Terms of Service
Please read our terms and conditions carefully. By using Appointmint, you agree to be bound by these terms.
TERMS OF SERVICE (Self-Service)
Last updated: July 2026
Your use of Appointmint's products, services and applications (collectively referred to in this document as the "Services") is subject to the terms of this Legal Agreement between you and AMBITIOUS WORLD, Lda. (VAT number 519085027, registered at Rua Sabino Pedro Henriques, 10, Santa Iria de Azóia, Loures, Portugal), the company responsible for the Appointmint software.
In this document, "Appointmint" refers to AMBITIOUS WORLD, Lda., "Customer" refers to the entity or professional subscribing to the Services, and "Terms" refers to this agreement. By creating an account or using the Services, the Customer accepts these Terms.
The Services include, among other things, appointment management, client management and communications, including messaging integrations (e.g., WhatsApp via the WhatsApp Business API) when activated by the Customer. When using third-party integrations, the Customer agrees to comply with the applicable policies of those third parties, including WhatsApp policies.
The Services may also include optional integrations with Google services, including Google Calendar, when individually activated by a professional authorised by the Customer. When this integration is enabled, Appointmint receives authorisation to create, update and delete events in the primary calendar of the linked Google account, exclusively to automatically sync appointments registered in Appointmint with that calendar.
Contact: support [email protected]; privacy [email protected].
Important: If the Customer processes health data through the Services, it must ensure compliance with the GDPR (Art. 9) and applicable health legislation, including obtaining adequate legal bases (explicit consent or another legally permitted exception).
1. Definitions
Customer: the individual or legal entity subscribing to the Services. Users: the Customer's staff or suppliers with authorised access. Customer Data: data uploaded or generated by the Customer in the Services (includes personal data). Plan: the package of features and pricing chosen at the time of subscription. Sub-processors: third parties used by Appointmint to provide the Services (e.g., invoicing and payments). SLA: the service commitment in Cl. 8.
2. Account and Eligibility
2.1. The Customer must provide truthful information and keep credentials secure.
2.2. The Customer is responsible for all activity on their account, including access by Users and third parties authorised via integrations or API.
2.3. The following are prohibited: (i) use for illegal purposes; (ii) interfering with the security or stability of the Services; (iii) circumventing usage limits or plan restrictions.
3. Licence of Use
3.1. Appointmint grants the Customer a limited, non-exclusive, non-transferable licence to use the Services for the duration of the Plan.
3.2. The following are prohibited: copying, reproducing, reverse-engineering, decompiling, creating derivative works, assigning, sublicensing or allowing unauthorised access to the software, except to the extent permitted by law.
4. Duration, Renewal and Cancellation
4.1. Monthly plans: minimum term of 1 month, successive automatic renewal.
4.2. Annual plans: term of 1 year, automatic renewal.
4.3. The Customer may cancel future renewal at any time in Billing Settings, with effect at the end of the current period. Pro-rata refunds are only available where legally required (e.g., consumer right of withdrawal within the first 14 days).
4.4. In case of non-payment: after 10 days from the due date, access is limited to read-only mode; after 30 days, Appointmint may suspend access with at least 5 days' prior notice; after 60 days, Appointmint may terminate the contract under Cl. 12. For material breach of these Terms, Appointmint may suspend Services with a 15-day cure period (except for serious breaches) or, in cases of serious abuse or security risk, with immediate effect.
5. Pricing, Fees and Payments
5.1. The Customer will pay the Plan fees and any extras (e.g., SMS, add-ons) at the rates in force at the date of subscription or renewal.
5.2. Payments by card / MB Way / Multibanco reference processed by EasyPay (payment institution authorised by the Banco de Portugal, special registration no. 8706) — Appointmint acts as a technology integrator and does not store full card data; electronic invoicing via Cegid Vendus (software certified by the Portuguese Tax Authority, no. 2230/AT). Taxes (VAT) will be added as required by law.
5.3. In case of late payment, statutory default interest and collection costs may apply.
5.4. Price changes will apply at renewal, with at least 30 days' prior notice.
5.5. Fair Use of Emails and Storage
The Services include emails and storage at no additional charge up to a fair use limit. For the purposes of these Terms, fair use means a maximum of 3,000 emails and 5 GB of storage per Customer. Appointmint may apply technical measures to protect the stability and security of the Services in cases of abuse, unauthorised mass mailing or manifestly excessive use.
