Includes Data Processing Agreement (section 8). Last updated: June 2026
1. Scope and contracting parties
These Terms and Conditions ("T&C") govern the contractual relationship between
Ing. Kenny Tran, BA, sole proprietor
Marx-Reichlich Straße 2A, 5020 Salzburg, Austria
VAT ID: ATU82918318
(hereinafter "blushy", "we" or "us")
and the studio (hereinafter "Studio", "User" or "you") regarding the use of the Software-as-a-Service platform "blushy" provided at blushy.at ("Platform" or "Service").
These T&C apply to all current and future contracts about the use of the Platform, irrespective of whether a paid or free plan is chosen. Section 8 of these T&C contains the Data Processing Agreement under Art. 28 GDPR and is an integral part of this contract.
The Platform is intended exclusively for entrepreneurs within the meaning of § 1 Austrian KSchG or § 1 UGB. Consumers cannot use the Platform as users. To the extent mandatory consumer protection law applies, its provisions take precedence over these T&C.
Any deviating, conflicting or supplementary general terms of the Studio shall not become part of the contract unless their applicability is expressly agreed in writing.
2. Subject matter and definitions
blushy provides the Studio with cloud-based software for managing a beauty and wellness studio. Features include, in particular:
Appointment and calendar management
Customer management
Online booking by end customers via a dedicated booking page
Automated reminders, confirmations and marketing messages (email, SMS, WhatsApp)
Invoicing and payment features (optional via Stripe Connect)
AI-powered assistant "Lars" for preparing responses to inquiries
Within the meaning of these T&C:
"Studio": the legal or natural person using the Platform and acting as blushy's contracting party.
"Workspace": the workspace assigned to the Studio within the Platform, with its own data.
"Staff": a natural person using the Workspace on behalf of the Studio.
"End customer": the customers of the Studio whose data is processed within the Workspace.
"Content": all data entered into or uploaded to the Platform by the Studio or its end customers.
3. Registration and contract formation
Use of the Platform requires registration of a Workspace. Truthful and complete information must be provided at registration; changes shall be updated without undue delay.
The contract is concluded when blushy confirms the registration. By completing registration, the Studio accepts the applicable T&C including the Data Processing Agreement (DPA) contained in section 8.
The Studio designates at least one natural person as the workspace owner. That person is entitled to invite additional staff, assign permissions and take contract-relevant decisions (e.g. plan change, termination).
Each staff member receives an own, personal user account. Sharing of login credentials is prohibited.
blushy reserves the right to refuse registrations without giving reasons or to suspend accounts on reasonable suspicion of abuse.
4. Scope of services and plans
4.1 Free Plan
The Free Plan is permanently free of charge and includes a limited number of appointments per month and a limited number of staff. The exact scope of features is set out in the current description at blushy.at/preise.
4.2 Pro Plan
The Pro Plan is paid and billed per staff member. It includes unlimited appointments and staff and all standard features.
4.3 Expert Plan
The Expert Plan extends the Pro Plan with automations, workflows and marketing features. Terms are agreed individually.
4.4 Third-party services
Some features rely on external providers, in particular Stripe Connect (payment processing), Meta WhatsApp Business Cloud API (WhatsApp dispatch), Google Calendar (calendar sync). The respective providers' terms apply in addition.
4.5 Continuous development
blushy continuously develops the Platform. Features may be extended or modified, provided the essential purpose of the contract is not impaired. We notify Studios at least 30 days in advance via email or dashboard about material changes affecting a plan.
4.6 Beta features
Features explicitly marked as "Beta", "Preview" or "experimental" are provided without warranty. Reduced warranty and liability rules apply (sections 15 and 16).
5. Availability, maintenance, force majeure
blushy strives for a high level of availability. Continuous, uninterrupted availability cannot be technically guaranteed.
