Privacy Policy

Last Updated: 12/29/2024

Introduction

Welcome to mySched.co (“mySched” or “the Platform”), a division of Axtra Solutions LLC (“Company,” “we,” “us,” or “our”). This Privacy Policy explains how we collect, use, disclose, and protect your Personal Data (defined below) when you use our website, applications, and related services (collectively, the “Services”). By accessing or using the Services, you agree to the practices and procedures described in this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

We offer our Services to users globally, including those in the European Union (“EU”), the European Economic Area (“EEA”), the United States (including California residents), and other international jurisdictions. We are committed to safeguarding your privacy in compliance with applicable regulations, including the General Data Protection Regulation (GDPR) for EU/EEA residents and the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) for California residents.

1. Company Information

• Company Name: Axtra Solutions LLC
• Address: 188 Overmount Ave, Woodland Park, NJ 07424, USA
• New Jersey 10-Digit ID: 0451138167
• Establishment Date: 06/07/2024
• Authorized Signatory: Mustafa Yıldız (Sole MBR)
• EIN: 30-1414125
• Phone: +1 (862) 226-8851

Contact Emails

• General: info@mysched.co
• Privacy: privacy@mysched.co
• Support: contact@mysched.co

2. Scope of This Privacy Policy

This Privacy Policy applies to all Personal Data collected and processed by mySched in connection with your use of our Services. “Personal Data” means any information relating to an identified or identifiable natural person, such as name, email, phone number, and any other information that relates to you or your customers (“End Customers” or “Clients”).

Please note that mySched is primarily a scheduling and appointment management Software-as-a-Service (“SaaS”) platform used by “Tenants” (i.e., businesses and professionals) who, in turn, collect data from their own Clients. mySched does not sell or otherwise share Personal Data with third parties for marketing purposes, and Tenants are solely responsible for the data they choose to collect from Clients via custom forms or other means.

3. Data We Collect

We collect the following types of data either directly from you or automatically as you use our Services:

1. User Information

   • Name: Full name, as provided at registration.
   • Email Address: For account creation, login, and communication.
   • Phone Number: To facilitate appointments and provide support.
   • IP Address: For security, fraud prevention, and analytics.
   • Browser and Device Information: Technical information related to browser type, device ID, and operating system.
   • Cookies: Small data files to manage sessions, remember preferences, and support analytics.

2. Customer (End Customer) Information

   • Client Data: Data input by Tenants into custom forms for scheduling or service provision (e.g., name, email, phone number, or other details).
   • Appointment Data: Dates, times, and services related to appointments.

3. Analytics Data

   • Google Analytics and Other Tools: Aggregated metrics such as page views, session duration, and navigation paths. These tools use cookies and similar technologies. Data is anonymized for analysis.

4. How We Collect Your Data

• Registration and Account Creation: You provide Personal Data (e.g., name, email) when creating a mySched account.
• Custom Forms: Tenants design and collect data via custom forms; mySched only stores this data on behalf of the Tenant.
• Cookies and Tracking: We use cookies, web beacons, and similar technologies to enhance user experience and analyze usage trends.
• Third-Party Integrations: Tenants and users can connect services such as Google Calendar, Facebook Login, Zoom, Stripe, PayPal, Twilio, Amazon SNS, Telegram Bot, Mailchimp, etc. Personal Data exchanged through these integrations is handled according to this Privacy Policy and the applicable third-party policy.

5. International Data Transfers

Our primary servers are located in Germany (via Contabo). Accordingly, your Personal Data may be transferred from your jurisdiction to Germany or other locations where we or our service providers maintain facilities.

• GDPR Compliance: For EU/EEA users, we employ recognized transfer mechanisms (e.g., Standard Contractual Clauses) to ensure any cross-border transfer of Personal Data is lawful and secure.
• Your Consent: By using our Services, you acknowledge and agree that your Personal Data may be transferred internationally, subject to appropriate safeguards.

6. Legal Basis for Processing (GDPR)

If you reside in the EU/EEA, we process your Personal Data under the following legal bases:

1. Contract: Processing is necessary to fulfill our contractual obligations to provide the Services.
2. Consent: We may rely on your consent for certain marketing or optional data uses.
3. Legitimate Interests: For security, fraud prevention, Service improvement, and certain analytical purposes.
4. Legal Obligations: To comply with legal or regulatory requirements, such as tax or accounting laws.

7. Use of Data

We use Personal Data for the following purposes:

1. Service Provision

   • Create and manage user accounts.
   • Facilitate appointment bookings, rescheduling, cancellations, and calendar sync.
   • Provide relevant notifications and communications (e.g., reminders, confirmations).

2. Service Improvement and Analytics

   • Analyze usage patterns to optimize the user experience.
   • Track performance and troubleshoot technical issues.

3. Payment Processing

   • Integrations with Stripe, PayPal, and other gateways to securely handle transactions.
   • Payment details are processed exclusively by these gateways and are not stored by us.

4. Communications

   • Send transactional emails, SMS, or WhatsApp notifications for appointment updates.
   • Provide updates about new features, policy changes, or other critical information.
   • Offer optional marketing communications if you opt in (with the ability to unsubscribe).

5. Legal Compliance and Security

   • Comply with applicable laws and regulations.
   • Prevent fraudulent activities and secure our platform.

