February 2026
Tikvaly ("Tikvaly," "we," "us," or "our") operates the Tikvaly appointment booking platform. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Platform.
This policy applies to all users of the Platform, including Business Users who manage appointments and End Customers who book appointments. It covers information collected through the Platform, our website, and related communications.
We are committed to protecting your privacy in compliance with the Israeli Privacy Protection Law, 5741-1981 (PPL), including Amendment 13 and its regulations, and the European General Data Protection Regulation (GDPR) where applicable.
For any questions about this Privacy Policy or our data practices, please contact us at support@tikvaly.com.
We collect the following categories of information:
(a) Account Information: When you register for an account, we collect your name, email address, phone number, and business details (for Business Users), including business name, address, and service descriptions.
(b) Appointment Data: We process information related to bookings, including appointment dates and times, selected services, customer contact details, and any notes added by the Business User or End Customer.
(c) Payment Information: Billing details for subscription payments are processed by our payment partner, Paddle. Tikvaly does not directly store credit card numbers or sensitive financial information.
(d) Communication Data: We maintain logs of SMS messages sent through the Platform (booking confirmations, reminders, OTP codes) and your notification preferences.
(e) Automatically Collected Information: When you use the Platform, we automatically collect certain technical data, including your IP address, device type and operating system, browser type and version, usage patterns and interaction data, and cookies and similar tracking technologies.
We use the information we collect for the following purposes:
To provide, maintain, and improve the Platform and its features. This includes processing appointment bookings, managing user accounts, and developing new functionality.
To send transactional SMS notifications, including booking confirmations, appointment reminders, and one-time password (OTP) verification codes necessary for the operation of the service.
To communicate with you about your account, respond to inquiries, provide customer support, and send important updates about the Platform or these policies.
To analyze usage patterns and trends in order to improve the user experience, optimize Platform performance, and develop new features.
To comply with legal obligations, including tax and accounting requirements, and to respond to lawful requests from public authorities.
To detect, prevent, and address fraud, security issues, and technical problems that may affect the Platform or its users.
We process your personal information on the following legal bases:
Contract Performance: Processing necessary to provide our services to you, including account management, appointment booking, and transactional notifications.
Consent: Where you have given explicit consent, such as opting in to receive marketing communications or promotional SMS messages. You may withdraw your consent at any time.
Legitimate Interest: Processing for purposes such as analytics, service improvement, fraud prevention, and ensuring Platform security, where these interests are not overridden by your fundamental rights.
Legal Obligation: Processing required to comply with applicable laws and regulations, including tax obligations, data retention requirements, and responding to legal process.
We share your information with the following categories of recipients, solely to the extent necessary for the stated purposes:
SMS Service Providers: To deliver booking confirmations, reminders, and verification codes. These providers process phone numbers and message content on our behalf.
Payment Processors: Paddle processes subscription payments for Business Users. They receive billing information necessary to process transactions.
Hosting and Infrastructure Providers: Our hosting providers store and process data on our behalf, subject to appropriate security measures and contractual safeguards.
Analytics Tools: We use analytics services to understand how the Platform is used and to improve our services. Data shared with analytics providers is aggregated or anonymized where possible.
We do not sell your personal data to third parties. Business Users can view their End Customers' booking data as necessary to provide their services. End Customers can view Business User information displayed on booking pages.
Your data is primarily stored and processed on servers located in data centers that support our hosting infrastructure. Israel has been granted an adequacy decision by the European Commission, recognizing it as providing an adequate level of data protection.
Where your data is transferred to countries outside of Israel or jurisdictions that have not received an adequacy determination, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission or other legally recognized transfer mechanisms.
We regularly review our data transfer practices to ensure continued compliance with applicable data protection laws.
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law:
Account Data: Retained while your account is active and for 12 months following account closure, to allow for reactivation and to comply with legal obligations.
Appointment Data: Retained for the lifetime of the Business User's account. Business Users may export or request deletion of appointment data at any time.
SMS Logs: Retained for 90 days for troubleshooting and service quality purposes, then permanently deleted.
Analytics Data: Anonymized after 24 months. Anonymized data may be retained indefinitely for statistical and research purposes.
When personal data is no longer needed, we securely delete or anonymize it in accordance with our data handling procedures.
We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.
Our security measures include encryption of data in transit using TLS (Transport Layer Security), encryption of sensitive data at rest, role-based access controls limiting data access to authorized personnel, and regular security reviews and assessments.
While we strive to protect your personal information, no method of electronic storage or transmission over the internet is completely secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents in accordance with applicable breach notification requirements.
Under the Israeli Privacy Protection Law and, where applicable, the GDPR, you have the following rights regarding your personal information:
Right of Access: You may request a copy of the personal data we hold about you.
Right to Rectification: You may request correction of inaccurate or incomplete personal data.
Right to Erasure: You may request deletion of your personal data, subject to legal retention requirements.
Right to Data Portability: You may request a copy of your data in a structured, commonly used, and machine-readable format.
Right to Object: You may object to the processing of your personal data for certain purposes, including direct marketing.
Right to Restrict Processing: You may request that we limit the processing of your personal data under certain circumstances.
Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at support@tikvaly.com. We will respond to your request within 30 days. We may request verification of your identity before processing your request.
The Tikvaly Platform is not intended for use by children under the age of 18. We do not knowingly collect personal information from children under 18.
If we become aware that we have inadvertently collected personal information from a child under 18, we will take steps to delete such information promptly. If you believe that a child under 18 has provided us with personal information, please contact us at support@tikvaly.com.
We use cookies and similar tracking technologies on our Platform for the following purposes:
Essential Cookies: Required for the Platform to function properly, including authentication tokens, session management, and user preferences. These cookies cannot be disabled without affecting Platform functionality.
Analytics Cookies: Used to collect information about how visitors use the Platform, including pages visited, time spent, and navigation patterns. These cookies are placed only with your consent.
You can manage your cookie preferences through your browser settings. Please note that disabling essential cookies may prevent you from using certain features of the Platform.
The Platform uses SMS messaging for several purposes, and different consent requirements apply depending on the type of message:
Transactional SMS: Booking confirmations, appointment reminders, and OTP verification codes are sent as an integral part of the service delivery. These messages are necessary for the Platform's core functionality, and separate marketing consent is not required for their delivery.
Marketing SMS: Promotional messages or marketing communications via SMS require your explicit opt-in consent before they are sent. You may opt out of marketing SMS at any time by following the unsubscribe instructions in the message or by contacting us.
These practices comply with the Israeli Communications Law (Bezeq and Broadcasting), 5742-1982, and its regulations regarding unsolicited communications.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you via email to the address associated with your account or through a prominent notice on the Platform.
The "Last Updated" date at the top of this policy indicates when it was most recently revised. We encourage you to review this policy periodically to stay informed about how we protect your information.
Your continued use of the Platform after any changes to this Privacy Policy constitutes your acceptance of the updated policy.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us at:
Email: support@tikvaly.com
For complaints regarding our data protection practices, you also have the right to lodge a complaint with the Privacy Protection Authority (PPA) of Israel, the supervisory authority responsible for overseeing compliance with the Privacy Protection Law.