Planned maintenance will, where possible, be performed outside usual business hours (Mon–Fri, 8:00–18:00 CET/CEST) and announced in advance.
blushy is not liable for interruptions or disruptions caused by force majeure, in particular:
Outages or disruptions of third-party services (e.g. hosting providers, ISPs, Stripe, Meta WhatsApp)
Strikes, lockouts, sovereign acts
Cyber attacks that succeed despite reasonable protective measures
Events outside blushy's control
6. Studio's obligations
The Studio undertakes to use the Platform only within applicable law and these T&C. In particular, the Studio ensures:
To keep login credentials confidential and protect them against unauthorised access; to inform blushy immediately upon suspicion of abuse.
To use content (treatments, texts, images, end-customer data) only in a way that does not infringe third-party rights — in particular copyrights, trademarks, personality rights.
As controller under GDPR, to independently fulfil data protection obligations vis-à-vis end customers (especially information obligations under Art. 13 GDPR and obtaining required consents, e.g. under Art. 9 GDPR for health data or § 174 Austrian TKG 2021 for marketing).
To ensure that valid consent of the end customer exists before sending marketing communication (email, SMS, WhatsApp) and that this consent can be evidenced on request.
To independently comply with professional, trade and hygiene obligations — particularly for medical cosmetics or other regulated activities.
Not to upload or send unlawful, discriminatory, youth-endangering or spam content.
Not to use the Platform in a way that impairs its availability (e.g. unauthorised automated access, scraping or load testing).
The Studio indemnifies blushy against any third-party claims based on a breach of these obligations, including reasonable costs of legal defence.
7. Data protection
Details about data processing by blushy are provided in our Privacy Policy.
Where the Studio processes personal data of its end customers as part of using the Platform, the Studio is the controller and blushy is the processor within the meaning of Art. 28 GDPR. The terms of this processing relationship are governed by section 8 of these T&C (Data Processing Agreement).
8. Data Processing Agreement under Art. 28 GDPR
This section 8 constitutes the Data Processing Agreement under Art. 28 GDPR ("DPA") between the Studio as controller and blushy as processor. It is concluded in electronic form by accepting these T&C upon registration and is an integral part of the main contract.
8.1 Preamble and scope
This DPA governs the processing of personal data by blushy on behalf of the Studio. It applies to all processing that blushy carries out for the Studio in connection with the Platform and which concerns personal data of end customers or other data subjects managed by the Studio in the Workspace.
Processing where blushy is itself the controller (e.g. data of Studio staff in the context of contract formation and performance, billing, support, security and product analytics) is not subject to this DPA but to the Privacy Policy.
8.2 Subject matter, data categories, data subjects
Subject matter: Provision of the cloud-based "blushy" platform for managing the Studio, its end customers and related business processes, including appointment booking, marketing communication, payment processing and AI-supported assistance.
Nature and purpose: Collection, storage, display, modification, transmission (to end customers and to the sub-processors named in 8.7), backup, restoration and deletion of personal data.
Data categories:
Identification and contact data (name, address, phone, email)
Appointment data (date, time, staff, treatment)
Treatment history and studio-entered notes, where applicable images
Health data within the meaning of Art. 9 GDPR, where the studio records such
Marketing consents and opt-out status
Payment metadata (amount, status, payment-method tokens via Stripe)
Communication logs (email, SMS, WhatsApp)
Contents of the studio's knowledge base (treatments, prices, opening hours)
Categories of data subjects:
End customers of the studio
Staff of the studio, insofar as recorded in the Workspace
Contact persons of external partners (e.g. suppliers), where recorded
8.3 Duration
This DPA begins with the conclusion of the contract and ends automatically when the main contract ends. Obligations regarding return or deletion (section 8.11) remain unaffected. The right of either party to extraordinary termination for cause remains unaffected.
8.4 Instructions
blushy processes personal data exclusively on documented instructions of the Studio. An implicit instruction results from contractual use of the Platform's features and is comprehensively described in this DPA and the remaining provisions of these T&C. Instructions going beyond this shall be given in text form (e.g. by email to [email protected]).
blushy will inform the Studio without delay if, in blushy's opinion, an instruction violates data protection law of the Union or the Member States. In such a case, blushy is entitled to suspend the execution of the relevant instruction until the Studio confirms or amends it.
blushy does not process personal data for its own purposes beyond what is necessary to perform the main contract and this DPA. Statistical, fully anonymised analytics to improve the Platform are excluded.
