Last updated: 18 February 2026
Bookissa.com (“Bookissa”, “we”, “us”, or “our”) is committed to protecting and respecting your privacy.
If you are located in the United Kingdom or the European Union, Bookissa acts as the data controller in respect of personal data processed through www.bookissa.com, associated websites, and our mobile applications (collectively, the “Services”), unless expressly stated otherwise.
This Privacy Notice explains how we collect, use, store, protect, and disclose your personal data when you interact with our Services.
If you have any questions regarding this Notice or wish to exercise your data protection rights, you may contact us:
By email: info@bookissa.com
Data Protection Officer: info@bookissa.com
This Notice applies if you:
Visit or browse our Services;
Purchase products or book appointments through the platform as a Client;
Purchase or use a Bookissa gift card;
Work for or operate a business listed on the platform as a Partner.
We only process personal data where we have a lawful basis under applicable data protection legislation (including the UK GDPR and EU GDPR).
We do not sell your phone number. We do not share it with third parties except where legally required.
When you browse or interact with our Services, we automatically collect certain information:
This may include:
IP address
Device identifiers
Login data
Browser type and version
Operating system and platform
Device settings (language, time zone)
Mobile network or ISP information
App version and hardware details
This may include:
Pages visited and navigation paths
Dates and times of access
Clickstream data
Page response times
Interaction data (scrolling, clicks)
Campaign tracking data
Customer support interactions
Where permitted by your device settings or consent, we may collect:
Country or regional location derived from IP address
GPS coordinates (if enabled)
Device advertising identifiers
Location data is used to:
Deliver location-based services
Prevent fraud
Provide relevant content
You may disable location services via your device settings.
We may use automated tools and profiling techniques to analyse usage behaviour and deliver personalised marketing communications through email, SMS, social media, or other digital channels.
You may object to profiling for marketing purposes at any time.
If you contact us, we may collect:
Name
Email address
Telephone number
Social media handle
Emails
Messages
Call records
Customer support correspondence
We use this information to:
Respond to enquiries
Provide customer support
Share requested information
Communicate technical or service updates
When you create an account or use our Services to make purchases or bookings, we may collect:
Full name
Date of birth
Gender
Email address
Address
Phone number
Profile photo (optional)
Social login credentials (Google, Facebook, Apple)
Unique user ID
We may also collect:
Booking and purchase history
Payment method metadata
Saved preferences
Reviews and user-generated content
Referral information
Cookie-related data
This information is used to:
Maintain and administer your account
Facilitate bookings and payments
Provide customer support
Fulfil contractual obligations
Personalise your experience
Recommend relevant services or Partners
Partners may request health-related or other sensitive data (e.g., pregnancy status) via consultation forms.
In such cases, the Partner acts as the data controller for that information.
Bookissa processes such data only as necessary to provide the platform functionality.
Where you are employed by or contracted to a Partner, we may collect:
Name
Role
Business name
Contact details
Login credentials
Identity verification results (without retaining underlying documents)
Appointment data
POS data
Marketing content
Reporting and analytics data
The Partner is the data controller in respect of this information.
We may process:
Contact information
Marketing preferences
Opt-in/opt-out records
We use this data to:
Send newsletters and promotional content
Deliver personalised marketing
Conduct surveys
Assess marketing effectiveness
You may withdraw consent or unsubscribe at any time using the unsubscribe link or by contacting us.
We rely on the following lawful bases:
For marketing communications and certain cookies.
To perform obligations arising from contracts with you.
To comply with regulatory or statutory duties (e.g., anti-money laundering).
Including:
Improving our Services
Ensuring security
Business development
Fraud prevention
Marketing to businesses
We conduct balancing assessments to ensure our interests do not override your rights.
Where you make a booking or purchase, we share relevant contact and transaction data with the relevant Partner.
Public reviews may display:
Rating
Review content
Review date
First name and last initial
Reviews may remain visible after account termination.
We may share data with:
Hosting providers
Payment processors
IT support providers
Marketing service providers
Professional advisers
All processors act under contractual obligations compliant with GDPR.
We may disclose data:
To comply with legal obligations
To prevent fraud
During business transfers
Bookissa operates internationally.
Where personal data is transferred outside Malta or the EEA, we implement appropriate safeguards, including:
Standard Contractual Clauses (SCCs)
Adequacy decisions
Supplementary technical measures
For further details, please contact us.
We implement appropriate technical and organisational measures, including:
Encryption in transit
Secure databases
Access controls
Logging and monitoring systems
However, internet transmission cannot be guaranteed to be entirely secure.
Payments are processed by Stripe.
Card information is provided directly to Stripe. Bookissa receives only limited pseudonymised card data, including:
Card brand
Cardholder name
Last four digits
Expiry month and year
Stripe processes payment data in accordance with its own privacy policy.
Our Services may contain links to third-party websites. We are not responsible for their privacy practices.
We retain personal data:
For as long as necessary to fulfil the original purpose; and
For up to six (6) years thereafter to manage legal claims.
Longer retention may apply where legally required.
Aggregated or anonymised data may be retained indefinitely.
You have the following rights under applicable data protection law:
Access your personal data
Rectification
Erasure
Restriction of processing
Objection to processing
Data portability
Withdrawal of consent
To exercise your rights, contact: info@bookissa.com
You also have the right to lodge a complaint with the Maltese Data Protection Authority or your local supervisory authority.
We may update this Notice periodically. Material changes will be notified via email or through our Services.
We use cookies and similar technologies (including device identifiers, pixel tags, and web beacons) to:
Distinguish users
Improve performance
Store preferences
Deliver personalised content
Some cookies expire at the end of your session. Others persist for longer periods.
Further details are provided in our Cookie Notice.