Last updated: 02/25/2026
Slotivo, operated by Davor Čolić, is the data controller responsible for your personal data. Contact: slotivo.dev@gmail.com.
We collect the following data: Account data (business name, owner name, email address, subdomain), Business data (services, employees, working hours, pricing, uploaded images and content), Customer data (names, email addresses, phone numbers of end customers who book through your Slotivo website), Booking data (appointment details, dates, times, service selections, booking status), Payment data (processed by Stripe — we do not store credit card numbers), Technical data (IP addresses, browser type, device information, access logs), and Communication data (support messages, chatbot interactions).
We collect data directly from you when you register, configure your business, or contact support. Customer data is collected when end customers make bookings through your Slotivo-powered website. Technical data is collected automatically through server logs and cookies.
We process your data to provide and maintain the Slotivo platform, create and host your business website, process bookings and send confirmations and reminders, manage your subscription and billing, provide customer support, send service-related notifications, improve the platform and fix issues, and comply with legal obligations.
We process your data based on: Contract performance (providing the service you signed up for), Legitimate interest (improving the platform, preventing fraud, ensuring security), Consent (where required, such as for marketing communications or optional cookies), and Legal obligation (tax records, regulatory compliance).
Account and business data is retained for the duration of your subscription and for 30 days after account deletion. Booking data is retained for the duration of your subscription. Payment records are retained as required by tax law (typically 5-10 years). Server logs are retained for up to 90 days. You may request earlier deletion by contacting us.
We use the following third-party services to provide Slotivo: Vercel (hosting and infrastructure, data stored in EU region), Stripe (payment processing), Twilio (SMS notifications), Resend (email delivery), and Neon/PostgreSQL (database hosting). A complete list is available on our Subprocessors page.
Some of our subprocessors may process data outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or the subprocessor's participation in recognized data protection frameworks.
Slotivo uses essential cookies for authentication and session management. Optional analytical cookies may be used to understand how the platform is used. You can manage your cookie preferences through the Cookie Settings page. See our Cookie Policy for details.
We protect your data with TLS/SSL encryption in transit, access controls and authentication, regular security updates, isolated tenant data (each business's data is logically separated), and automated backups. See our Security Policy for more details.
Under GDPR, you have the right to: Access your personal data, Rectify inaccurate data, Erase your data (right to be forgotten), Restrict processing, Data portability (receive your data in a standard format), Object to processing based on legitimate interest, and Withdraw consent at any time. To exercise any of these rights, contact slotivo.dev@gmail.com. We will respond within 30 days.
You can request a full export of your data or complete deletion of your account by contacting slotivo.dev@gmail.com. Exports are provided in a standard format. Account deletion is completed within 30 days, except where retention is required by law.
If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. For users in Croatia, this is the Agencija za zaštitu osobnih podataka (AZOP), www.azop.hr.
For all privacy-related questions, contact: slotivo.dev@gmail.com.