Privacy Policy

This Privacy Policy describes how ScheDjin (schedjin.com), operated by Artem Dzhinenko, individual entrepreneur (FOP), Ukraine ("we", "us", or "our"), collects, uses, and protects your personal data. We comply with the EU General Data Protection Regulation (GDPR).

1. Data We Collect

Account data — collected when you register:

• Name and email address
• Password (stored as a one-way hash — we never see it)
• OAuth provider identifier (if you sign in via Google)

Business data — entered by you while using ScheDjin:

• Company name, description, address, phone, logo
• Work schedule and service list (procedures)
• Appointment records including client names, phone numbers, and email addresses

Payment data — handled entirely by Paddle (our payment processor). We never receive or store your full card number, CVV, or bank account details. We may store your Paddle customer ID and subscription status.

Technical data — collected automatically:

• IP address and browser user-agent (for security and fraud prevention)
• Session cookies required for authentication
• Error logs (may contain request details, but not passwords or card data)

2. How We Use Your Data

• To provide and operate the ScheDjin service
• To send transactional emails (account verification, password reset, master invitations)
• To process subscription payments via Paddle
• To detect and prevent fraud or abuse
• To send product update emails (you may opt out at any time)

We do not sell your data to third parties. We do not use your data for advertising.

3. Third-Party Services

We share data with the following trusted processors:

• Paddle (privacy policy) — payment processing and subscription management. Paddle is the Merchant of Record and processes billing data under their own privacy policy.
• Resend (privacy policy) — transactional email delivery. We share your email address and name with Resend solely to deliver emails you trigger (e.g. invitations, password resets).
• Google (privacy policy) — optional OAuth sign-in. If you use "Sign in with Google", Google shares your name and email with us. We do not receive your Google password.
• DigitalOcean — cloud infrastructure. Your data is stored on servers located in the EU (Amsterdam, AMS3 region).

4. Data Retention

• Active accounts: data is retained as long as the account exists.
• Deleted accounts: data is permanently erased within 30 days of deletion.
• Cancelled subscriptions: account data is retained on the free plan indefinitely unless you delete your account.
• Email logs: retained for 90 days for delivery troubleshooting.

5. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

• Access — request a copy of all data we hold about you
• Rectification — correct inaccurate data
• Erasure — request deletion of your account and data
• Portability — receive your data in a machine-readable format
• Object — object to processing based on legitimate interests
• Withdraw consent — for any processing based on consent

To exercise any of these rights, email us at support@schedjin.com. We will respond within 30 days.

6. Cookies

ScheDjin uses only essential cookies required for authentication and security (session cookie, CSRF token). We do not use tracking, analytics, or advertising cookies. No cookie consent banner is required as we use strictly necessary cookies only.

7. Data Security

We use HTTPS encryption for all data in transit. Passwords are hashed using bcrypt. Access to production data is restricted to authorised personnel only. Despite our best efforts, no transmission over the internet is 100% secure.

8. Children's Privacy

ScheDjin is not directed at children under 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you by email at least 14 days before material changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.

10. Contact & Data Controller

Data controller: Artem Dzhinenko, individual entrepreneur (FOP), Ukraine.
Email: support@schedjin.com