JB Wood Design — home

← Back to home

Privacy Policy

Last updated: April 8, 2026

1. Who we are

John Boling (“we,” “us,” “our”) operates Book Me (the “Service”), available at https://jbwoodndesign.com/book.

Contact: john@jbwoodndesign.com

2. What the Service does

The Service lets hosts offer bookable time slots and guests request meetings. Hosts connect a Google account so we can read availability, manage calendar events related to bookings, and send email related to those bookings, as described below.

3. Information we collect

3.1 Account and authentication (hosts)

If you sign in as a host (e.g. with Sign in with Google), we may process:

  • Name, email address, and profile image from your Google account
  • A unique user id in our systems
  • OAuth tokens needed to use Google services on your behalf (e.g. access and refresh tokens, expiry, and related metadata stored in our database)

We use these tokens only to provide the Service (e.g. calendar and sending mail as described in this policy).

3.2 Host profile and scheduling settings

We store settings you configure, such as public slug, time zone, weekly availability, booking duration and horizon, buffers, landing text, and email templates.

3.3 Bookings (guests)

When someone books with a host, we collect what is needed to run the booking, typically:

  • Guest name and email
  • Meeting topic / purpose (or similar field)
  • Start and end time (stored in UTC)
  • Internal identifiers (e.g. booking id, cancel/reschedule token)
  • Optional calendar event id if we create or track an event in the host’s Google Calendar

We may also process host change reasons when a host cancels or reschedules, if you provide that in the product.

3.4 Technical and usage data

Like most web services, we may process server logs, IP addresses, timestamps, and error information for security, debugging, and reliability. Our hosting and infrastructure providers may process similar data under their own terms.

3.5 Cookies and similar technologies

We use cookies (or similar) as needed for session management (e.g. to keep you signed in to the dashboard). You can control cookies through your browser settings.

4. How we use information

We use the information above to:

  • Provide, operate, and improve the Service
  • Authenticate hosts and maintain sessions
  • Show availability, create and update bookings, and (where applicable) create, update, or remove calendar events in the host’s Google Calendar
  • Send transactional emails about bookings (e.g. confirmations, notices related to changes), using the host’s connected Google account to send mail where the product is designed to do so
  • Enforce our terms, prevent abuse, and protect security
  • Comply with law when required

We do not sell your personal information.

5. Legal bases (if applicable, e.g. EEA/UK)

Where GDPR applies, we may rely on:

  • Performance of a contract — providing the Service you asked for
  • Legitimate interests — securing the Service, improving reliability, and limited analytics/logging, where not overridden by your rights
  • Consent — where we ask for it (e.g. non-essential cookies, if we use them)
  • Legal obligation — where the law requires us to process data

6. Sharing and subprocessors

6.1 Service providers

We use third-party services to run the Service, for example:

  • Hosting / infrastructure (e.g. Vercel)
  • Database hosting for PostgreSQL (Neon)
  • Google — for sign-in and, with your authorization, Google Calendar and Gmail APIs as configured in the product

These providers process data only as needed to provide their services to us, under contractual terms consistent with this policy.

6.2 Google

When you connect Google, Google’s processing is also governed by Google’s Privacy Policy and your Google account settings. We request only the permissions needed for the Service (e.g. sign-in profile, calendar access, sending email on behalf of the connected account, as implemented).

7. Retention

We keep information as long as your account is active and as needed to provide the Service.

Bookings: We may delete database records for meetings that have ended, as part of routine cleanup (e.g. automated job), to limit how long guest and booking data is stored. Calendar events created in Google Calendar may remain in the host’s calendar unless the host deletes them there; our cleanup of database rows does not automatically remove past events from Google.

You may request deletion of your account or data where applicable (see “Your rights”).

8. Security

We use reasonable technical and organizational measures to protect information (e.g. access controls, encryption in transit where standard for web apps, secured credentials). No method of transmission or storage is 100% secure.

9. International transfers

If we or our providers process data in countries outside your own, we take steps consistent with applicable law (e.g. appropriate safeguards for transfers from the EEA/UK where required).

10. Your rights

Depending on where you live, you may have rights to access, correct, delete, export, or restrict certain processing, or to object or withdraw consent. To exercise these rights, contact john@jbwoodndesign.com. You may also complain to your local data protection authority.

If you connected Google, you can revoke the app’s access in your Google Account settings; that may limit or stop features that depend on Google.

11. Children

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have, contact us and we will delete it.

12. Changes

We may update this policy from time to time. We will post the new version here and update the “Last updated” date. For material changes, we may provide additional notice (e.g. on the Service or by email).

13. Contact

Questions about this policy: john@jbwoodndesign.com