Privacy & Cookie Policy

Last updated: 06-07-2026

1. Introduction

Lookster ("Lookster", "we", "us", "our") attaches great importance to the protection of your privacy. In this Privacy & Cookie Policy, we explain how we collect, use, share, secure and retain personal data when you use our platform, consisting of:

  • the website www.lookster.nl (the "Website");
  • the Lookster mobile application(s) (the "App");
  • the online booking portal and other features we offer via Website and App,

collectively: the "Platform".

By using the Platform, you acknowledge that you have read and understood this policy.

2. Data controller and contact

The data controller within the meaning of the General Data Protection Regulation ("GDPR") is:

Lookster
Piet Heinstraat 12, 7511JE Enschede
Chamber of Commerce number: 94593051
Email (privacy & requests): [email protected]

Lookster has not appointed a Data Protection Officer (DPO). For privacy questions or requests, you can reach us via the email address above.

3. What personal data do we process?

We may (depending on your use of the Platform) process the following categories of personal data:

1. Users (consumers)

  • Identification and contact data: name, email address, phone number.
  • Account and usage data: account ID, preferences/settings, login moments, IP address, browser type, device and log data.
  • Location/distance (optional): approximate location based on entered address or city (e.g. for distance display), and/or precise location (GPS) if you actively allow this via your device settings.
  • Communication data: content of messages or emails to/from support.

2. Partners (salons/businesses)

If you are a Partner (B2B), we may additionally process:

  • Business data: salon name, address, contact person, Chamber of Commerce number (if applicable), VAT number (if applicable).
  • Billing and payment data: billing address, invoices, payment status, and (where applicable) bank account/payment details.
  • Dashboard data: employee accounts (seats), schedule/appointments and client data that you process in the dashboard. For this client data you are the data controller and Lookster acts as processor (see our data processing agreement).
  • App and device data: when you use the Lookster Dashboard app: device ID and device name, and – if you enable push notifications – a push notification token (Firebase Cloud Messaging).

3. Special categories of personal data

In principle, we do not ask you to provide special categories of personal data (such as medical data). Please do not place such data in free-text fields, messages or notes. If you voluntarily provide this data (e.g. in a message to support), we may process it insofar as necessary to handle your request.

4. What do we use personal data for?

We process personal data exclusively for legitimate, specified purposes, such as:

  1. Performance of the Platform and the agreement
    • creating and managing accounts;
    • technically enabling bookings/appointments and forwarding them to salons;
    • communication about bookings (confirmations, changes, notifications);
    • support and customer service;
    • sending push notifications in the App, for example for new or cancelled bookings (if enabled by you).
  2. Security and reliability
    • securing accounts and systems;
    • preventing and detecting fraud, abuse and disruptions;
    • logging, troubleshooting and stability purposes.
  3. Improvement and analysis
    • statistics and analysis of Website usage (e.g. via Microsoft Clarity and, where applicable, Google Analytics);
    • further development of features and user experience.
  4. Marketing
    • sending marketing communications;
    • displaying/measuring advertisements or retargeting (e.g. via Meta Pixel), only after your consent where legally required (e.g. via cookie banner).
  5. Legal obligations
    • complying with fiscal/administrative retention obligations (particularly for B2B invoices);
    • complying with requests from competent authorities where legally required.

5. Legal bases

We process personal data on the basis of one or more of the following legal bases (Article 6 GDPR):

  • Performance of a contract (Art. 6(1)(b) GDPR) – e.g. account and booking functionality.
  • Legal obligation (Art. 6(1)(c) GDPR) – e.g. fiscal retention obligation.
  • Legitimate interest (Art. 6(1)(f) GDPR) – e.g. security, fraud prevention, basic statistics/improvement without tracking where permitted.
  • Consent (Art. 6(1)(a) GDPR) – e.g. non-essential cookies (analytics/marketing), personalised advertisements, certain marketing.

You can withdraw consent at any time (see Article 10).

6. With whom do we share personal data?

We do not sell your personal data. We only share data when necessary for the operation of the Platform, for our services, or when we are legally obliged to do so. This may include sharing with:

  1. Salon partners: when you request/book an appointment, we share the necessary data (such as name/phone/email and appointment details) with the relevant salon so they can carry out the appointment.
  2. Hosting/IT service providers: for hosting and infrastructure (e.g. Hetzner).
  3. Email service providers: for sending emails (e.g. Postmark).
  4. Push notification services: to deliver push notifications in the App we use Google Firebase Cloud Messaging; this involves processing a device token.
  5. Analytics and marketing services (after consent where required): e.g. Microsoft Clarity and, where applicable, Google Analytics or Meta Pixel.
  6. Government agencies/supervisory authorities: where legally required.
  7. Business transfer: in case of merger/acquisition/restructuring, with appropriate safeguards.