8.5 Processor's obligations
blushy undertakes in particular:
(a) Confidentiality: All persons involved in processing are bound to confidentiality (Art. 28(3)(b), Art. 29 GDPR). This duty continues after termination of their activity.
(b) Technical and organisational measures: blushy implements the measures described in the Annex TOM to ensure security of processing pursuant to Art. 32 GDPR and adapts them to the state of the art.
(c) Support for data subject rights: blushy supports the Studio in handling requests for access, rectification, erasure, restriction, data portability and objection (Art. 12 to 23 GDPR). The Platform provides export, anonymisation and deletion functions.
(d) Support for Art. 32 to 36 GDPR duties: blushy supports the Studio in complying with security duties, breach notification and DPIA obligations.
(e) Breach notification: see section 8.9.
(f) Information about authority requests: Should blushy receive an official order to release the Studio's data, blushy will inform the Studio without delay, to the extent legally permissible, and review the lawfulness of the order.
(g) Contact: As blushy is not legally required to appoint a data protection officer, the email address [email protected] serves as central contact for data protection matters.
8.6 Controller's obligations
In its relationship to the data subjects, the Studio is responsible for the lawfulness of the processing (Art. 24 GDPR) and undertakes in particular to:
ensure a valid legal basis for the processing (Art. 6 GDPR; for special categories also Art. 9 GDPR);
fulfil information obligations vis-à-vis data subjects pursuant to Art. 13 and 14 GDPR, including reference to blushy's use as a processor;
prior to sending direct marketing (email, SMS, WhatsApp), obtain the consents required under § 174 Austrian TKG 2021 and Art. 6(1)(a) GDPR and document them;
assign and regularly review permissions within the Workspace appropriately;
provide instructions going beyond contractual use in text form;
notify the Processor without delay of errors or irregularities discovered during verification of the processing.
8.7 Sub-processors
General authorisation: The Studio grants blushy a general authorisation pursuant to Art. 28(2) GDPR for the engagement of the sub-processors listed in the Annex Sub-Processors.
Changes of sub-processors: blushy will inform the Studio in good time about planned changes regarding the addition or replacement of sub-processors, as a rule at least 30 days before the change. Notice is provided by email to the address stored in the Workspace or via a dashboard notice.
Right to object: The Studio may object to the change within 14 days of receipt of the notice on serious data protection grounds. If an objection is raised, the parties will first try to find an amicable solution. If no solution is found, both parties are entitled to extraordinary termination of the main contract at the time of the planned change.
Sub-processor contracts: blushy concludes contracts with each sub-processor ensuring an adequate level of data protection under Art. 28(4) GDPR. blushy is liable to the Studio for the sub-processors' compliance with data protection obligations under this DPA.
8.8 International transfers
Where personal data is transferred to a sub-processor located or processing outside the EEA — particularly in the USA — such transfer is based on:
the EU-US Data Privacy Framework (Adequacy Decision of the EU Commission of 10 July 2023) — where the provider is certified; and/or
the EU Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914) as appropriate safeguards within the meaning of Art. 46 GDPR.
blushy provides copies of the safeguards concluded with the respective sub-processors on request of the Studio.
8.9 Personal data breaches
blushy will report any breach of the protection of personal data to the Studio without delay, at the latest within 48 hours of becoming aware. The report contains, where available:
a description of the nature of the breach as well as the categories and approximate number of affected persons and records;
the name and contact details of a contact person at blushy;
a description of the likely consequences of the breach;
a description of measures taken or proposed to remedy and mitigate.
blushy supports the Studio in any required notification to the supervisory authority under Art. 33 GDPR and in informing data subjects under Art. 34 GDPR.
8.10 Audit and verification rights
blushy makes available to the Studio all information necessary to demonstrate compliance with this DPA. This includes in particular:
the current version of this DPA including annexes;
a self-disclosure on the technical and organisational measures in place;
where available, reports of external audits or certifications of sub-processors (e.g. SOC 2, ISO 27001 from Cloudflare, Supabase, Stripe).
