The Booksy website’s (“Website”) owner and administrator is Booksy Inc.
Loading Terms of service...
Loading Privacy Policy...
The security of Booksy systems and data residing within them is crucial for us, and we treat potential security issues with a top priority. We do our best to protect the data of Booksy merchants and customers from security threats, and we encourage all users and security researchers to report security vulnerabilities discovered in our platform. We are committed to handle vulnerability reports in a timely manner and the greatest attention, provided that the following Policy is respected.At Booksy, we see security as fundamental, not just an add-on. As the digital landscape expands, the importance of protecting your personal and financial information grows. We're committed to maintaining robust security measures. Here's our approach to ensuring your data is securely protected at Booksy:
Encryption at Rest and in Transit: We take the security of your data seriously, whether it's stored or being sent. We use strong encryption to protect it from unauthorized access, keeping your information safe and private at all times.
No Stored Payment Information: We've chosen not to store your payment card information on our servers. Instead, we partner with certified payment processors who are experts in secure payment processing. These processors are PCI DSS certified, adding an extra layer of security to your financial transactions. Additionally, our hosting provider, Google, is certified against multiple standards, ensuring comprehensive protection at every level of our infrastructure.
Secure by Design: Security is at the core of our application design. We implement secure defaults and conduct daily scans of our application code and dependencies. Any potential vulnerabilities are promptly addressed, making sure our systems are up-to-date and protected against new threats.
Role-Based Access: At Booksy, access is tailored to individual roles. This means employees only get access to the information and tools essential for their job. It's a practical way to keep things secure and straightforward, minimising the chance of sensitive data falling into the wrong hands.
Rigorous Testing and Monitoring: Our internal security team regularly tests our applications for vulnerabilities, complemented by annual penetration testing performed by external experts. Furthermore, our applications are continuously monitored, enabling us to detect and swiftly respond to potential attacks. This proactive approach ensures the highest level of security resilience and operational integrity.
Comprehensive Logging: In the unlikely event of an incident, our extensive logging capabilities allow us to swiftly trace and understand the sequence of events. This rapid response capability is crucial for mitigating risks and securing our platform against future threats.
Responsible Disclosure Program: We believe in the power of community and collaboration. Our responsible disclosure program invites security researchers and users to report any potential vulnerabilities. This approach helps us improve security and shows our dedication to being open and constantly getting better.
Ongoing Security Training: It's important to stay updated on security. We provide our employees with ongoing training in the newest security practices and protocols. This ensures our team is alert, upholds strong security practices, and remains conscious and accountable in their roles.
At Booksy, your security is our main concern. We're committed to delivering a platform you can trust, always enhancing our security measures and encouraging a culture of attentiveness. This ensures Booksy is a secure place in the online world.
The security of Booksy systems and data residing within them is crucial for us, and we treat potential security issues with a top priority. We do our best to protect the data of Booksy merchants and customers from security threats, and we encourage all users and security researchers to report security vulnerabilities discovered in our platform. We are committed to handle vulnerability reports in a timely manner and the greatest attention, provided that the following Policy is respected.
I. DEFINITIONS:
II. SCOPE
III. REPORTING AN ISSUE
IV. VULNERABILITY DISCLOSURE PROCEDURE
V. RULES OF ENGAGEMENT
VI. WHAT TO REPORT
VII. REWARD
VII. HALL OF FAME
We would like to thank the following individuals for their contribution to increasing the overall Booksy’s security posture.
2022
Takshal Patel
Mubassir Patel
Nikhil Rane
Shivansh Khari
Sam Crowther
Opinder Singh
2023
Mohamed Shibil
Robert Muchacki