Privacy Policy

This policy applies to:

• Business account holders who register for and use the platform (our direct customers).
• Visitors to our marketing website and people who contact our support team.
• End customers who book appointments on a business's hosted booking page powered by BookerFlow.

When a business uses the platform to book and serve its own customers, the business is the controller (or equivalent) of those customers' personal information for its own purposes, and we act as the business's service provider / processor for the limited purpose of operating booking, notifications, and related platform functions. End customers should also read our Platform Notice and contact the business directly with questions about how the business uses their information.

When you create a business account with us, we are the controller of your business contact data, billing data, and account-level information necessary to provide the platform to you.

We collect the following categories of personal information:

• Account and identity data: name, email address, hashed password, business name, role, and timezone.
• Business configuration: services, prices, durations, staff names, availability, branding, booking policies, and any content you upload.
• End-customer appointment data (processed on the business's behalf): name, email, phone number, appointment date and time, service selected, optional SMS-consent indicator, and any notes the booking flow collects.
• Billing data: subscription plan, status, currency, invoice metadata, and a Stripe customer identifier. Payment card numbers are collected and stored by Stripe — we do not see or store full card numbers.
• Communications: support messages, replies, attachments, notification metadata (delivery, bounce, open where applicable), and SMS delivery status from carriers and providers.
• Usage, security, and device data: IP address, user-agent, language, referring page, pages visited, timestamps, session identifiers, error logs, abuse signals, rate-limit signals, and cookie identifiers.
• Consent records: timestamp, IP address, user-agent, version of the policy or terms accepted, and SMS opt-in evidence.

We do not knowingly collect sensitive categories of personal information such as health, biometric, genetic, racial, or precise location data. You agree not to use the platform to collect such information from your customers without first obtaining their explicit consent and ensuring you have a lawful basis to do so.

We use personal information to:

• Provide, operate, secure, monitor, troubleshoot, and improve the platform.
• Authenticate users, prevent abuse, fight fraud, and enforce rate limits and plan limits.
• Process subscriptions, addons, and invoices through Stripe and pay taxes where required.
• Send transactional emails such as confirmations, reminders, password resets, billing notices, security notices, and material policy updates.
• Deliver SMS messages on behalf of a business where the business has enabled and approved SMS and the recipient has provided consent.
• Respond to support requests, legal requests, and complaints.
• Comply with legal, regulatory, tax, and reporting obligations and respond to lawful requests from authorities.
• Maintain anonymized or aggregated analytics to understand usage and improve the platform.

Depending on the jurisdiction, our legal basis for processing may include performance of a contract (operating the Service), legitimate interests (running and securing a SaaS product, preventing fraud and abuse), consent (for optional SMS marketing or other communications where required), and compliance with legal obligations. We do not engage in automated decision-making that produces legal or similarly significant effects on individuals without human review.

We share personal information only as described in this policy:

• Service providers (subprocessors) who help us deliver the platform — see Section 5.
• Businesses, with their own end-customer data, through the dashboard and notifications they configure.
• Other authorized users in your business account, according to the access you grant them.
• Professional advisors (lawyers, accountants, auditors) under confidentiality obligations.
• Successors in a merger, acquisition, financing, reorganization, or sale of assets, subject to a confidentiality undertaking that maintains the same privacy commitments.
• Authorities, courts, or other parties when we believe in good faith that disclosure is required to comply with law, enforce our agreements, protect our rights, or address security, fraud, or safety issues.

We do not sell personal information for money, and we do not engage in cross-context behavioural advertising of personal information.

We currently rely on the following categories of subprocessors:

• Stripe, Inc. — subscription billing, payment processing, fraud screening.
• Twilio Inc. — SMS delivery, status callbacks, and number provisioning where enabled.
• SendGrid / Twilio SendGrid (or an equivalent provider) — transactional email delivery.
• Cloud hosting and managed-database providers — application, database, log, and backup storage in Canada and, where unavoidable, in other regions for resilience or third-party features.
• Error and uptime monitoring providers — operational diagnostics and aggregated usage metrics.

Subprocessors are bound by written agreements limiting their use of personal information to what is necessary to deliver services to us and requiring reasonable security safeguards. We may add or replace subprocessors from time to time and will update this list when material changes occur.