6. Appointmint's Obligations
6.1. Provide the Services with due care and good security practices (Cl. 10) and maintain periodic backups.
6.2. Provide support as per Cl. 8.
6.3. Comply with the GDPR as sub-processor / Processor of Personal Data (see Annex A – Data Processing Agreement).
7. Customer's Obligations
7.1. Ensure legal bases for processing personal data in the Services and inform data subjects in accordance with the GDPR (Arts. 6, 13 and 14). For health data (special category under GDPR Art. 9), the Customer must obtain explicit consent from data subjects or rely on a permitted legal exception (e.g., provision of healthcare by a professional bound by professional secrecy).
7.2. Not copy, reproduce or permit unauthorised access to the software; implement adequate access controls and authentication, including multi-factor authentication where available.
7.3. Comply with applicable legislation, including: (i) marketing consents (ePrivacy Directive); (ii) cookies (GDPR and applicable national law); (iii) health legislation; (iv) consumer rights.
7.4. Configure integrations (e.g., payments and invoicing), ensure the accuracy of Customer Data and, when using integrated invoicing, verify and be responsible for the configuration of fiscal elements (invoice series, tax IDs, products/services, VAT rates and other applicable legal rules). Appointmint does not provide tax or accounting advice.
7.5. Immediately notify Appointmint of any unauthorised access or security breach.
8. Support and SLA
8.1. Support: email ([email protected]) and helpdesk on business days (09:00–18:00, Europe/Lisbon), prioritised by severity. Response time: up to 24 business hours for normal requests, up to 4 business hours for critical issues.
8.2. Availability SLA: target ≥99.5%/month (excluding scheduled maintenance announced 48 hours in advance, force majeure events per Cl. 14, third-party provider failures, and Customer actions or omissions).
8.3. Service Credits (monthly):
- Availability 99.0–99.49% → 5% credit;
- 98.0–98.99% → 10%;
- <98.0% → 20%.
Credits apply to future invoices, upon written request to [email protected] within 30 days after the end of the relevant month, with evidence of unavailability. Credits are the sole and exclusive remedy for SLA non-compliance and do not accumulate with other forms of compensation.
9. Intellectual Property and Feedback
9.1. Appointmint (or its licensors) holds all rights in the software, trademarks and content.
9.2. The Customer retains all rights over Customer Data.
9.3. Feedback provided may be used freely to improve the Services, without obligation of compensation and without disclosing Customer Data.
9.4. Appointmint may use anonymised and aggregated data, with no reasonable possibility of re-identification, for statistical purposes, Services improvement and security.
10. Security, Confidentiality and Incidents
10.1. Each Party will keep the other's information confidential (implied NDA) during the term of the agreement and for a period of 5 years after its termination, without prejudice to any longer legal retention periods applicable to health data or trade secrets.
10.2. Security measures include: encryption in transit, role-based access control, audit logging, and vulnerability testing and patching. Appointmint complies with applicable cybersecurity principles and requirements, including those arising from Directive (EU) 2022/2555 (NIS2), to the extent applicable to it as a sub-processor.
10.3. Security / Data Incidents: notification without undue delay to the Customer after becoming aware, with available information and reasonable cooperation.
11. Limitation of Liability
11.1. Neither Party will be liable for indirect damages — including lost profits, data loss, loss of opportunity, loss of reputation or business interruption — to the extent permitted by law.
11.2. Appointmint's total liability for all claims in a 12-month period is limited to the fees paid by the Customer in that period, with an absolute maximum of EUR 10,000.00, except for (i) death or personal injury, (ii) fraud, wilful misconduct or intentional breach of confidentiality, or (iii) non-excludable liabilities under applicable law (including data protection matters).
12. Termination
12.1. Either Party may terminate for material breach not remedied within 30 days after notice.
12.2. Effects: access is closed; accrued fees become due.
12.3. Data export: the Customer may export Customer Data within 30 days after termination.
12.4. Deletion and Anonymisation: Appointmint will delete Customer Data from active systems within 30 days of contract termination or written request. Residual copies in backups will be deleted or anonymised within a maximum of 90 days. Remaining records required for statistical or operational purposes will be anonymised with no reasonable possibility of re-identification.
13. Governing Law and Jurisdiction
Governed by Portuguese law and the GDPR. Competent court: Tribunal da Comarca de Lisboa.
14. Miscellaneous
Entire agreement; partial invalidity; assignment only with consent (except in group reorganisation); force majeure; communications in writing (email).
15. WhatsApp Messaging Compliance
When the Customer uses the WhatsApp integration (WhatsApp Business API) through the Services, the Customer undertakes to:
- Comply with policies: comply with the WhatsApp Business Messaging Policy and other applicable WhatsApp/Meta policies.
- Consent / opt-in: obtain valid consent and/or legal basis before contacting data subjects where required (including marketing messages) and maintain opt-in records.
