Privacy Policy

Last updated: January 30, 2025

1. Introduction

Seed Logic, LLC ("we," "our," or "us") operates BookerKit, a booking widget optimization platform for businesses using Zenoti. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

By using BookerKit, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this privacy policy, please do not access the service.

2. Information We Collect

2.1 Information You Provide

• Account Information: When you create an account, we collect your name, email address, and password.
• Business Information: We collect information about your business, including your Zenoti Center ID and API credentials.
• Payment Information: We use Stripe to process payments. Your payment card details are collected and processed directly by Stripe and are not stored on our servers.
• Communications: When you contact us, we collect information you provide in your messages.

2.2 Information Collected Automatically

• Device Information: Device type, operating system, browser type and version, screen resolution, and viewport size.
• Usage Data: Pages visited, features used, actions taken, and time spent on the service.
• Analytics Data: We collect UTM parameters, referrer information, and advertising click identifiers (such as Google Ads gclid, Facebook fbclid) for attribution purposes.
• Log Data: IP address, access times, and error logs.

2.3 Information About Your End Users (Guests)

When end users (guests) interact with your booking widget, we collect:

• Guest name, email address, and phone number
• Booking details (service, date, time, provider)
• Session information for analytics (device, browser, referrer, UTM parameters)

This data is collected on your behalf as a data processor, and you remain the data controller for your guest data.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our service
• Process transactions and send related information
• Send you technical notices, updates, and support messages
• Respond to your comments, questions, and customer service requests
• Monitor and analyze usage patterns and trends to improve our service
• Detect, prevent, and address technical issues and security threats
• Provide analytics and reporting features to help you understand booking performance
• Comply with legal obligations

4. Information Sharing

We may share your information in the following situations:

• Service Providers: We share data with third-party vendors who perform services on our behalf, including:
  • Supabase (database and authentication)
  • Stripe (payment processing)
  • Twilio (SMS notifications)
  • Resend (email communications)
  • Cloudflare (security and performance)
• Zenoti Integration: We transmit booking data to Zenoti as required to process bookings through your Zenoti account.
• Webhooks: If you configure webhooks, we send booking data to your specified endpoints.
• Legal Requirements: We may disclose information if required by law, regulation, or legal process.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. After account deletion, we retain data for up to one (1) year to comply with legal obligations, resolve disputes, and enforce our agreements.

Guest booking data is retained according to your account settings and applicable data retention requirements.

6. Data Security

We implement appropriate technical and organizational security measures to protect your information, including:

• Encryption of data in transit using TLS/SSL
• Encryption of sensitive data at rest
• Row-level security for database access control
• Multi-factor authentication (MFA) support
• Regular security audits and monitoring

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Your Rights and Choices

7.1 Account Information

You may update, correct, or delete your account information at any time by logging into your dashboard or contacting us.

7.2 Email Communications

You may opt out of promotional emails by following the unsubscribe instructions in those emails. You cannot opt out of transactional emails related to your account or service.

7.3 Cookies and Tracking

We use cookies and similar technologies to operate our service and provide analytics features. These include:

• Essential Cookies: Required for the service to function, including authentication and session management.
• Analytics Cookies: Used to understand how users interact with our service, track booking attribution, and improve our platform.

You can control cookies through your browser settings, but disabling cookies may affect functionality.

8. European Users (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, this section applies to you.

8.1 Legal Basis for Processing

We process your personal data based on the following legal bases:

• Contract Performance: Processing necessary to provide our services to you, including account management, booking processing, and customer support.
• Legitimate Interests: We rely on legitimate interests for analytics, service improvement, security, and fraud prevention. Specifically:
  • Session analytics (device, browser, referrer data) to understand service usage and improve our platform
  • Attribution tracking (UTM parameters, click IDs) to help our business customers understand their booking sources
  • Security monitoring and fraud detection to protect the service
• Legal Obligations: Processing required to comply with applicable laws.

We have assessed that our legitimate interests do not override your rights and freedoms, given the business-to-business nature of our service and the limited scope of data collected.

8.2 Your Rights

Under the GDPR, you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your personal data
• Right to Restriction: Request restriction of processing
• Right to Portability: Request your data in a portable format
• Right to Object: Object to processing based on legitimate interests (we will cease processing unless we have compelling grounds)

8.3 International Data Transfers

Your data is transferred to and processed in the United States. We use appropriate safeguards to protect data transferred outside the EEA, including Standard Contractual Clauses where applicable.

To exercise your rights, contact us at support@bookerkit.com.

9. California Users (CCPA Rights)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request information about the categories and specific pieces of personal information we have collected
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information)
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

Categories of Information Collected: Identifiers, commercial information, internet activity, geolocation data, and professional information.

We Do Not Sell Personal Information: We do not sell, rent, or trade your personal information to third parties.

To exercise your CCPA rights, contact us at support@bookerkit.com.

10. Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For material changes, we will provide notice via email or through our service.

Your continued use of the service after any changes constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Seed Logic, LLC
Email: support@bookerkit.com

If you are in the EEA or UK and believe we have not adequately addressed your concerns, you may contact your local data protection authority.