Privacy Policy

Last Modified: July, 2026

Scope of this Policy

Thank you for using Goldie.

Quartet Holdco S.R.L, a fully owned subsidiary of Universe Software, is a Romanian company, headquartered at 40 THURZÓ SÁNDOR Street, ground floor, Oradea, Bihor, registered with Bihor Trade Registry under no J5/270/2022 (referred to as  “Quartet”, “we” or “us”).  Quartet recognizes that our platform https://heygoldie.com (the “Site”) and any related services (the “Services”) we offer, including our free appointment scheduling software (“App”), can only work if we build a relationship of trust with our users.

User” for the purpose of this Policy refers to anyone who uses our Services, including those who use our App and general visitors of our Site, while “you” refers to you, as a natural person who is regarded by this Privacy Policy.

We control the purpose for which, and the manner in which, Personal Data (as defined below) about you is processed. We are therefore the data controller under applicable data privacy laws.

This Privacy Policy outlines the categories of Personal Data the Site collects from you, that you provide to us, or that you authorize to be provided to us or that we collect from third party resources for marketing or other purposes in relation to our Services, as per your expressed options and in line with the applicable data protection rules, the purposes for which your Personal Data might be used and the safeguards we put in place in the course of our relationship with you to protect your Personal Information, as well as your data privacy rights.

By continuing to use our Site, our App and/or our Services, you expressly consent to our processing of your Personal Data (as defined below) as described in this Privacy Policy (as modified from time to time) and to being bound by the provisions hereof.  When using our Site, our App and/or Services, please always also read our Terms & Conditions.

Third Party Websites and Services

You should be aware of the fact that our Site may contain hyperlinks to third party websites, apps, etc., which are not controlled by us and which are not covered by this Privacy Policy. We have no responsibility or liability for the content and activities of these third-party websites, apps, etc.

As these third parties may collect your Personal Data, we suggest that you consult the privacy policies of these third parties to learn more about their use of your Personal Data.

Cookies

Our Site makes use of cookies. For more information on this subject, please also consult our Cookies Policy.

Who are We?

We are a technology company developing the App, called “Goldie”.

“Goldie” is a free appointment scheduling software whereby a whole set of Services are provided to the Users of our Site, including online booking, managing your appointments, and sending text reminders.

What information do we collect about you?

So that we are clear about the terminology we are using, “Personal Data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Personal Data obtained from you

Firstly, we may obtain your Personal Data from you voluntarily when signing up to the App and / or using our Services, as well as in other circumstances, such as when filling out a survey, making a comment or enquiry, posting something on our social media pages, subscribing to direct marketing, etc.

Personal Data collected this way may include:

• your sign-in credentials (email and hashed password);

• your name and surname; your profession;

• your phone number;

• your address and your e-mail address;

• if you opt to using the payment service offered via the platform, your personal data that allow the processing of payments through the Site, including: tax and personal identifiers (such as, social security numbers or EIN, depending on the jurisdiction/ national laws) and banking information;

• any Personal Data revealed in your usage of the App, such as service prices, customer names and phone numbers, appointment notes and reminder messages;

• any Personal Data revealed by users’ customers while scheduling appointments online, such as names and surnames, phone numbers, email addresses and messages, and any other information that we deem necessary for the purpose of providing you with our Services or which you provide to us voluntarily.

Personal Data obtained from other sources

We may also collect Personal Data or information about you from other sources. These other sources may include:

• our trusted business partners;

• social media sites;

• consumer research organisations;

• other members of our group, and personal Data collected this way may include: your interests, consumer and market research data, purchase behavior, or activities such as blogs, videos, internet postings and user generated content that you share with third parties and/ or us.

The above personal data is collected only in line with your expressed options for such data sharing.  

Information collected automatically

Lastly, some information may be collected automatically when you visit our Site or use our App and Services, such as information collected by cookies and other technologies (including web analytic tools) on our Site. Please also consult our Cookies Policy for more information on how we make use of cookies and other automated means of data collection.

Information collected this way may include:

• information about your use of our Site or the App, such as, IP address, log files, user activity, time stamps, etc., and technical information transmitted by your device, including certain software and hardware information (e.g., the type of browser and operating system your device uses, language preferences, location, device id, access time and the domain name of the website from which you linked to the Site etc.).

