At Pleney we take your privacy seriously. Here's how we handle your data.
Last updated: 28 April 2026
We only collect data necessary to provide our service: your name, email address, business details and booking information. We don't store payment details — those are securely processed by Stripe.
We use your data exclusively to process bookings, send confirmations and personalize your dashboard. We never sell your data to third parties and don't use it for advertising.
You have the right to access, correct and delete your data. Contact us at info@sharpcreations.nl and we'll help you within 24 hours. Pleney is fully GDPR compliant.
Pleney's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We use Google user data only for the functionality described below, and never share or sell it to third parties.
When you connect your Google Calendar we request the following scopes: • calendar.events — to create, update and delete calendar events on your primary calendar when bookings are made, rescheduled or cancelled through Pleney. The event includes the Customer's name, the service booked, start and end time, and an auto-generated Google Meet link. • calendar.freebusy — to read your busy time windows (no event titles, descriptions, attendees or content — only 'busy' or 'free') so we can hide already-occupied slots on your public booking page and prevent double-bookings. • userinfo.email — to identify which Google account you connected, shown back to you in your integration settings.
• We never read or store the contents of your existing calendar events. • Free/busy data is read in real time and not persisted in our database. • OAuth refresh tokens are encrypted at rest in our Firestore database. • We never use Google user data for advertising, never sell it to third parties, and never use it to train AI/ML models. • Human access to Google user data is limited to: (a) with the user's explicit consent, (b) to comply with applicable law, (c) for security investigations, or (d) when data is aggregated and used for internal operations in line with the Limited Use requirements.
You can disconnect your Google Calendar at any time: 1. In Pleney: Dashboard → Settings → Integrations → 'Disconnect' next to Google Calendar. 2. Directly via Google: https://myaccount.google.com/permissions When you disconnect, we revoke the refresh token and remove the encrypted token from our database within 24 hours. Any calendar events previously created by Pleney remain on your calendar (you can delete them manually).
OAuth tokens are deleted immediately upon disconnection or account deletion. Booking records that reference your calendar are retained per the general retention policy (or until you request deletion).
To deliver our service we rely on the following processors. All are GDPR compliant and we have Data Processing Agreements in place with them.
| Partner | Purpose | Location |
|---|---|---|
| Google Cloud / Firebase | Hosting, authentication, database (Firestore), storage, Cloud Functions | EU (Frankfurt, europe-west1) |
| Stripe | Subscription payment processing | EU / US (under SCC) |
| Mollie | Booking payment processing (iDEAL, credit card) | Netherlands (EU) |
| Resend | Transactional email delivery (confirmations, reminders) | EU |
| Sentry | Error monitoring (technical stack traces only, no personal data) | EU (Frankfurt) |
| Google Analytics 4 | Anonymised usage statistics (only with cookie consent) | EU / US (under SCC) |
| Google Calendar, Microsoft 365, Zoom | Optional calendar integrations (only on explicit user connect) | EU / US (under SCC) |
Manage which cookies we may use.