Privacy Policy

1. Introduction

MyChairHQ ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

• Account Information: Name, email address, phone number, business name, and address
• Profile Information: Business description, photos, services offered, pricing, and availability
• Client Information: Client names, contact details, appointment history, preferences, and notes you add
• Payment Information: Credit card details (processed securely through Stripe - we do not store full card numbers)

2.2 Automatically Collected Information

We automatically collect certain information when you use our Service:

• Usage Data: Pages visited, features used, time spent, and interactions with the Service
• Device Information: IP address, browser type, operating system, and device identifiers
• Cookies: Session cookies for authentication and preference cookies for user experience

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our Service
• Process appointments and send booking confirmations
• Send automated reminders and notifications
• Communicate with you about your account and updates
• Analyze usage patterns to improve user experience
• Prevent fraud and ensure security
• Comply with legal obligations
• Provide customer support

4. Information Sharing and Disclosure

4.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4.2 Service Providers

We share information with trusted service providers who assist us in:

• Payment Processing: Stripe for secure payment processing
• Email Delivery: Resend for transactional emails
• SMS Notifications: Twilio for appointment reminders (if enabled)
• Analytics: Anonymous usage data for service improvement
• Hosting: Vercel and AWS for infrastructure

These providers are bound by confidentiality agreements and may only use your information to provide services to us.

4.3 Legal Requirements

We may disclose your information if required by law or to:

• Comply with legal processes or government requests
• Enforce our Terms of Service
• Protect the rights, property, or safety of MyChairHQ, our users, or others
• Detect, prevent, or address fraud or security issues

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data transmitted between you and our servers is encrypted using SSL/TLS
• Database Security: Encrypted storage and access controls
• Authentication: Secure password hashing and session management
• Backups: Regular automated backups stored securely
• Access Controls: Limited employee access on a need-to-know basis

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Your Data Rights (GDPR Compliance)

If you are in the European Economic Area (EEA), you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we process your data
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, please contact us at privacy@mychairhq.com. We will respond within 30 days.

7. Data Retention

We retain your information for as long as:

• Your account is active
• Needed to provide you the Service
• Required to comply with legal obligations
• Necessary to resolve disputes and enforce our agreements

When you cancel your account, your data is retained for 30 days for recovery purposes, then permanently deleted unless legally required to retain it.

8. Cookies and Tracking

We use cookies and similar technologies to:

• Essential Cookies: Required for authentication and basic functionality
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Understand how you use the Service (anonymous)

You can control cookies through your browser settings. Note that disabling certain cookies may affect Service functionality.

9. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in compliance with this Privacy Policy and applicable laws.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the CCPA:

• Know what personal information we collect and how we use it
• Request deletion of your personal information
• Opt-out of the sale of personal information (we do not sell your data)
• Non-discrimination for exercising your privacy rights

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on this page
• Updating the "Last Updated" date
• Sending you an email notification (for significant changes)

Your continued use of the Service after changes constitutes acceptance.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices:

• Email: privacy@mychairhq.com
• Mail: MyChairHQ, Inc., [Address]
• Data Protection Officer: dpo@mychairhq.com