FIXMEAPP
← Back to fixmeapp.ai

Privacy Policy

Privacy-first by design.

Last updated
June 2026
Company
Fixmeapp AB (org. no 559441-9607), Stockholm, Sweden
Contact
privacy@fixmeapp.ai

1. Introduction

Fixmeapp (“we”, “our”, “us”) is a social booking platform helping users discover, book, and connect with service providers including salons, stylists, and wellness professionals.

We respect your privacy and process information in accordance with the EU General Data Protection Regulation (GDPR), the Swedish Data Protection Act, applicable CCPA provisions, and other relevant international frameworks.

This policy explains how we collect, use, store, and share information — including data received via the Meta Graph API, Google APIs, and other third-party integrations.

2. Data we collect

We may collect the following categories of data:

  • Account information: name, username, email address, and profile photo.
  • Booking information: appointments, services, providers, preferences, and payment status.
  • Device & usage data: IP address, device type, operating system, crash logs, and in-app events.
  • Social data (optional): information from Instagram, Facebook, or Google, with your explicit consent.
  • Location data: when you enable location access.
  • Cookies & tracking: for core functionality, analytics, and security.
  • Calendar data (optional): event names, availability, and time slots for scheduling — with your consent.
  • User-generated content: photos, videos, and captions you choose to upload.

We request device access only when required to provide core functionality, and we never collect content without your action or consent.

3. How we use your data

We process personal data to:

  • provide, maintain, and personalize your experience
  • facilitate bookings, payments, and secure messaging
  • recommend services based on activity and preferences
  • conduct analytics to improve performance and reliability
  • prevent fraud, abuse, and security incidents
  • comply with legal obligations
  • sync bookings with personal calendars when you connect them
  • display uploaded media according to your visibility settings

We do not sell personal data to third parties. Voluntary sharing with partners — when offered — only occurs with informed consent, transparent terms, and an optional bonus model where users benefit directly.

4. Integration with Meta services (Instagram Graph API)

Fixmeapp connects with the Meta Graph API to import media, profile information, and insights from Instagram or Facebook. Data retrieved from the Instagram Graph API is refreshed or deleted within 24 hours, unless you have explicitly granted consent for longer storage.

We use this integration to:

  • display verified business portfolios or content
  • sync and verify social profiles
  • recommend relevant professionals or services

Our commitments:

  • Access only occurs after explicit OAuth consent.
  • We comply with Meta Platform Terms, Meta Developer Policies, and the Facebook Data Protection Addendum.
  • Data is stored on encrypted servers with industry-standard protections.
  • We never sell, transfer, or use Meta data for advertising outside our platform.
  • You can disconnect or request deletion via in-app settings or by emailing privacy@fixmeapp.ai.

4.1 Integration with Apple and Google services

When you connect Apple or Google accounts, we may receive limited data such as your name, email, and — with your explicit consent — calendar events or availability to enable scheduling and booking features.

Access is granted through secure OAuth and is revocable at any time. We never access your photos, contacts, or other personal data unless you explicitly request and approve it. Our authentication flows comply with Apple and Google Identity Services policies.

5. Data sharing

We share limited personal data with trusted service providers (“processors”) only when necessary to operate and improve Fixmeapp. All partners are bound by Data Processing Agreements and must comply with GDPR-level standards.

Cloud hosting & infrastructure

We use infrastructure providers with encryption in transit and at rest, and limited authorized access.

Analytics & error monitoring

We may use privacy-compliant analytics and error-tracking services under GDPR-compliant DPAs, used solely for product improvement — never for marketing.

AI personalization systems

Internal systems or GDPR-bound partners may process anonymized or pseudonymized data. We never perform profiling or automated decision-making without your explicit consent.

Third-party integrations (OAuth)

Where you connect external services, we access only the limited data required for the integration to function. You can revoke access at any time.

We never sell, rent, or share user data for advertising or marketing purposes outside our platform.

6. Your data rights

Under the GDPR, you have the right to:

  • access and receive a copy of your data
  • request correction or erasure (“right to be forgotten”)
  • restrict or object to processing
  • withdraw consent at any time
  • port your data to another service

To exercise any of these rights, email privacy@fixmeapp.ai with “Data Request” in the subject line. We respond within 30 days as required by law.

7. Data retention and deletion

We retain personal data only as long as necessary to provide the service and comply with legal obligations. When you delete your account, your data is permanently removed within 30 days, unless certain records must be kept for legal reasons.

To request deletion, email privacy@fixmeapp.ai with the subject “Data Deletion Request” from the email address connected to your account. We verify identity before permanent deletion, as required by GDPR and Meta Platform Policy.

8. Security

We use industry-standard safeguards including HTTPS/TLS for all connections, encryption at rest for stored data, role-based access controls, and encrypted OAuth tokens. We perform regular security reviews, backups, and vulnerability testing.

No system is 100% secure, but we work to continuously improve our posture. Production access is limited to authorized personnel under confidentiality and multi-factor authentication.

9. Ethical data economy — our vision

We believe users should be able to monitor and benefit from their own data. Our long-term goal is to enable a decentralized, ethical data economy where users choose how their data is used and earn value from voluntary sharing. This will only be implemented with clear consent and compliant frameworks. Until then, no part of your data is shared beyond what is described in this policy.

Read more about our research in this area on our Ethical Data Economy page.

10. International data transfers

Where personal data is processed outside the EU/EEA, we apply appropriate safeguards including:

  • EU Standard Contractual Clauses (SCCs), or
  • transfers to entities under an adequacy decision (e.g. the EU–U.S. Data Privacy Framework).

11. Changes to this policy

We may update this policy to reflect changes in technology or legal requirements. Updates will appear here with a revised “Last updated” date. For material changes, we will notify you via email or in-app alert and ask you to review and accept the updated policy before continued use.

12. Contact

For any privacy questions or concerns, contact us at privacy@fixmeapp.ai.

Fixmeapp AB · Stockholm, Sweden · © 2026 FIXMEAPP AB. All rights reserved. FIXMEAPP™ is a registered trademark.