🔥 You’re Early! The First 99 Shops Get 33% OFF — For Life

Join the First 99!

Privacy Policy (includes Cookies)

Title: Salon Ring — Privacy Policy
Last Updated: [insert date]

1) Scope & Roles
Salon Ring is a controller for most activities. When we process caller data strictly on your instructions (e.g., booking into your scheduler), we act as your processor; see the DPA.

2) Data We Collect
Account: name, business details, email, phone, address.
Billing: payment tokens, billing address, tax status (via Stripe).
Service data: call audio/recordings, transcripts/summaries, SMS/MMS content & metadata, prompts, booking details, agent configs, Booksy connection info.
Usage & device: IP, device/browser IDs, logs, pages viewed, cookies/SDK events.
Support: tickets, chats, test calls.

3) Sources
From you, from callers interacting with your numbers, automatically from your use, and from third-party services you connect (e.g., Booksy) under your instructions.

4) Purposes
Provide/operate Services; place bookings you request; process payments and taxes; prevent fraud/abuse; analyze and improve performance; product communications; security notices; (with consent) marketing.

5) Legal Bases (where applicable)
Contract; legitimate interests (security, improvement); consent (recording announcements, marketing, certain cookies); legal obligations (tax/compliance).

6) Sharing
With subprocessors (cloud hosting, telephony like Twilio, AI runtime like Vapi, LLM providers, Stripe, analytics, support, email/SMS delivery); with services you connect (e.g., Booksy); with advisors/authorities where required. We don’t sell personal information.

7) International Transfers
Data may be processed in other countries (e.g., US/EU). We use appropriate safeguards (e.g., SCCs) where required.

8) Retention
Kept as long as needed to provide Services, comply with law, resolve disputes, and enforce agreements. You may request deletion of recordings/transcripts; we’ll fulfill unless retention is legally required.

9) Your Choices & Rights
Access, correction, deletion; GDPR rights (objection, restriction, portability) where applicable; opt-out of marketing; cookie controls via consent banner/browser.

10) Security
Technical/organizational measures include encryption in transit, access controls, logging/monitoring. No system is 100% secure; secure your credentials and third-party accounts.

11) Children
Not intended for children under 16.

12) Cookies (rolled into this page)
Used for auth, preferences, analytics, fraud prevention, and (with consent) marketing. Disabling certain cookies may affect functionality.

13) Third-Party Sites/Platforms
Links/integrations (e.g., Booksy) follow their own policies.

14) Changes
We’ll update this Policy as needed; see “Last Updated.”

15) Contact
[email protected]

Annex (Subprocessors — summary; full list in DPA Annex III)
Stripe (payments), telephony carriers (e.g., Twilio), Vapi (voice/AI orchestration), LLM providers (e.g., OpenAI if configured), AWS/GCP/Azure (hosting), analytics/monitoring, support, and email/SMS delivery vendors.