Security & Privacy

Your client data is not our product.

Your business remains in control of its client relationships and records. PeasyBooking is designed with privacy, access control, auditability, and security best practices in mind.

Data ownership

Your client records and relationships are yours. We never sell them or use them as our product, and you can export or delete them at any time.

Canadian-hosted core records

Your core records — clients, appointments, clinical notes, and the records vault — are hosted in Canada (Google Cloud, Montréal region).

Role-based access

Least-privilege roles for owners, managers, receptionists, staff, and accountants. Team members see only what their role needs.

Audit logs

An append-only, tamper-evident trail records every access — including reads. Owners and managers can review who accessed what, and when.

Encryption

Data is encrypted in transit and at rest. The records vault offers an optional end-to-end-encrypted mode where only you hold the keys.

Privacy controls

Consent is captured where it matters, and we never use identifiable clinical data for advertising, profiling, analytics, or AI training.

Export anytime

Export your clients, appointments, and records whenever you want. No lock-in, no hostage data.

For clinical plans

Extra safeguards for health data

On clinical plans, PeasyBooking adds protections for identifying health information — built for Canadian health-privacy obligations such as Alberta’s Health Information Act.

  • A signed Health Data Addendum that sets out how we handle health data on your behalf.
  • Additional access controls and a full access/audit history for clinical records.
  • An encrypted records vault (encrypted-at-rest by default, optional end-to-end mode).
  • A Privacy Impact Assessment support package for custodians who need to file a PIA.

Privacy you can build a practice on

Start free, and keep control of your data from day one.

    Security & Privacy · PeasyBooking