For the avoidance of doubt, any aggregate, non-personal or technical information collected, which is or may be connected or linked to the identities of the relevant users, shall be deemed as Personal Data as long as such connection or linkage exists or may be made using all the means reasonably likely to be used. In such situations, the provisions in this Privacy Policy regarding Personal Data shall apply mutatis mutandis to the aggregate, non-personal or technical data mentioned in this Section. For clarity purposes, as an example, if we have sufficient information to link an IP address to a particular individual user (e.g., through login details, cookies, or any other information or technology) then that IP address is Personal Data and is subject to the full protections of data protection law and this Privacy Policy.

For which purposes may we use your Personal Data?

We may use your Personal Data to:

• create and manage your account;

• enhance or improve User experience, our Site, or our Service;

• increase the efficiency and operation of the App;

• resolve disputes and troubleshoot problems;

• email you regarding your account or order;

• respond to product and customer service requests;

• monitor and analyse usage and trends to improve your experience with the App; notify you of updates to the App;

• generate text suggestions and smart replies for your account as part of various AI assistant features;

• send you newsletters, surveys, offers and other promotional materials related to the App or our services which we believe are useful for you, according to your expressed options to this end;

• send your customers notifications about their appointments via email or text message;

• request feedback and contact you about your use of the App or Site; fulfil and manage purchases, orders, payments, and other transactions related to the App;

• perform any other function that we believe in good faith is necessary to protect the security or proper functioning of our Site or Service, and sending you push notifications regarding your account or the App, which you consent to.

Our use of your Personal Data for the business purposes described above is performed in accordance with law, respectively for which the following legal basis are applicable:

• it is necessary for our legitimate interests in the effective conduct or our business and activity, including for the purpose of delivery of information, of the Services and of the App to you and in the effective and lawful operation of our business (in each case provided such interests are not overridden by your rights);

• it is necessary for taking steps to enter into a contract with you for the App and the Services you purchase, or for carrying out our obligations under such a contract;

• it is required to satisfy any legal or regulatory obligations that we are subject to; and

• in limited circumstances and as required by local law, you have agreed to us processing your Personal Data, such as, when you consent to receiving push notification or you or your customers opt-in to e-marketing (with regard to your customers, they can opt-in for text/SMS messages – including appointment reminders, special offers, or other updates – during the process of setting up of an appointment online on the Site).

To whom we may disclose your Personal Data?

We may disclose your Personal Data:

(a) to third party vendors/suppliers who help us provide the Site, and /or the App, and/or the Services (as detailed below);

(b) to third parties to whom you ask us to send Personal Data, including other users to whom you authorize us to provide certain details of your Personal Data;

(c) as required by law, such as to comply with a subpoena or otherwise in response to a lawful request by public authorities (including to meet national security or law enforcement requirements), or similar legal process when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;

(d) to a parent company, any subsidiaries, joint ventures, or other companies under common control with us (collectively, “Affiliates”), in the event we have such Affiliates now or in the future, in which case we will require our Affiliates to observe this Privacy Policy, or

(e) to a company that merges with us, acquires us, or purchases our assets, or a successor in interest in bankruptcy, in which case such company may continue to process your Personal Data as set forth in this Privacy Policy and in accordance with the applicable privacy rules.

We will share your Personal Data with third parties only in the ways that are described in this Privacy Policy, only to the extent necessary as per the applicable purpose of the disclosure and in strict compliance with applicable data privacy laws (including by observing the requirement to conclude compliant data processing agreements with any third-party processor carrying out their tasks on our behalf and upon our instructions).

We do not otherwise share or sell your Personal Data with or to third parties. We may use and disclose anonymous / aggregate information without restriction given that this is no longer personal data meaning it will no longer lead to any identification of a natural person. We do not and will not share, disclose, sell, rent, or otherwise provide Personal Data to other companies for the marketing of their own products or services.

In the context of the data processing activities described in this Privacy Policy, we may transfer your personal data abroad within EU/ EEA aria – where personal data benefits of an adequate level of personal data protection. Your personal data may be transferred for specific purposes and under specific and adequate data protection guarantees allowing the transfer as per the law, to countries outside EU/ EEA as USA. Such data transfers will occur only in line with the applicable legal rules for ensuring the adequate protection of your personal data in the context of such transfer.

Third-Party Access to Your Information

Although you are entering into an agreement with us, to disclose your information to us, we do use third party individuals and organizations to assist us, including contractors, web hosts, and others. Throughout the course of our provision of our Services to you, we may delegate our authority to collect, access, use, and disseminate your information. For example, our web host stores the information that you provide us and we may hire outside contractors to perform maintenance or assist us in securing our website. This disclosure will be made under adequate guarantees as data processing agreements and data privacy engagements, as applicable under the relevant privacy laws.

