← bookable

privacy

last updated · April 29, 2026

This is the privacy policy for bookable — a Shopify app for selling in-person experiences — and for this website, heybookable.com. bookable is built and operated by Public House LLC.

We collect as little as we need to run the product. We don't sell personal information. We don't use it to train AI models. We don't run analytics or advertising trackers on this site or in the booking widget.

who's responsible for what

bookable runs inside a merchant's Shopify store. When you book an experience through a merchant, the merchant is the controller of your booking — they decide what to collect, how to use it, and how long to keep it. bookable processes that data on their behalf. For anything about a specific booking, contact the merchant first.

bookable is the controller for our own internal records — audit logs and error reports.

what we collect

if you visit heybookable.com

Nothing. This site has no signup form, no analytics, no tracking pixels, and no third-party cookies. The Shopify storefront may set strictly necessary cookies for session and cart state.

if you book an experience through a bookable merchant

The merchant's bookable installation stores:

  • Booker contact info — name, email, phone, and any notes you add to your booking
  • Per-attendee details — name, email, phone, and a private link token that lets that attendee view and edit their own record (treat the link like a password)
  • Waiver / terms acceptance — when an attendee signs a merchant's document, we keep the typed name, IP address, browser user-agent string, timestamp, and the exact document text that was agreed to
  • ID verification — when the merchant requires it, verification runs through Stripe Identity. Stripe holds the actual ID document and selfie image. bookable stores the verification status, the Stripe verification session ID, a temporary link to the selfie hosted by Stripe, and (where Stripe returns it) date of birth — used to show an age chip at check-in
  • Booking, payment, and email metadata — Shopify order IDs, payment status, check-in time, and per-email delivery records (recipient + send time)
  • Audit log — an internal trail of who did what (create / update / cancel / check-in / verify) for support and dispute resolution. Sensitive fields like access tokens and the attendee link token are masked in this log

if you're a merchant using bookable

  • Shopify staff details — your name, email, Shopify user ID, role (owner / collaborator), and the OAuth tokens we need to call the Shopify API on your behalf
  • Shop settings — sender email name and address, per-offering email toggles, display preferences
  • Host / instructor profiles you publish — name, contact details, bio, photo, social handles
  • Documents and images you upload — waivers, contracts, gallery photos, host photos. These are uploaded to Shopify Files; we store the Shopify CDN reference, not the file itself

how we use it

  • To run what the merchant has configured — confirmations, reminders, check-in, refunds, ID verification
  • To investigate bugs, prevent abuse, and respond to support requests
  • To meet legal obligations

who we share it with

We use a small set of subprocessors. Each is contractually limited to the purpose it serves:

  • Shopify — checkout, payments, orders, customer accounts, and file storage for waivers and images. Payments for bookings flow through Shopify's normal checkout — bookable never sees a card number
  • Stripe — identity verification only, when the merchant turns it on. bookable does not process payments through Stripe
  • SendGrid — transactional email (booking confirmations, reminders, etc.)
  • Neon — Postgres database hosting
  • Railway — application hosting

We don't sell personal information and we don't share it with advertisers.

sms messages

If you opt in to receive text messages from Public House LLC — by submitting your mobile number at heybookable.com/pages/optin, at checkout on a bookable merchant's Shopify store, or in person — we collect your mobile number, the timestamp and source of your opt-in, the wording of the consent you agreed to, and your message history with us (delivery records, replies including STOP and HELP, and opt-out status). We use this information only to send the messages you signed up for, respond to support requests, maintain a suppression list of opted-out numbers, and meet legal record-keeping obligations.

Mobile opt-in information and SMS consent are not shared with third parties or affiliates for marketing or promotional purposes. Message delivery is processed by our messaging provider, Twilio, under their privacy terms — they handle the message itself, not our marketing.

You can opt out at any time by texting STOP to the number from which you received messages. Opted-out numbers are kept on a suppression list so we don't message you again — that's the only reason we retain them. You can ask us to delete your number entirely by emailing support@heybookable.com.

where your data lives

bookable's database is hosted in the United States (AWS us-east-1 via Neon), and the application runs on Railway in the US. Stripe, SendGrid, and Shopify process data in their own regions according to their policies. If you book from outside the US, your data will be transferred to and processed in the US.

how long we keep things

  • Bookings, attendees, signatures, and email logs: as long as the merchant keeps bookable installed. When a merchant uninstalls or asks for deletion, we delete or redact the shop's data within 30 days
  • Individual customer deletion requests: handled through Shopify's privacy webhooks (customers/data_request, customers/redact, shop/redact) and usually completed within 30 days. We redact rather than delete where merchants have a legitimate need to keep historical records (refunds, waivers, dispute resolution)
  • Audit logs: kept for the lifetime of the merchant's installation and removed when they uninstall

your rights

You can ask us to show you what we have, correct it, or delete it. The right path depends on who has your data:

  • If you're an end customer who booked through a merchant — contact the merchant first. They control the record. If the merchant doesn't respond, write to us at the address below and we'll help
  • If you're a merchant — uninstalling bookable triggers full deletion of your shop's data within 30 days. You can also email us directly

If you live in the EU, the UK, or California, you have additional rights under GDPR and CCPA — including the right to lodge a complaint with your local data protection authority.

children

bookable isn't designed for children under 16. If a child is attending an experience, a parent or guardian should make the booking and sign any required documents on their behalf.

security

Data is encrypted in transit. Access tokens, the attendee link token, and other secrets are masked in our internal logs. Access to production data is limited to the people who need it to run the service.

changes

If we make a material change to this policy, we'll update the date at the top of this page and, where required, give direct notice to affected users.

contact

Public House LLC
support@heybookable.com