• Business Owners (B2B): Service providers utilizing our SaaS architecture for appointment management, Point of Sale (POS), and invoicing.
• End-Users (B2C): Customers utilizing the platform to discover businesses and book appointments securely.

• Account Integrity: Registration requires accurate information and adheres to a Zero-Trust architecture. 
• Multi-Factor Authentication (MFA): Business Owners and Staff are strongly encouraged to utilize Time-Based One-Time Password (TOTP) MFA.
• Session Security: "Trusted Device" tokens are securely stored and strictly expire after 30 days to prevent unauthorized remote access.

• Automated Billing: Premium features are billed via Stripe on a recurring basis. Automated webhooks handle instant upgrades and account lockouts upon payment failure.
• Downgrade Policy: To ensure absolute fairness and prevent proration exploits, downgrades take effect strictly at the end of the current billing cycle. No immediate prorated refunds are issued.
• GoBD Invoicing: All B2B and B2C transactions generate an immutable, mathematically locked PDF invoice at the exact moment of payment ("Burn-on-Payment"), permanently logging applicable tax rates and Steuernummer for German tax compliance.

• B2C Agreements: iLoveTermin acts solely as a technical intermediary. Booking contracts are legally binding strictly between the End-User and the Business Owner.
• Cancellation Audit Logs: All cancelled appointments are permanently logged in the system (including `cancelled_by` and `cancellation_reason`) to ensure complete transparency and dispute resolution.

• Data Preservation: Terminating an account triggers a "Soft Delete" protocol. To strictly comply with German GoBD tax laws, financial transactions, PDF invoices, and their associated user IDs are preserved securely, while public access and login capabilities are instantly revoked.