To the extent such information is not sufficient, the Studio may, with appropriate prior notice (at least 30 days), during usual business hours and without disrupting operations, conduct an on-site audit or have an audit performed by an independent third party bound to confidentiality. The Studio bears the costs, unless the audit reveals a material breach by blushy; in that case blushy bears the pro-rata costs.
8.11 Termination and return/deletion
After the end of the main contract, the Studio has the choice whether blushy returns the personal data processed on its behalf or deletes it.
After contract end, the data is available for self-export for 30 days. Thereafter the data will be irrevocably deleted within a reasonable period, subject to statutory retention obligations (in particular § 132 Austrian BAO for invoicing data). Data in rolling backups is irretrievably removed within 35 days.
blushy confirms the deletion to the Studio in text form on request.
8.12 Liability (external and internal)
Externally, the parties are liable under Art. 82 GDPR vis-à-vis data subjects. Internally, each party is liable for the consequences of its own breach of duty.
The liability limitations of section 16 of these T&C apply in addition, to the extent compatible with mandatory law — in particular Art. 82 GDPR.
In case of a conflict between the provisions of this DPA (section 8) and the other provisions of these T&C, the provisions of this DPA shall prevail — exclusively for matters of processing on behalf.
8.13 Annex — Technical and organisational measures (Art. 32 GDPR)
A. Confidentiality
Physical access control: Physical security of data centres is ensured by the hosting providers used (in particular Cloudflare, Supabase), certified to industry standards (e.g. ISO 27001, SOC 2). blushy does not operate its own data centres.
Logical access control: Authentication via Supabase Auth (hashed and salted passwords, optional multi-factor authentication). Restricted administrative access via personal accounts and multi-factor authentication; separation of production and development environments.
Permission control: Role-based permission system within the Workspace (admin, staff). Granular permissions can be configured by the Studio. Application-level separation of workspaces ("tenant isolation") via workspace IDs.
Pseudonymisation: Logging and product analytics use pseudonymous identifiers; end-customer names are not stored in logs or tracking events.
B. Integrity
Encryption in transit: All connections over TLS 1.2 or higher. Unencrypted transmission is not possible.
Encryption at rest: Database and file storage are encrypted at rest by the providers (Supabase: AES-256; Cloudflare R2: AES-256).
Input control: An audit log is maintained for security-relevant actions (e.g. role changes, data exports, deletions).
C. Availability and resilience
Backups: Automated, encrypted backups in EU data centres. Rolling retention of up to 35 days.
USA (San Francisco); EU data residency enabled for R2
Stripe Payments Europe Ltd / Stripe, Inc.
Subscription billing (platform) and payment processing for studios via Stripe Connect
Ireland (Dublin) / USA
Resend, Inc.
Transactional email dispatch
USA
Meta Platforms Ireland Ltd
WhatsApp Business Cloud API
Ireland (Dublin); intra-group transfers to USA possible
PostHog Inc.
Product analytics (EU cloud)
USA (San Francisco); processing in EU region
BetterStack s.r.o.
Server logging, uptime monitoring
Czech Republic (Prague)
Anthropic PBC
Claude API for AI assistant "Lars" (with zero-data-retention)
USA (San Francisco)
Google LLC / Google Ireland Ltd
Gemini API (AI fallback), Google Calendar API
Ireland (Dublin) / USA
Langfuse GmbH
Observability for AI calls
Germany (Berlin)
All transfers to third countries are safeguarded by Standard Contractual Clauses (SCC) and/or the EU-US Data Privacy Framework (DPF) (see section 8.8).
9. Online payments via Stripe Connect
Studios can accept payments from end customers via the Platform. For this purpose, "Stripe Connect" of Stripe Payments Europe Ltd, Dublin, Ireland, is used.
9.1 Separate contractual relationship with Stripe
By activating the payment feature, the Studio accepts Stripe's terms (in particular the Stripe Connected Account Agreement and the Stripe Services Agreement). The Studio enters into a separate contractual relationship with Stripe. blushy is not a party to that contract.
9.2 Role of blushy
blushy is not a payment service provider within the meaning of § 1 Austrian ZaDiG. blushy provides only the technical integration with Stripe and platform functionality (e.g. presenting available payment options, triggering PaymentIntents, displaying payment status in the Workspace).
