Privacy Policy

This English version is provided for convenience only. The Bulgarian-language version of this Privacy Policy is the legally binding text and prevails in any dispute.

Welcome to ApexLoge (available through apexloge.com and its associated subdomains and applications). This Privacy Policy describes how "Adstic Interactive" Ltd., UIC 206749752, registered in Varna, Bulgaria, represented by manager Vladimir Vladimirov ("We", "Us", "ApexLoge", "the Company") collects, uses and protects your personal data.

This policy applies to:

1. Businesses (Salons and Professionals): legal entities or individuals who use our SaaS platform and booking widgets to manage their business.
2. End Customers (Users): individuals who book appointments and services with Businesses through the ApexLoge infrastructure.

1. The role of ApexLoge

It is important to note that with respect to data collected when bookings are made:

• The Business (Salon) is the Data Controller for its End Customers.
• "Adstic Interactive" Ltd. (ApexLoge) acts as the Data Processor, providing the software infrastructure for the Business.
• We collect and process data of the Businesses themselves as a Data Controller for the purpose of providing our service.

2. What data do we collect?

2.1. For Businesses (Salons)

To create an account and use our SaaS platform, we collect:

• Registration data: name, email address, phone number, salon/business name.
• Verification and payment data (via Stripe): since payments are processed by our partner Stripe, specific data is required (KYC/KYB). Stripe allows registration of both legal entities and individuals.
  • For individuals: full name, date of birth, national ID/tax number (depending on country), exact address, identity document (e.g. photo of ID card or passport), and a bank account in your name.
  • For legal entities: company details (UIC, address), as well as data on managing directors/beneficial owners.
• Technical data: IP address, browser and device details, activity logs from the platform.

2.2. For End Customers

When you make a booking with a Business through the ApexLoge widget:

• Contact data: first name, last name, email address, phone number.
• Booking data: chosen service, date, time, professional, visit history.
• Financial data: credit/debit card data (entered directly into Stripe's secure environment; ApexLoge does NOT store credit card numbers).

3. Payment processing and the role of Stripe

ApexLoge does not hold or store funds belonging to End Customers or Salons. We only provide a software service (SaaS) that facilitates the connection between them.

• All financial transactions are processed directly by Stripe, Inc.
• The payment flows directly from the End Customer to the respective Business (with deduction of any platform usage fees).
• Businesses must complete an identity verification process (KYC) with Stripe. If the Business does not provide the data required by Stripe within the set deadlines, payouts may be paused, and prolonged lack of verification may result in account closure with funds refunded to End Customers.

4. How do we use your data?

• To create and manage your ApexLoge profile.
• To provide the booking widget functionality (appointments, email reminders).
• To improve our services (analytics, bug fixing).
• To comply with legal obligations and prevent fraud (in cooperation with Stripe).

5. Sharing data with third parties

Your data may be shared with:

• Stripe: for payment processing and identity verification.
• Cloud and hosting providers: for database storage (e.g. Supabase, AWS).
• Communications providers: for sending transactional emails (e.g. Resend).
• Government and law-enforcement authorities: when required by law.

We do not sell your personal data to third parties.

6. Your rights (under GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

• Right of access: you can request information about what data we hold on you.
• Right to rectification: you can request correction of inaccurate or incomplete data.
• Right to erasure ("right to be forgotten"): you have the right to request full deletion of your personal data from our systems when it is no longer needed for the purposes for which it was collected, or when you withdraw your consent.
• Right to restrict processing: you can request a temporary suspension of the processing of your data.
• Right to portability: the right to receive your data in a structured format.

How to request data deletion:

• For Businesses (Salons): you can delete your account directly via your account settings in ApexLoge or by emailing us at the contacts below. All your data will be removed except what we are legally obliged to retain (e.g. for accounting purposes).
• For End Customers: since the Business (Salon) where you booked is the Data Controller for your data, you must direct your deletion request to them. ApexLoge (as Processor) will assist the Business with the technical erasure of data from our servers.

You also have the right to file a complaint with the supervisory authority (in Bulgaria, this is the Commission for Personal Data Protection).

7. Contact

If you have questions about this Privacy Policy, please contact us:

"Adstic Interactive" Ltd.
UIC: 206749752
Address: Varna, Yuri Venelin 13, Bulgaria
Manager: Vladimir Vladimirov
Email: contact@adstic.bg
Phone: +359 892 000 392