Privacy Policy

Last updated: 17 May 2026

Appti (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your rights in relation to it. By using Appti, you agree to the practices described in this policy.

1. Who we are

Appti is an online appointment booking platform for service businesses, operated in Australia. We are subject to the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs). Questions about this policy can be directed to contact@appti.net.

2. Information we collect

We collect two categories of information:

Business account holders (our customers):

  • Name and email address (registration)
  • Business name, website, and contact details
  • Payment information (processed by Stripe — we do not store card numbers)
  • Usage data (messages sent, appointments managed)

End clients (people who make bookings):

  • Name, email address, and phone number (provided at booking)
  • Appointment details (service, date, time, notes)
  • Calendar data (stored only to generate calendar invites)

3. How we use your information

  • To provide the booking and reminder service
  • To send appointment confirmation and reminder messages (SMS and email)
  • To process payments for credits and subscriptions
  • To provide customer support
  • To improve our service and fix technical issues
  • To comply with legal obligations

We do not sell your data or use it for advertising purposes.

4. Data storage and security

Data is stored in encrypted databases hosted in the Asia-Pacific region (Sydney, Australia) via Neon (PostgreSQL). We use industry-standard encryption for data in transit (TLS) and at rest. Access to production systems is restricted to authorised personnel only.

5. Third-party services

We use the following trusted third parties to deliver our service:

  • Stripe — payment processing (subject to Stripe's privacy policy)
  • Resend — transactional email delivery
  • Mobile Message — SMS delivery (Australian carrier)
  • Vercel — application hosting
  • Upstash — job queue infrastructure (Sydney region)

These providers process data only as necessary to deliver their services and are bound by appropriate data processing agreements.

6. End client data and business responsibility

Business account holders are responsible for obtaining appropriate consent from their clients before collecting and using their personal information through Appti.Appti acts as a data processor on behalf of business account holders for end client data. Business account holders must comply with the Australian Privacy Act and any other applicable privacy laws in their dealings with their clients.

7. Data retention

We retain account data for as long as your account is active, plus a reasonable period for legal and business purposes after closure. Appointment data is retained for 3 years from the date of the appointment. You may request deletion of your data at any time — see section 9.

8. Cookies

We use session cookies to maintain your login state. We do not use advertising or tracking cookies. No third-party analytics cookies are placed on our site.

9. Your rights

Under Australian privacy law, you have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate information
  • Request deletion of your data (subject to legal retention requirements)
  • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

To exercise these rights, contact us at contact@appti.net. We will respond within 30 days.

10. Changes to this policy

We may update this policy from time to time. We will notify account holders of material changes by email. Continued use of Appti after changes constitutes acceptance of the updated policy.

11. Contact

Privacy enquiries: contact@appti.net