Privacy policy.

Last updated: November 2025
Company: Fixmeapp AB (org. no 559441-9607)
Address: Stockholm, Sweden
Contact: privacy@fixmeapp.ai

1. Introduction

Fixmeapp (“we”, “our”, “us”) is a social booking platform that helps users discover, book, and connect with service providers such as salons, stylists, and wellness professionals.

We respect your privacy and process personal information in accordance with the EU General Data Protection Regulation (GDPR), the Swedish Data Protection Act, and —where applicable— the California Consumer Privacy Act (CCPA) and other international privacy frameworks.

This Privacy Policy explains how we collect, use, store, and share your information — including any data obtained through the Meta Graph API, Google APIs, or other third-party integrations.

2. Data We Collect

Depending on how you use Fixmeapp, we may collect and store the following categories of data:

  • Account information: name, username, email address, and profile photo.

  • Booking information: appointments, services, providers, preferences, and payment status.

  • Device & usage data: IP address, device type, operating system, crash logs, in-app events (for analytics and security).

  • Social data (optional): information you choose to share from connected accounts (Instagram, Facebook, Google) — only with your explicit consent.

  • Location data: when you enable location access to find nearby services.

  • Cookies & tracking: for essential site functionality, analytics, and security.

Calendar data (optional): if you connect your calendar or grant access (e.g. through Apple or Google), Fixmeapp may access event names, availability (busy/free), and time slots for the purpose of scheduling or syncing bookings.
This data is processed locally and only stored when necessary to complete a booking or display your availability.

User-generated content (photos, videos, captions): when you upload media from your device (e.g., portfolio, profile, reviews, or stories), Fixmeapp temporarily accesses your photo library or camera only with your explicit permission.
Media is stored securely and can be deleted by you at any time.

Fixmeapp requests access to device features (camera, photo library, calendar, location) only when required to provide core functionality, and never collects content without the user’s action or consent.

3. How We Use Your Data

We process personal data to:

  • Provide, maintain, and personalize your Fixmeapp experience.

  • Facilitate bookings, payments, and secure messaging between users and providers.

  • Recommend services or content based on your activity and preferences.

  • Conduct analytics to improve performance and develop new features.

  • Prevent fraud, abuse, or security incidents.

  • Comply with legal obligations (accounting, tax, data retention).

Sync bookings with your personal calendar (if permission granted) to help manage upcoming appointments.

Display and share your uploaded media (e.g., portfolio or social feed) within Fixmeapp, according to your visibility settings and preferences.

Fixmeapp does not sell personal data to third parties.

When users voluntarily choose to share data with trusted partners (for example, to receive relevant offers or participate in data-driven programs), this occurs only with informed consent, transparent terms, and an optional bonus model in which the user benefits directly.

4. Integration with Meta Services (Instagram Graph API)

Fixmeapp connects with the Meta Graph API to enable importing media, profile information, and insights from Instagram or Facebook. Data retrieved from the Instagram Graph API is refreshed or deleted within 24 hours, unless the user has explicitly granted consent for longer storage (as required by Meta Platform Policy §3.5)

This integration is used solely to:

  • Display verified business portfolios or content.

  • Sync and verify social profiles.

  • Recommend relevant professionals or services.

Our commitments:

  • Access occurs only after the user grants explicit OAuth consent.

  • We comply with Meta Platform Terms, Developer Policies, and Facebook Data Protection Addendum.

  • Data obtained from Meta is stored on encrypted servers (AWS / Supabase).

  • We never sell, transfer, or use Meta data for advertising outside FixMeApp.

  • Users can disconnect or request deletion of imported data at any time via settings or privacy@fixmeapp.ai.

4.1 Integration with Apple and Google Services

If you choose to connect your Apple or Google account within Fixmeapp, we may access limited data such as your name, email, and — with your explicit consent — calendar events or availability to enable scheduling and booking features.

Access is granted through a secure OAuth process and can be revoked at any time from within Fixmeapp.

We never access your photos, contacts, or other personal data unless explicitly requested and approved by you.

All authentication data is handled securely and complies with Apple Sign in with Apple and Google Identity Services policies.

5. Data Sharing

We share limited personal data with carefully selected and trusted service providers (“processors”) only when necessary to operate and improve FixMeApp.
All partners are bound by Data Processing Agreements (DPAs) and must comply with GDPR-level security and confidentiality standards.

We may share data for the following purposes:

Cloud hosting & infrastructure
We use providers such as AWS and Supabase to store and process data securely.
All information is encrypted at rest and in transit, and access is limited to authorized personnel only.

Analytics & crash reports
We work with privacy-compliant providers such as Sentry and Amplitude to monitor app performance and detect bugs.
These services process data under GDPR-compliant DPAs and are used solely for product improvement, never for marketing.

AI personalization systems
Internal or GDPR-bound partners may process anonymized or pseudonymized data to improve personalized user experiences.
We never perform profiling or automated decision-making without explicit consent.

Third-party integrations (OAuth)
When you connect services such as Meta, Google, or Apple, Fixmeapp only accesses the limited data required to enable that integration.
All connections occur through secure OAuth consent flows, and you can revoke access at any time.

Fixmeapp never sells, rents, or shares user data for advertising or marketing purposes outside our platform.

6. User Control & Data Rights

Under GDPR, you have the right to:

  • Access and receive a copy of your data.

  • Request correction or erasure (“right to be forgotten”).

  • Restrict or object to processing.

  • Withdraw consent at any time.

  • Data portability to another service.

To exercise these rights, email privacy@fixmeapp.ai and include “Data Request” in the subject line.
We will respond within 30 days as required by law.

7. Data Retention and Deletion

We retain personal data only as long as necessary to provide our services and comply with legal obligations.
When you delete your account, we permanently remove your personal data within 30 days, unless certain records must be kept for legal reasons (e.g., transaction history required by tax law).

If you wish to delete your data, please email us from the address connected to your Fixmeapp account at
📧 privacy@fixmeapp.ai with the subject line “Data Deletion Request.”

Once we verify your identity, we will permanently delete your account and associated data in accordance with GDPR and Meta Platform Policy requirements.

8. Security

We use industry-standard measures including AES-256 encryption, HTTPS/TLS secure connections, and role-based access controls.
Regular security audits, backups, and vulnerability testing are performed.
Despite these measures, no system is 100% secure; we continuously improve protection to mitigate risk.

Sensitive OAuth tokens (from Apple, Google, or Meta) are encrypted and never stored in plaintext.

Access to production systems is limited to authorized personnel under strict confidentiality and multi-factor authentication.

9. Ethical Data Economy — Our vision

Fixmeapp believes users should monitor and benefit from their data.
Our long-term goal is to enable a decentralized, ethical data economy where users can choose how their data is used and earn value from sharing it voluntarily.
We will implement such features only with clear consent and compliant smart-contract frameworks when available.

10. International Data Transfers

If personal data is processed outside the EU/EEA (for example in the United States), we apply:

  • EU Standard Contractual Clauses (SCCs), or

  • Transfers to entities covered by an adequacy decision (e.g., EU–U.S. Data Privacy Framework).

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in technology or legal requirements.
Updates will appear on this page with a revised “Last Updated” date. Material changes will be notified via email or in-app alert. The current version of this policy is always available at https://fixmeapp.ai/privacy-policy

Users will be asked to review and accept the updated policy before continuing to use the app when material changes occur.

12. Contact

If you have questions or concerns about this policy or your data, contact:
📧 privacy@fixmeapp.ai