9.3 Platform fee
blushy is entitled to retain a platform fee per transaction. Amount and calculation result from the configuration chosen at blushy.at/preise or from individual agreements.
9.4 Studio's obligations
The Studio is in particular responsible for:
Completing Stripe's identity verification (KYC).
Proper invoicing to end customers, including issuance of receipts and, where applicable, the cash register obligation under § 131b Austrian BAO.
Correct payment of VAT.
Handling refunds, cancellations and chargebacks within the statutory rules and Stripe's terms.
9.5 Payout holds by Stripe
Stripe is entitled to delay or withhold payouts on its own grounds (e.g. risk management, KYC). blushy has no influence over this and assumes no liability for it.
10. WhatsApp and SMS communication
The Studio can send communications to end customers via Meta's WhatsApp Business Cloud API or SMS providers through the Platform. The respective terms of Meta and the SMS providers apply additionally.
The Studio represents that, prior to each dispatch, a valid consent of the respective end customer exists and can be evidenced on request. Marketing messages are sent exclusively to end customers with documented opt-in.
blushy is entitled to block dispatches where there is reasonable suspicion of unlawful use (e.g. spam, missing opt-in, breach of Meta's policies).
For violations attributable to the Studio — particularly missing consents — the Studio indemnifies blushy against third-party claims (including fines and warning costs).
11. AI assistant "Lars"
Studios can activate the optional AI assistant "Lars", which classifies incoming inquiries and prepares response suggestions. Processing takes place using external AI providers (in particular Anthropic and Google) with whom we have concluded agreements on data protection, including non-use of input for training purposes ("zero-data-retention").
Lars's response suggestions are recommendations; the final decision — for example to confirm an appointment or send a message — rests with the Studio. There is no solely automated decision within the meaning of Art. 22 GDPR.
blushy continuously works to improve the quality of Lars's suggestions. Due to the probabilistic nature of generative AI, suggestions may nevertheless be incorrect, incomplete or misleading. No accuracy guarantee is given. The Studio reviews each recommendation before use.
12. Content and usage rights
12.1 Ownership of content
Ownership of content uploaded by the Studio — in particular end-customer data, treatment notes, images, text — remains with the Studio.
12.2 Licence to blushy
The Studio grants blushy a simple, geographically unrestricted licence, limited to the term of the contract, for such content to the extent necessary for performing the contract (storage, processing, display, transmission to end customers).
12.3 Software ownership
All rights to the Platform software, its source code, designs, logos and trademarks remain with blushy or the respective rights holders. By concluding this contract, the Studio is granted a simple, non-exclusive, non-transferable right to use the Platform for the term of the contract.
13. Prices and payment
13.1 Prices
Applicable prices are set out at blushy.at/preise and in individual offers (Expert Plan). All prices are in Euro and exclusive of statutory VAT, unless stated otherwise.
13.2 Billing
Paid plans are billed in advance, monthly or annually depending on the billing period chosen. For user-based pricing (Pro Plan), the number of active staff in the respective billing period is used; subsequent additions are billed pro-rata.
13.3 Payment processing
Payment is processed via Stripe (Stripe Payments Europe Ltd, Dublin, Ireland) using the payment method stored by the Studio. blushy itself does not store credit card data.
13.4 Late payment
In case of late payment, after unsuccessful reminder with a reasonable additional period, we are entitled to temporarily restrict access to the Platform. Stored data remains intact during such a suspension. Default interest and reminder fees apply pursuant to statutory provisions (in particular UGB).
13.5 Price changes
Price changes will be announced at least 30 days before they take effect by email. In case of a price increase, the Studio may terminate the contract extraordinarily at the time the change takes effect. Adjustments due to statutory tax rates (e.g. VAT) are excluded.
14. Term, termination, data export
14.1 Term
The contract is concluded for an indefinite period. With monthly billing, the billing period renews for another month; with annual billing, for another year — in each case unless terminated in time.
14.2 Ordinary termination
Monthly billing: termination effective at the end of the current billing month.
