Privacy Policy

Booklero is a reservation and booking management service for accommodation owners, operators, and teams. The app is operated by Goko Smileski / Booklero from North Macedonia.

This Privacy Policy explains what data we collect, why we collect it, how we protect it, and how users can request deletion of their account and workspace data.

• Account data: name, email address, login provider information, locale, profile image, workspace membership, and role/permission data.
• Workspace data: apartments or units, reservations, guest details, notes, prices, sources, iCal/imported calendar data, invoices, expenses, business details, logos, and team invitations.
• Billing data: plan, subscription status, product IDs, order IDs, provider state, Paddle subscription identifiers for web billing, and Google Play purchase tokens/order state for Android billing verification.
• Device and usage data: app activity, diagnostics, crash logs, notification tokens, analytics events, browser/device metadata, security logs, and timestamps.
• Support data: emails, support requests, screenshots, and information users choose to send us when asking for help.

• To create and secure accounts and workspaces.
• To provide booking calendar, apartment management, guest management, invoice, expense, iCal sync, team access, dashboard, widget, and notification features.
• To verify subscriptions, prevent duplicate billing, restore purchases, and manage entitlement across web and Android.
• To detect abuse, debug errors, improve reliability, provide support, and comply with legal or tax obligations where applicable.

Booklero uses third-party processors to operate the service: Supabase for authentication, database, and storage; Vercel for hosting; Google/Firebase for Google sign-in, notifications, Android billing, and analytics where enabled; Sentry for error monitoring; Paddle for web billing; Resend for transactional email; and Upstash for rate limiting.

We do not sell personal data. We only share data with processors when needed to run, secure, bill, monitor, or support Booklero.

When a user subscribes inside the Android app, purchases are handled through Google Play Billing. Booklero sends the product ID, purchase token, order ID, subscription state, and related entitlement state to our backend only to verify, acknowledge, restore, and manage the subscription.

Google Play subscriptions are managed through Google Play. If a user deletes their Booklero account while a Google Play subscription exists, they should also cancel the subscription in Google Play to avoid future renewals unless Booklero has already confirmed cancellation through support.

If users enable notifications, Booklero may use Firebase Cloud Messaging and Android notification delegation to deliver booking, arrival, departure, billing, or workspace updates. Users can disable notifications in the app or device settings.

Booklero uses essential cookies for authentication and workspace selection. The app may temporarily store non-secret workspace cache, UI preferences, draft changes, or offline sync data on the device so the app can recover from slow or interrupted network connections.

Users should protect access to their device because reservation, guest, invoice, or business information may be visible to anyone who can open an authenticated session.

We keep account and workspace data while the account is active. We delete or anonymize account and workspace data after a valid deletion request unless retention is required for security, fraud prevention, tax, billing, dispute, or legal reasons.

Signed-in users can request deletion from Profile > Danger Zone. Users can also visit /account-deletion or email support from their registered email address.

Depending on your location, you may request access, correction, export, restriction, objection, or deletion of your personal data.

For privacy, account deletion, security, or billing questions, contact support@booklero.com.