SmartAgenda
Privacy Policy
Last updated: January 2026
Protecting your personal data is a priority for WEST SOFTWARE SYSTEMS SRL ("SmartAgenda", "we", "us").
This Privacy Policy explains how personal data is processed in connection with the use of:
- the website https://www.smartagenda.app ("Website")
- the SmartAgenda mobile applications (iOS and Android) ("Application")
This Policy is drafted in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Romanian and EU data protection legislation.
1. Who we are
WEST SOFTWARE SYSTEMS SRL
Registered office: Drobeta-Turnu Severin, Mehedinți County, Romania
Trade Register no.: J25/544/2016
VAT ID: RO36780241
Email: [email protected]
SmartAgenda is a B2B SaaS platform, intended exclusively for businesses and professionals.
2. Who this Privacy Policy applies to
This Privacy Policy applies to the following categories of data subjects:
- Business users (SmartAgenda customers)
- Clients of businesses who make online bookings
- Website visitors
3. Our GDPR roles
3.1 Business users
For personal data related to business accounts, SmartAgenda acts as a Data Controller.
3.2 Booking clients
For personal data of clients who make bookings through the Platform:
- the business acts as the Data Controller;
- SmartAgenda acts as a Data Processor, processing data solely on the documented instructions of the business.
SmartAgenda does not determine the purposes or legal bases of this processing and does not act as a joint controller in relation to booking client data.
3.3 Website visitors
For personal data of Website visitors, SmartAgenda acts as a Data Controller.
4. Categories of personal data processed
4.1 Business users
- first and last name
- email address
- phone number
- billing details
- authentication data
- Platform usage data (logs, settings, activity)
4.2 Booking clients
- first and last name
- email address
- phone number
- messages or notes provided
- booking details (services, date, time, reference)
- limited technical data (IP address, used only for default settings)
4.3 Website visitors
- data voluntarily provided (contact forms)
- technical data (IP address, browser type, visited pages)
5. Purposes and legal bases of processing
5.1 Business users
| Purpose | Legal basis |
|---|---|
| Account creation and management | Performance of a contract |
| Billing and legal obligations | Legal obligation |
| Operational communications | Performance of a contract |
| B2B marketing emails | Consent or legitimate interest |
| Analytics and improvements | Legitimate interest |
5.2 Booking clients
SmartAgenda processes booking client data on behalf of the business, exclusively for:
- processing booking requests;
- sending booking confirmations and reminders;
- notifying clients about booking status changes.
The legal basis for this processing is determined by the business with which the booking is made.
5.3 Website visitors
| Purpose | Legal basis |
|---|---|
| Traffic and performance analytics | Consent |
| Platform security | Legitimate interest |
6. Data retention
- Business user data is stored for the duration of the contractual relationship and thereafter in accordance with legal obligations.
- Booking client data is deleted immediately upon termination of the business account.
- Data may be retained longer only where required by law.
Businesses may independently retain their own records in accordance with their legal obligations.
7. Data recipients
Personal data may be disclosed to:
- IT and infrastructure service providers;
- SMS service providers (Twilio, SMSO);
- public authorities, where required by law.
For online bookings, personal data is shared with the selected business, which becomes an independent Data Controller.
8. International data transfers
- Data is stored in the European Union (AWS – EU region).
- Certain services involve data transfers to the United States (Twilio).
Such transfers are safeguarded through Standard Contractual Clauses and other appropriate safeguards required by GDPR.
9. Data subject rights
Under GDPR, you have the following rights:
- right to information and access;
- right to rectification;
- right to erasure;
- right to restriction of processing;
- right to data portability;
- right to object;
- right to lodge a complaint with the supervisory authority.
For booking clients, rights should primarily be exercised through the business with which the booking was made.
10. Cookies and similar technologies
The Website uses:
- Google Analytics for traffic analysis;
- Meta Pixel on marketing pages only;
- Umami Analytics (cookie-free) on booking and business pages.
Non-essential cookies are used only based on user consent, in accordance with applicable data protection and electronic communications laws.
Cookie preferences can be managed through the cookie banner or browser settings.
11. Data security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or destruction.
12. Contact and complaints
For questions or to exercise your GDPR rights, please contact us at:
[email protected]
You also have the right to lodge a complaint with the competent data protection authority, in particular in the EU Member State of your habitual residence or place of work.