Annual billing: termination effective at the end of the current billing year.
Free Plan: at any time by closing the Workspace.
Termination can be declared via Workspace settings or by email to [email protected].
14.3 Extraordinary termination
The right to extraordinary termination for cause remains unaffected. Cause exists for blushy in particular in case of sustained payment default, abuse, or serious breach of these T&C.
14.4 Data export and deletion
After contract end, the Studio's data remains available for self-export for 30 days. Thereafter the data will be deleted within a reasonable period, subject to statutory retention obligations (in particular for invoices under § 132 Austrian BAO). Rolling backups remove data within 35 days irrevocably. Complementary provisions from the DPA (section 8.11) apply in addition.
15. Warranty
blushy warrants that the Platform substantially conforms to the current feature description. Minor deviations and features in beta stage do not constitute defects.
The Studio shall report defects without delay upon becoming aware and describe them in a comprehensible manner (time, affected feature, where possible reproduction steps). blushy will fix reported defects within a reasonable period.
Towards Studios as entrepreneurs, the statutory warranty period is shortened to 12 months from the conclusion of the contract. §§ 922 ff. Austrian ABGB otherwise remain unaffected.
The warranty does not cover, in particular:
Problems caused by non-conforming use of the Platform.
Impairments caused by incompatibilities with outdated browsers or devices.
Disruptions caused by external services (e.g. Stripe, Meta, Google).
Damage caused by force majeure or third-party interference.
16. Limitation of liability
blushy is liable without limitation
for damages from injury to life, body or health that are based on a negligent or intentional breach of duty by blushy,
for damages based on gross negligence or intent by blushy, and
for damages based on the breach of a guarantee expressly given by blushy or compensable under the Austrian Product Liability Act (PHG).
For ordinary negligence, blushy is liable only for breach of essential contractual duties (cardinal duties) whose fulfilment is necessary for proper performance of the contract and on whose compliance the Studio regularly relies. In such cases liability is limited to the typical foreseeable damage and capped at the amount paid by the Studio in the twelve months prior to the loss event, but at least EUR 100.
blushy is not liable for lost profit, indirect or consequential damages, to the extent legally permissible.
blushy is not liable for data loss to the extent the damage results from a missing backup by the Studio and could reasonably have been avoided via the export function provided in the Platform.
The foregoing limitations also apply for the benefit of blushy's statutory representatives, staff and vicarious agents.
Liability under Art. 82 GDPR vis-à-vis end customers and the provisions of the DPA (section 8.12) remain unaffected.
17. Changes to the terms
blushy is entitled to change these T&C including the DPA with effect for the future, in particular in case of legal, regulatory or product-related needs. Changes will be announced at least 30 days in advance by email to the address stored in the Workspace or via a clearly visible notice in the dashboard.
If the Studio does not object to the changes within 30 days from receipt of the notice in text form, the changes shall be deemed accepted at the time they take effect. We will draw express attention to this consequence in the notice.
If the Studio objects in time, blushy is entitled to terminate the contract at the time the change takes effect.
18. Final provisions
18.1 Applicable law
Austrian law applies, excluding the UN Convention on Contracts for the International Sale of Goods and the conflict-of-law provisions of international private law.
18.2 Place of jurisdiction
For all disputes arising out of or in connection with this contract, the exclusive jurisdiction of the competent court in Salzburg, Austria is agreed, to the extent legally permissible. Mandatory court jurisdiction remains unaffected.
18.3 Text form
Amendments to this contract require text form; this also applies to a waiver of the text form requirement. Email is sufficient.
18.4 Severability
If individual provisions of these T&C are invalid or unenforceable, the validity of the remaining provisions remains unaffected. The invalid provision shall be replaced by a provision that comes closest to the economic intent of the invalid provision.
18.5 Assignment
The Studio may only transfer rights or duties under this contract to third parties with blushy's prior written consent. blushy may transfer the contract within a corporate succession to a legal successor; the Studio will be informed in good time.
Date: June 2026. The DPA in section 8 is an integral part of these T&C under Art. 28 GDPR. This English version is provided for convenience. In case of inconsistencies, the German version shall prevail.