8. HIPAA and Health-Related Data

• No Assumption of HIPAA Coverage: mySched does not specialize in health-related services and does not enter into Business Associate Agreements (BAAs) by default. If a health care provider or related organization chooses to use mySched for appointment scheduling, that entity is responsible for ensuring its own compliance with HIPAA or similar regulations.
• Tenant Responsibility: Tenants are solely responsible for determining what information they collect from Clients and whether such data is regulated by HIPAA or other health privacy laws. mySched has no control over and accepts no liability for Tenant data collection practices.

9. Data Sharing and Disclosure

We do not sell your Personal Data. We only share data:

1. With Service Providers: Trusted third parties who assist us in operating our Services (e.g., hosting, analytics, payment processing). These parties are contractually obligated to use the data solely for the services they provide to us and in compliance with applicable law.
2. For Legal Reasons: We may disclose Personal Data if required to do so by law or in response to valid requests by public authorities, such as a court or government agency.
3. Business Transactions: If we are involved in a merger, acquisition, or sale of assets, your Personal Data may be transferred as part of that transaction, subject to confidentiality and notice requirements.

10. Data Retention

We retain Personal Data only as long as necessary for:

1. Service Provision: Maintaining your account, scheduling appointments, and providing customer support.
2. Legal Obligations: Compliance with tax, accounting, or other legal requirements.
3. Dispute Resolution: Enforcing agreements or defending our legal rights.

• User-Initiated Deletion: You may request deletion of your Personal Data at any time by contacting us at privacy@mysched.co or via your account settings. We will remove or anonymize your data unless we have a legal obligation to retain it.
• Inactive Accounts: We reserve the right to delete or anonymize data from inactive accounts after a certain period, as specified in our internal retention schedules.

11. Data Security

We follow industry-standard security measures to protect your data:

• SSL Encryption: All data transmitted between your browser and our servers is encrypted using Secure Socket Layer (SSL).
• Server Environment: Our servers (hosted by Contabo in Germany) leverage CloudLinux, Litespeed, Imunify360, KernelCare, and other security enhancements.
• Access Controls: Access to systems storing Personal Data is granted only to authorized personnel.
• Monitoring and Audits: We regularly monitor and conduct security audits to stay ahead of emerging threats.

Despite our best efforts, no method of data transmission or storage is 100% secure. If you suspect a security breach, please contact us immediately at privacy@mysched.co.

12. User Rights

Depending on your jurisdiction, you may have certain rights regarding your Personal Data:

1. GDPR (EU/EEA Residents)

   • Right to Access: You can request access to a copy of your Personal Data.
   • Right to Rectification: You can correct inaccuracies in your Personal Data.
   • Right to Erasure: You can request deletion of your data, subject to certain exceptions.
   • Right to Restrict Processing: You can ask us to pause or limit how we use your data.
   • Right to Data Portability: You can request your Personal Data in a structured, commonly used, machine-readable format.
   • Right to Object: You can object to certain processing activities, including direct marketing.
   • Right to Withdraw Consent: Where processing is based on consent, you may revoke it at any time.

2. CCPA/CPRA (California Residents)

   • Right to Know: You can request the categories and specific pieces of Personal Data we have collected, used, or disclosed.
   • Right to Delete: You can ask us to delete your Personal Data, subject to legal exceptions.
   • Right to Opt-Out of Sale/Sharing: We do not sell Personal Data, but you can still request clarification of these practices.
   • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

3. Other U.S. State Laws

   • We strive to comply with relevant state privacy laws. If you have questions regarding your rights under Colorado, Virginia, or other state privacy laws, please contact us.

How to Exercise Your Rights

• Email: privacy@mysched.co
• Account Settings: Many rights can be exercised directly in your profile or account settings.

We will respond to verified requests within the timeframe required by applicable law.

13. Children’s Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect Personal Data from children under 18. If you believe we have inadvertently collected data about a child, please contact us at privacy@mysched.co so we can promptly remove it.

14. Dispute Resolution and References to Terms of Service

Any disputes arising from or related to this Privacy Policy are governed by our Terms of Service. Please review our Terms of Service for additional information regarding dispute resolution and arbitration (if applicable).

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.

• Notification: Material changes will be notified via email or through a prominent notice on our website.
• Effective Date: The updated Privacy Policy will be effective upon posting unless otherwise noted.

Your continued use of our Services after the effective date of the updated policy constitutes your acceptance of those changes.

16. Disclaimer

This Privacy Policy is provided for informational purposes only and does not constitute legal advice. While we strive to maintain compliance with applicable laws and regulations, we recommend that you consult legal counsel for specific guidance related to your personal or business circumstances. We reserve the right to update or revise this policy to ensure continued compliance with evolving legal requirements.

17. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us using the details below:

• General Inquiries: info@mysched.co
• Privacy Inquiries: privacy@mysched.co
• Support: contact@mysched.co
• Phone: +1 (862) 226-8851
• Mailing Address:
  Axtra Solutions LLC
  188 Overmount Ave
  Woodland Park, NJ 07424 USA

We are committed to addressing your inquiries promptly and transparently. Thank you for trusting mySched.co with your Personal Data.

By using our Services, you acknowledge that you have read and understood this Privacy Policy and agree to be bound by its terms