Skip to main content

Legal and privacy

Privacy notice

How Lettari handles personal information across our website, booking software, mobile experiences, and related services.

Effective and last updated: 14 July 2026

Jump to a section

The important distinction

Lettari controls information used for our own website, enquiries, updates, business relationships, security, and service administration. If you make a booking with a business that uses Lettari, that business is normally the controller and its own privacy notice applies.

1. Who we are

Lettari is booking software for businesses that manage services, appointments, activities, events, resources, customers, participants, payments, and communications. In this notice, “Lettari”, “we”, “us”, and “our” mean Lettari.

Lettari is based in Leicestershire, United Kingdom. For privacy questions or rights requests, email contact@lettari.co.uk.

2. Our role and your booking provider

When Lettari is the controller

We decide why and how personal information is used when you visit our corporate website, request a demo, contact us, join product updates, manage a direct business relationship with us, or when we use information for our own billing, platform security, legal compliance, and service administration.

When Lettari is a processor

A business using Lettari normally decides what it needs from its customers, participants, and website visitors. That business is the controller and Lettari generally processes the information on its documented instructions to provide the platform.

If your question is about a booking, participant profile, enquiry, payment, or message handled for a particular business, contact that business first. Its privacy notice should explain its purposes, lawful bases, and retention choices. We will support the business in responding where our contract and data-protection law require it.

The role can vary for a business-user account. The relevant business normally controls the staff profile, access, and work records it asks Lettari to host, while Lettari independently controls the limited account, billing, security, and administration information we need for our own purposes.

3. Information we use

The information involved depends on how you interact with Lettari and which features a business has configured.

CategoryExamples
Enquiries and updatesName, business name, work email, optional phone and industry, requirements, enquiry intent, signup status, consent version, and source page.
Business usersName, email, phone, login and verification details, roles and permissions, workspace, support correspondence, and account activity.
Customers and participantsNames, contact details, dates of birth, booking and attendance details, customer or participant profiles, notes, configured form answers, and uploaded files. This is usually operator-controlled information.
Bookings and financeChosen service or event, date and time, participants, prices, fees, status, cancellation and refund information, billing contact details, and payment-provider identifiers. Lettari does not store full payment-card numbers.
Device and service useIP address, browser and device information, session identifiers, page or screen activity, referring page, approximate viewport type, error and security logs, and aggregate visit counts.
Support and AI contentMessages, files, screenshots, page context, assistant prompts and responses, tool results, citations, action drafts, and support history where those features are used.

Where information comes from

  • directly from you when you submit a form, create or use an account, make a booking, contact support, or communicate with us;
  • from the business using Lettari, including when its staff create records or configure forms and booking journeys;
  • from your browser, device, and interactions with the service;
  • from integrations you or the relevant business choose to use, such as payment, sign-in, email, mapping, or communication providers; and
  • from another person who is authorised to provide details for a participant or customer.

What you need to provide

Fields marked optional are voluntary. Other fields are required where the interface, booking journey, or contract identifies them as necessary. If required information is not provided, we or the relevant business may be unable to answer an enquiry, create or secure an account, complete a booking or payment, or deliver the requested feature. A business using Lettari decides which customer and participant details it genuinely needs for its own services.

4. Purposes and lawful bases

When Lettari is the controller, we rely on one or more of the following UK GDPR lawful bases. A business acting as controller may rely on different bases for its booking customers.

Provide and administer the service

To deliver our direct business relationship, provide support, maintain our records, and respond to service requests. We rely on contract, steps requested before a contract, and our legitimate interests in operating the service. Where a customer controls the underlying staff or booking data, we process it on that customer’s instructions instead.

Respond to enquiries and demo requests

To understand your requirements, reply, arrange a demonstration, and keep a record of the conversation. We rely on steps requested before a contract and our legitimate interests in managing relevant business enquiries.

Send product updates

To send the occasional updates you asked to receive. We rely on consent. You can unsubscribe at any time; this does not affect processing that occurred before withdrawal.

Security, reliability, and misuse prevention

To authenticate users, maintain audit trails, investigate errors, protect workspaces, prevent fraud or abuse, and keep the service available. We rely on legitimate interests and, where applicable, legal obligations.

Payments, accounting, and legal administration

To administer charges, refunds, invoices, business records, disputes, and legal requests. We rely on contract, legitimate interests, and legal obligations.