Depending on your expressed options in line with GDPR (as implemented via specific online forms and/ or other electronic communication means you access or give permission to, we may collect, share, store, exchange, and otherwise use your information in conjunction with:

• Apple App Store
• Google Play
• Google Analytics
• SendGridNexmo (Vonage)
• Hetzner Online
• Firebase by Google
• Meta
• Braze
• Appsflyer
• Open AI
• Snowflake
• Segment
• Notion
• Revenuecat
• Mixpanel
• Amazon Web Services
• Stripe
• WP forms
• WP Engine
• ByteDance
• Anthropic
• Intercom

Please also consult their independent Privacy Policies for information on how such external – third parties may process at their turn, your personal data.

Your Rights

You benefit of a number of rights under the data protection laws in relation to your Personal Data, as follows:

• the right of access: You have the right to obtain from us confirmation as to whether or not Personal Data concerning you is being processed (by contacting us at support@heygoldie.com) and, where that is the case, access to (including by obtaining a copy of) such Personal Data and the manner in which, and the purposes for which we process your Personal Data so that you can verify its accuracy and the lawfulness of the processing.  

• the right to rectification: You have the right to have inaccurate Personal Data concerning you rectified without undue delay and the right to have incomplete personal data completed. To review or update your Personal Data including user information to ensure it is accurate, please write to us at support@heygoldie.com informing us of any changes that may need to be made in respect of your Personal Data and we will update such information on your behalf and in our systems. Note, you can also see, review, change, and/or update your Personal Data by logging into the Service.

• the right to erasure: You have the right to obtain from us the erasure of your Personal Data where

(a) your Personal Data is no longer necessary for the purpose for which it was collected/processed;
(b) you wish to withdraw your consent to the processing of such data by us (except where we have another legal ground for the processing that we may rely on);
(c) where processing is based on our legitimate interests and there are no overriding legitimate grounds for processing;
(d) where your Personal Data has been unlawfully processed.

• the right to restriction of processing:  You have the right to obtain from us the restriction of processing of your Personal Data where
(a) the accuracy of such Personal Data is contested by you (for such period as will enable us to verify the accuracy of your Personal Data);
(b) the processing of your Personal Data is unlawful, but you object to the deletion of such data and request restriction of its use instead;
(c) you consider that we no longer need your Personal Data for the purposes of the processing, but require such Personal Data for the establishment, exercise or defence of legal claims;
(d) you have objected to the processing of your Personal Data on grounds of ‘legitimate interest’, pending verification by us on whether our legitimate grounds override your own.

• the right to objection of processing: You have the right to object to processing of your Personal Data that is based on our legitimate interests. If this is done, we must provide compelling legitimate grounds for the processing which overrides your interests, rights and freedoms, in order to proceed with the processing of your Personal Data. You may object to the processing of your Personal Data for direct marketing purposes at any time, without giving reason.

• the right to withdraw consent to our processing of your personal data to the extent such processing is based on consent. For example, you may opt out of receiving promotional emails from us by following the instructions in the emails themselves or by emailing support@heygoldie.com. If you opt-out, we may still send you non-promotional emails, such as emails about your accounts or our ongoing business relations which are not based on your consent.

• the right to data portability: You have the right to receive the Personal Data relating to you and that you have provided to us, in a commonly used electronic format, by using the Export Data option in the App. You have the right to transmit that data to another controller (please note this applies only where our processing of your Personal Data is based on your consent or on a contract, and the processing is carried out by automated means).

• the right to complain: You have the right to complain to the competent data supervisory authority (in Romania, such authority is the Romanian National Authority for the Supervision of Personal Data Processing (www.dataprotection.ro)).  

You can exercise any of your rights as stated above, by sending us a request to support@heygoldie.com. We will endeavour to respond to any such request as soon as possible, and in any event within the legal deadline.

Alongside, you have the right to refer to courts of law in data protection matters, under the legally prescribed conditions.

Also, Goldie permits residents of the State of California to use its services. Therefore, it is the intent of Goldie to comply with the California Business and Professions Code §§ 22575-22579. If you are a California resident you may request certain information regarding our disclosure of personal information to any third parties for their direct marketing purposes. Various provisions throughout this Privacy Policy address requirements of the Californian privacy statutes. In summary, you must presume that we collect electronic information from all visitors. You may contact us at support@heygoldie.com with any questions.

