14 days before they take effect, unless a shorter period is required by law.

11. Limited Use disclosure

BookedBack's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

12. Contact for privacy requests

  • Email: support@bookedback.ai
  • Entity: Careminds Inc., operator of BookedBack
  • Owner: Pavel Tantsiura, Founder

Effective date: May 20, 2026