We enter into data processing agreements in accordance with Article 28 GDPR with parties that process personal data on our behalf.

7. Transfers outside the EEA

Some service providers (such as Microsoft, Google and Meta) may process or make personal data accessible outside the European Economic Area (EEA) (e.g. the US). When we use such services, we ensure – where required – appropriate safeguards, such as:

  • EU Standard Contractual Clauses (SCCs), and/or
  • other legally permitted safeguards.

8. Security

We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access or disclosure. This includes:

  • TLS/SSL encryption during data transmission;
  • access management and authentication;
  • logging and monitoring;
  • restricting access to personal data to authorised persons.

9. Retention periods

We do not retain personal data longer than necessary for the purpose for which it was collected, unless we are legally required to retain it longer.

Indicative:

  • Account data (consumers): until you request deletion, and thereafter within a reasonable period, unless legal retention obligations or necessary security/fraud prevention interests require temporary longer retention.
  • B2B invoice and administrative data: generally 7 years (fiscal retention obligation).
  • Support/communication: as long as needed for resolution and limited thereafter, unless longer retention is needed for evidence, security or disputes.
  • Cookies: see paragraph 13.

10. Your rights

Under the GDPR, you have rights including:

  • access;
  • rectification;
  • erasure;
  • restriction;
  • data portability;
  • objection (including against processing based on legitimate interest);
  • withdrawal of consent (where applicable).

You can submit your request via [email protected]. We will respond in principle within one month. As a Partner you can also delete your account directly in the Lookster Dashboard app.

11. Minors

The Platform is not specifically aimed at minors. Minors may only use the Platform if they have consent from a parent/guardian, insofar as this is required. We do not target marketing campaigns at minors and do not intentionally collect personal data from children. If we suspect that we are processing personal data of a child without valid consent, you can contact us via [email protected], so that we can investigate and delete where appropriate.

12. Automated decision-making and profiling

Lookster does not apply automated decision-making that has legal effects or otherwise significantly affects you. We may (after consent where required) use profiling for marketing/advertising measurement (e.g. via marketing cookies).

13. Cookies

  1. Cookie banner. We only place non-essential cookies (such as analytical and marketing cookies) after you have given consent via a cookie banner, insofar as legally required.

    Change preference: you can accept, reject or later change analytics cookies via the cookie settings in the footer.

  2. Types of cookies (indicative). The list below is indicative and may change. Current cookie information can be consulted via the cookie banner and cookie settings.
    1. Functional cookies (necessary): required for the operation of the Website (e.g. session, security).
    2. Analytical cookies: measuring website usage and improving the user experience (e.g. Microsoft Clarity and, where applicable, Google Analytics) – only after consent where required.
    3. Marketing cookies: measuring/targeting advertisements (e.g. Meta Pixel) – consent required.

Microsoft Clarity

We use Microsoft Clarity only after you accept analytics cookies. Clarity helps us understand in aggregate how visitors use the website, for example through heatmaps and session recordings, so we can improve the user experience. Clarity may process pseudonymous identifiers, device and browser data, IP address, visited pages and interactions such as clicks, scrolling and navigation. We load Clarity only after consent and pass your choice through the Microsoft Clarity Consent API.

13.3 Examples (indicative)

  1. Microsoft Clarity cookies may include _clck and _clsk (to recognize a user and connect page views within a session).
  2. Google Analytics cookies may include _ga, _ga_* (retention periods depending on settings).
  3. Meta cookies may include _fbp (retention periods depending on settings).

13.4 Cookie management

You can manage cookies via:

  1. the cookie settings in the footer, and/or
  2. your browser settings (delete/block cookies).

Please note: if you block cookies, certain parts of the Website may not function properly.

15. Changes to this policy

We may update this Privacy & Cookie Policy. The most recent version is available at www.lookster.nl. In case of material changes, we will inform you via the Platform and/or by email (if we have your email address and this is appropriate).

Contact

Lookster

Chamber of Commerce: 94593051

Piet Heinstraat 12, 7511JE Enschede

Email: [email protected]