- Templates: use approved message templates where applicable and respect rules such as conversation windows and sending limitations.
- Opt-out: provide and respect opt-out mechanisms and requests to stop messages (e.g., "stop" instructions where configured).
- Prohibitions: do not send spam, harass, promote illegal activities, collect data by scraping, circumvent WhatsApp mechanisms, or buy/sell contact lists or data.
The Customer is responsible for the content sent, recipient lists and compliance with applicable legislation (including GDPR, ePrivacy and marketing rules). Appointmint may suspend or terminate access in the event of abuse or violation of these policies (see Cl. 4 and 12).
16. Google Calendar Integration
16.1. The Google Calendar integration is optional and depends on explicit authorization from the professional who connects their Google account to Appointmint.
16.2. Appointmint requests only the Google Calendar scope strictly necessary for the automatic appointment sync feature, currently the calendar.events scope, which allows it to create, update, and delete events on calendars owned by the professional. In Appointmint's current implementation, that synchronization is performed only on the professional's primary calendar whenever an appointment is created, rescheduled, edited, or cancelled. Read-only access is not sufficient for this purpose.
16.3. Synced events may include data entered by the Customer or its Users, such as the appointment title, client name, service type, start/end date and time, and notes.
16.4. The Customer warrants that it only connects Google accounts for which it has proper authorization and that any information synchronized with third-party services complies with the GDPR, professional confidentiality duties, and other applicable laws.
16.5. Disabling the integration in Appointmint or revoking authorization in the Google account stops future synchronizations. The availability and continuity of this feature also depend on Google's systems and policies, for which Appointmint is not responsible.
17. Internal Access by Appointmint Staff
17.1. Authorised members of the AMBITIOUS WORLD, Lda. team may proactively access Customer Data in read-only mode for purposes of maintenance, technical support, service monitoring, error investigation (whether or not reported by the Customer), and compliance with legal or regulatory obligations.
17.2. Write access (modification or deletion of Customer Data) by Appointmint staff is only carried out upon the Customer's explicit written request, except where strictly necessary to restore data security or to comply with a legal obligation.
17.3. All internal accesses are recorded in audit logs and are subject to role-based access controls, the least-privilege principle and confidentiality obligations. Personnel with access to Customer Data are contractually bound by confidentiality obligations.
ANNEX A — DATA PROCESSING AGREEMENT (GDPR)
Roles: Customer = Controller; Appointmint = Processor.
- Subject and Duration: Processing of personal data of the Customer's clients/patients, professionals and contacts, for the duration of the Plan.
- Nature and Purposes: provision of the Services (scheduling, reminders, invoicing via integration, analytics, support).
- Categories of Data / Data Subjects: identification and contact details; transactional data (appointments, payments); health data (if the Customer chooses to record clinical information in forms or reports).
- Documented Instructions: Appointmint will process data only on the Customer's instructions, including transfer to Sub-processors listed in Annex B.
- Confidentiality: authorised persons committed to confidentiality.
- Security: appropriate technical and organisational measures (pseudonymisation; encryption in transit; backups; access logs; least-privilege principle).
- Sub-processing: generally authorised to the Sub-processors in Annex B; Appointmint ensures equivalent obligations. Will notify changes with 15 days for reasonable objections.
- Assistance: to respond to data subject requests (access / rectification / erasure / portability / objection / restriction) and fulfill GDPR obligations (impact assessments, breach notifications).
- Location and Transfers: preferred storage in the EEA; international transfers only with adequate safeguards (Standard Contractual Clauses, adequacy decisions) and information to the Customer.
- Retention and Return: on termination, delete or return personal data, unless legally required to retain.
- Audits: provision of necessary information and cooperation in reasonable audits (1/year, with ≥30 days' notice, without access to third-party secrets).
- Liability: each Party is responsible for its own GDPR violations within the scope of their respective roles.
ANNEX B — SUB-PROCESSORS
- Cegid Vendus (electronic / fiscal invoicing; software certified by the Portuguese Tax Authority, no. 2230/AT)
- EasyPay (payment processing — MB Way, credit card, Multibanco reference; payment institution authorised by the Banco de Portugal, special registration no. 8706)
- Cloud infrastructure services (AWS and Cloudflare, in EU/EEA)
- MailJet (email and SMS delivery service)
- OpenAI (AI processing for the Mintu assistant, only when this feature is enabled by the Customer)
- GoHighLevel (CRM integration, only when this integration is enabled by the Customer)
- SPMS / Autenticação.Gov / CMD (integrations with Portuguese health information systems and digital signature, only for Customers using these specific features)
Have Questions?
Contact us at [email protected]
Last Updated
April 2026