Understand and improve Lettari

To measure aggregate use, diagnose problems, assess feature performance, and improve usability. We rely on legitimate interests for proportionate service analytics and consent where non-essential device storage or access requires it.

Where we rely on legitimate interests, those interests include running a secure and useful booking platform, supporting customers, improving the service, and managing genuine business relationships. We consider the necessity and the effect on individuals, and you may object as explained below.

5. Cookies and device storage

Lettari uses cookies and browser or mobile storage where needed to deliver a secure session, remember an authenticated user, preserve a booking journey, and provide configured features.

TechnologyPurpose and duration
Session and security cookiesThe Lettari session cookie keeps the service working and the XSRF token protects form submissions. On the marketing site, their browser lifetime is normally up to two hours. Related server records are cleared through operational maintenance rather than necessarily at the exact moment the browser cookie expires.
Browser and mobile storageThe application may remember authentication, preferences, booking-cart details, and in-progress checkout or participant information. Some items last only for the browser session; others remain until expiry, sign-out, completion, removal by the application, or clearing the device storage.
Google reCAPTCHAContact, signup, or public forms may use reCAPTCHA to detect automated misuse. Google can receive the verification response, IP address, browser details, and interaction signals and may use its own storage technologies.
Embedded maps and mediaLettari's current web and native app builds do not load Microsoft Clarity. Maps and video content may connect to OpenStreetMap, YouTube, or Vimeo. These providers can receive device and request information when content loads.

Non-essential storage or access must be controlled in line with applicable consent requirements. Browser controls can clear or block storage, but essential features may then stop working. Provider information is linked in the sharing section.

6. AI features

Some Lettari workspaces may enable an AI assistant. When used, Lettari stores conversation messages, responses, page context, citations, tool output, and proposed actions. A workspace may also provide documents for search and retrieval. Depending on the request, tool output can include booking, customer, or participant information that the user is authorised to access.

We send the information needed to answer the request to the OpenAI API. When configured, response state and uploaded documents may also be retained by OpenAI so the assistant and document-search features work. OpenAI states that API data is not used to train its models by default unless an organisation chooses to opt in. See OpenAI API data controls.

Actions that change Lettari records are presented for human approval before execution. Lettari does not use the assistant to make solely automated decisions about people that have legal or similarly significant effects. Users should avoid including unnecessary sensitive information in prompts or documents.

Our controller or processor role follows the underlying information. For example, we normally process a business’s booking information on its instructions, while we control technical usage records needed to secure and administer the AI feature.

7. Who receives information

We do not sell personal information. We disclose it only where needed to provide the service, follow a customer’s instructions, run Lettari, protect legal rights, or comply with law.

RecipientWhy information may be shared
The relevant businessThe operator and its authorised staff receive the bookings, customer details, participant information, payments, forms, and messages needed to provide their services.
Amazon Web ServicesHosting, infrastructure, file storage where configured, and transactional email through Amazon SES.
StripePayment collection, refunds, billing, and fraud controls where payments are enabled. Stripe processes payment credentials through its own secure interfaces; Lettari keeps the identifiers and transaction trail needed for the booking or business relationship.
GoogleAutomated-abuse protection through reCAPTCHA and optional Google sign-in. Google can receive identifiers and technical interaction information under its own privacy terms.
OpenAIAssistant responses, tool use, and document retrieval where the AI feature is enabled, as described above.
SlackRestricted operational notifications to Lettari, which may include a subscriber email and technical submission details when a new update signup is recorded.
Location, map, and media providersPostcodes.io may process a postcode used for lookup. OpenStreetMap, YouTube, or Vimeo can receive network and device request information when their embedded content is loaded.
Mobile delivery providersExpo, Apple, and Google may process device tokens and delivery information where mobile notifications are enabled.

We may also disclose information to professional advisers, insurers, auditors, regulators, courts, law-enforcement bodies, or a buyer or successor in a genuine business reorganisation, where the disclosure is necessary and lawful. Provider availability and configuration can vary by workspace and environment.

8. International transfers

Some providers operate in, support from, or make data available from countries outside the United Kingdom. This means personal information may be transferred internationally even where the main service is hosted in the UK.

The safeguard depends on the provider, destination, and processing. It may include UK adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to approved standard contractual clauses, and any required transfer-risk assessment. You can ask us for information about the safeguard relevant to your data.