We retain personal information only as long as necessary for the purposes described in this policy, including to provide the Service, comply with legal and tax obligations, resolve disputes, and enforce our agreements. Typical retention periods:

• Account and business configuration: while the account is active and for up to 24 months after closure for backups, audit, dispute resolution, and tax recordkeeping.
• Appointment and customer records (processed for the business): according to the business's instructions, up to 24 months after the appointment by default, unless the business requests earlier deletion or longer retention is required by law.
• Billing records and invoices: at least 7 years after the transaction date to meet Canadian tax and accounting requirements.
• Security and operational logs: typically 30 to 365 days depending on log type.
• Consent and acceptance records: for the duration of the relationship and a reasonable period after, to demonstrate compliance.
• Support correspondence: typically 24 months from last contact.

When we no longer need personal information, we delete, anonymize, or aggregate it, subject to backup rotation cycles.

We use commercially reasonable administrative, technical, and physical safeguards designed to protect personal information, including encrypted transport (HTTPS), hashed and salted passwords, scoped database access, tenant-isolated queries, audit logging, rate limiting, and routine security review. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

If we become aware of a confirmed security incident that materially affects the confidentiality, integrity, or availability of personal information we hold, we will notify affected businesses and, where required by law, individuals and regulators, without undue delay and consistent with applicable breach-notification laws (including PIPEDA and Quebec's Law 25).

We aim to process personal information in Canada. Some of our subprocessors operate outside Canada (including the United States and the European Union) and may process personal information there. When personal information is transferred outside Canada, it may be subject to lawful access requests by foreign authorities. We rely on appropriate contractual safeguards (such as standard contractual terms with our subprocessors) and take reasonable steps appropriate to the sensitivity of the data.

Depending on your jurisdiction (including Canada and Quebec under Law 25), you may have the right to:

• Access and obtain a copy of the personal information we hold about you.
• Request correction of inaccurate or incomplete personal information.
• Request deletion (subject to legal exceptions such as ongoing contractual, tax, or audit obligations).
• Withdraw consent for optional processing (such as marketing or non-essential SMS).
• Request portability of certain information in a structured, commonly used format.
• Object to or limit certain processing in defined circumstances.
• Lodge a complaint with a privacy regulator (such as the Office of the Privacy Commissioner of Canada or the Commission d'accès à l'information du Québec).

End customers should typically direct privacy requests to the business they booked with, because the business is the controller for those records. Where we are the controller (for example, of your business account data), email us at support@bookerflow.ca. We will verify your identity before responding and respond within the timeframes required by applicable law (in most cases within 30 days).

You can reach our Privacy Officer at support@bookerflow.ca for privacy questions, access or correction requests, and complaints. General support questions can go to support@bookerflow.ca.

When you visit BookerFlow, we and our service providers may store or read cookies and similar technologies (such as local storage) on your device. We use a cookie notice at the bottom of the site to explain what we use and to record your acknowledgement.

Cookie categories

• Essential (always active): session and authentication cookies (for example, keeping you signed in), security and abuse-prevention signals, and preferences needed to run booking and account features. These are necessary for the platform to work. You cannot opt out of essential cookies while using the Service, but you may block them in your browser — which may prevent sign-in or booking from working.
• Analytics (optional — not used today): we do not currently set analytics or advertising cookies. If we introduce optional analytics in the future, we will update this policy, ask for consent where required, and provide a way to opt in or out in the cookie preferences panel.

How to manage cookies

• Use the cookie notice on our website and open Preferences to review categories.
• Use your browser settings to block, delete, or limit cookies. Instructions vary by browser (Chrome, Safari, Firefox, Edge, etc.).
• Clear site data for bookerflow.ca if you want to reset sign-in cookies on a shared device.

We do not use third-party advertising cookies or cross-site behavioural advertising trackers on the core platform. We do not sell personal information collected through cookies. We do not currently respond to "Do Not Track" browser signals because no widely adopted industry standard exists.

Questions about cookies: support@bookerflow.ca.

The platform is intended for businesses. We do not knowingly collect personal information from children under the age required to form a binding contract in their jurisdiction (in Canada, generally under 13 or under 16 depending on context). If you believe a child has provided personal information to us through a booking page, contact support@bookerflow.ca and we will work with the relevant business to address it.

We may send service-related communications to all business account holders. Where you have opted in to marketing or product-update emails from us, you may unsubscribe at any time using the link in the email or by contacting us. Unsubscribing from marketing does not affect transactional or service-related communications.

We may update this policy from time to time. When we do, we will revise the "Last updated" date and, for material changes, take reasonable steps to notify you (such as email, in-app notice, or re-acceptance at login). Continued use of the platform after the effective date is acceptance of the updated policy.

Our website and booking pages may link to third-party sites or services that we do not operate. We are not responsible for the privacy practices or content of those sites. Review their privacy policies before providing personal information.