Limitations

There are some legally set exceptions to the exercise of certain data protection  rights, however, such as in the case of the right to erasure, amongst others, for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; for reasons of public interest in the area of public health in accordance with the law, or for the establishment, exercise or defence of legal claims.

If you wish to delete your account, you may do so at any time by emailing us at support@heygoldie.com or by selecting the Delete Account option in the App. Deletion is your sole means of terminating your account. Please note that once you delete your account you will no longer be able to enjoy the full functionality of the Site and/or (part or all) of the Services we provide. However, pending 30 days as of deletion request, depending solely on your voluntary and free option, you may still recover the account. Hence, your account data will be deleted maximum 30 days as of your deletion request. Certain information is necessary in order for us to provide the Site; therefore, if you delete such necessary information, you will not be able to use the Site and/or the Services. In addition, you may opt-out of providing information via the App at any time by uninstalling the App using the standard uninstall process available on your mobile device or via the mobile application marketplace or store.

Please remember, however, if we have already disclosed some of this information to third parties, we cannot access that information any longer and cannot force the deletion or modification of any such information by the parties to whom we have made those disclosures. We will of course comply with any legal obligation we may have to notify them of your request.

Also, although most changes may occur immediately, information may still be stored in a web browser’s cache. We take no responsibility for stored information in your cache, or in other devices that may store information, and disclaim all liability of such.

If you have unsubscribed from receiving marketing information from us, we will continue to maintain your Personal Data for any other purpose for which we still have legal grounds for processing such Personal Data (such as the performance of a contract, for the purposes of complying with a legal obligation or when the processing is necessary for the purpose of a legitimate interest of us excepting direct marketing).

Please note that any processing of your Personal Data prior to the deletion of your account with us, or your request that we no longer contact you for direct marketing purposes will remain valid under the legal grounds then prevailing.

How we protect your Personal Data?

The security of your Personal Data is important to us and so we take great care in implementing and maintaining the security of the Site, of the App and of the Services we provide and of your Personal Data.

We have put in place appropriate technical and organizational measures to protect your Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access and against all other unlawful forms of processing, in accordance with the law. In addition, we employ industry standard procedures and controls to ensure the safety of your Personal Data.

Such measures to enhance the security of our Site and Services include using  SSL certificates and a one-way hashing algorithm for storing Users’ passwords.

How long do we keep your Personal Data?

We endeavor to ensure that Personal Data are kept as current as possible and that irrelevant or excessive data are deleted or made anonymous as soon as reasonably practicable. We retain Personal Data about you only for as long as it serves a purpose of processing mentioned in this Privacy Policy. This does not prevent us from processing your Personal Data for longer periods of time, to the extent such processing reasonably serves other purposes, including for statistical analysis and is compatible with the purpose the data was initially collected (in line with the applicable data protection rules). To this end, this Privacy Policy may be updated as needed to inform you on such subsequent processing purposes in line with the legal rules.

However, some Personal Data may be retained for varying time periods in order to comply with legal and regulatory obligations and for other legitimate business reasons. We will generally retain your Personal Data only so long as it is required for purposes for which it was collected. Where your Personal Data is no longer required, we will ensure it is either securely deleted or stored in a way which means it will no longer be used by the business.

Subject to the principles set out in the above paragraph, we will delete your account and of the data related to it the earlier of (i) your express request to support@heygoldie.com; or (b) 1 year as of  your last use of the App or in strictly justified cases, 3 years – where it is reasoned by the general statute of limitation for claims, or specifically determined periods of time computed as of your last accessing of the Website or of any of our Services.

Minors

We do not knowingly solicit information from or market to or in any other way collect Personal Data from minors. If you are under the age of 18, please do not submit any Personal Data to our Site. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Privacy Policy by instructing their children never to provide Personal Data to our Site without their permission. If you have reason to believe that a minor has provided Personal Data to us, please contact us using the details provided below.

Changes to this Privacy Policy

We will update this Privacy Policy at any time necessary, as per the applicable legal rules in data protection field. Updated versions of this Privacy Policy  will be signaled accordingly to Users by updating the date of this Privacy Policy and posting it on the Site. We may also provide notification of changes in another way that we believe is reasonably likely to reach Users, such as via e-mail (if a User has an account) or another manner through the Site, where material changes to the Policy occur, for example.

Contact us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at support@heygoldie.com.

The word 'Goldie' in large, bold, yellow stylized text on a transparent background.