9. How long we keep information

We keep personal information only for as long as needed for the purpose collected, the relevant customer’s documented instructions, security and recovery, and applicable legal, accounting, dispute, or regulatory requirements. We consider the amount and sensitivity of the information, the risk from continued retention, and whether we can achieve the purpose another way.

RecordRetention approach
Enquiries and demosWhile we respond and follow up, then only while reasonably needed to manage the relationship, prevent misuse, resolve complaints, or establish and defend legal claims. Records that become part of a customer contract follow the contractual record period.
Product updatesUntil you unsubscribe. We may keep the minimum suppression and consent history needed to honour your choice and demonstrate compliance rather than adding you again.
Accounts, contracts, and financeFor the active relationship and the contractual or statutory record period that applies afterwards, taking account of UK tax, accounting, limitation, and dispute requirements.
Operator-controlled dataBookings, profiles, participant details, configured fields, files, forms, and related messages are retained according to the relevant business’s instructions and contract with Lettari, subject to legal and technical recovery requirements.
Temporary operational dataAbandoned checkout records are scheduled for removal after 30 days. Unconsumed temporary uploads expire after about 60 minutes. Generated export files expire after 7 days; the related export-history record is scheduled for removal 30 days after its expiry date.
Service analyticsDetailed aggregate service-visit buckets are removed once they are more than one year old. Event-visit buckets are removed after the event has been ended for more than one year. De-identified lifetime aggregate counts may remain to report overall activity.
AI recordsConversation and document retention follows the applicable workspace instructions and contract. Technical AI usage logs are scheduled for removal after 365 days. Failure logs, and action records that remain in draft or rejected status without an execution, are scheduled for removal after 90 days. Provider-held service state follows the feature configuration and provider terms.
Security logs and recovery copiesFor the operational cycle needed to investigate incidents, secure the service, and recover from failure. Deleted information can remain in restricted recovery copies until those copies are overwritten.

We may preserve specific information for longer where a dispute, legal hold, regulatory request, fraud investigation, or other lawful exception requires it. We may keep information that has been irreversibly anonymised because it no longer identifies an individual.

10. Children and sensitive information

Lettari’s corporate website and business administration service are not directed at children. A business may, however, use Lettari for an activity involving a child and may collect a date of birth, guardian contact, participation details, or other relevant information. That business is responsible for explaining the processing, establishing an appropriate lawful basis, and obtaining parental or guardian authority where required. Lettari normally handles that data as its processor.

Configurable fields and uploads can also be used by a business to collect health, disability, allergy, safeguarding, or other sensitive information. The business must decide whether collection is necessary, identify both a UK GDPR lawful basis and any required special-category condition, restrict access, and choose an appropriate retention period. Users should not place sensitive information into free-text fields, files, or AI prompts unless it is genuinely necessary and authorised.

11. Your rights

Depending on the circumstances, UK data-protection law may give you the right to:

  • access your personal information;
  • correct inaccurate or incomplete information;
  • ask for erasure;
  • restrict how information is used;
  • object to processing based on legitimate interests;
  • receive or transfer information in a portable format;
  • withdraw consent at any time; and
  • complain to a data-protection regulator.

These rights are not absolute. We may need enough information to confirm your identity and locate the relevant records, and we will explain if an exemption applies. We normally respond within one month, although the law permits an extension for complex or numerous requests.

For information controlled by a business using Lettari, contact that business first. For information Lettari controls, email contact@lettari.co.uk. You can stop product-update emails through the unsubscribe link in an update.

You may complain to the UK Information Commissioner’s Office. We would appreciate the opportunity to address the issue first, but this does not limit your right to contact the ICO. Visit the ICO complaints page.

12. Security

We use technical and organisational measures designed to protect personal information, including encrypted connections, authentication and role-based access, tenant separation, audit and security logging, controlled infrastructure access, and service monitoring. We expect providers and business customers to protect the information within their control as well.

No online service can guarantee absolute security. When we act as a processor, we notify the relevant controller without undue delay after becoming aware of a personal-data breach. When Lettari is the controller, we notify the ICO and affected people when the applicable legal thresholds and notification requirements are met.

13. Contact and changes

Questions about this notice or Lettari-controlled information can be sent to contact@lettari.co.uk. You can also use our contact page for general enquiries.

Lettari

Leicestershire, United Kingdom

contact@lettari.co.uk

We may update this notice when the service, providers, or legal requirements change. The current version will appear on this page with a revised date. If a change materially affects how we use information, we will take reasonable steps to bring it to the attention of affected people.