BKKD

Privacy Policy

Last updated: July 16, 2026

1.What We Collect

When you sign up and use BKKD we collect:

  • Account info: name, email, and authentication credentials. Authentication is handled by Clerk; we do not store your password.
  • Booking data you create: client records, holds, confirmed bookings, projects, communications log, lifecycle progress, documents.
  • Usage telemetry: routes visited, error events. Used to maintain the service and identify bugs. Aggregated where possible.
  • Notification data: if you enable push notifications, the subscription endpoint your browser provides so we can deliver reminders. We store only what is needed to send the notification.
  • Connection data: when you connect with a recruiter, the booking requests you exchange and the contact details you each choose to share.

2.How We Use Your Data

We use the data you give us to:

  • Operate the service you signed up for.
  • Respond to support requests.
  • Improve product features based on aggregate usage patterns.
  • Send transactional email (request confirmations, proposal emails, account deletion notices). We do not send marketing email without explicit opt-in.
  • Deliver push notifications you have enabled, such as upcoming meeting reminders.

We do not sell your data. Ever. We do not share it with advertisers or data brokers. We do not use your booking data to train AI models.

3.Third-Party Services

BKKD relies on a small set of subprocessors to operate the service. Each handles a specific function and processes data only as needed. Vendor names below link to the company; the “Learn more” column links to that vendor’s public privacy policy. Each opens in a new tab.

WhoWhat they doWhereLearn more
ClerkAuthentication, sign-in, and session management.United StatesPrivacy policy
SupabaseDatabase (your booking, client, document, event data) and document file storage.United StatesPrivacy policy
VercelApplication hosting, edge compute, scheduled jobs.United StatesPrivacy policy
ResendTransactional email delivery (request confirmations, account deletion notices).United StatesPrivacy policy
AnthropicAI-assisted email drafting. Only the booking context needed to draft an email is sent — dates, rates, payment structure, and first names of both parties. Full contact details, document contents, and internal IDs are never transmitted. If you fill in an “About your work” profile in Settings, that text is included with draft requests to guide tone.United StatesPrivacy policy

These providers process data on our behalf under their own privacy policies and applicable data processing agreements. We do not grant them rights to use your data for their own purposes.

Notifications you enable are delivered through your browser’s push service (for example Apple, Google, or Mozilla). That service receives only the encrypted notification payload and the delivery endpoint — never your booking or account data.

4.Links You Share

Some features expose data through a link you generate. Public availability pages and per-client availability pages show your open and blocked dates (and, depending on the visibility mode you choose, booking titles). Proposals you send show the details you include. The optional calendar-subscription feed shows your confirmed booking titles and dates to anyone holding the feed link. These links are the point of the feature, but anyone who has one can see what it exposes — treat them as private, and regenerate or disable a link when it is no longer needed.

5.Data Retention

We keep your data for as long as your account is active. When you delete your account, we begin a 30-day grace period during which the deletion can be cancelled. After 30 days all booking, client, document, event, personal time, and recruiter connection data is permanently removed from our active systems. Encrypted backups may persist for up to 60 additional days before they age out.

6.Your Rights

You can, at any time:

  • Export all your data as a portable archive via Settings → Backup.
  • Delete your account via Settings → Profile, which initiates the 30-day removal described above.
  • Correct your account information via Settings → Profile.
  • Contact us with questions about your data or to exercise rights under applicable privacy laws (GDPR, CCPA, etc.).

7.Cookies and Tracking

We use only the cookies required to keep you signed in and to operate the service. We do not run third-party advertising trackers or behavioural analytics.

8.Security

All data is encrypted in transit (TLS) and at rest. Row-level security policies are enforced at the database level on every user-scoped table. The privileged service-role key used for server-side operations is never shipped to the browser.

9.Children

BKKD is not directed at users under 16, and we do not knowingly collect data from children. If you believe we have collected information from a child, contact us and we will delete it.

10.Changes to This Policy

We may update this policy from time to time. Material changes will be announced by email or in-app notice prior to taking effect. The “Last updated” date at the top of this page reflects the latest revision.

11.Contact

Privacy questions or requests: hello@bkkd.app
BKKD·Terms of Service