Privacy Policy

When a business owner or staff member uses the Service, we collect the following information:

• Business legal name and trade name
• Business address and physical location
• Business contact email
• Business phone number and forwarding number
• Business hours and operating schedule
• Business type and category
• Business website content, including marketing copy and photographs
• Service catalog: services offered, service options, descriptions, prices, durations
• Add-on products: descriptions, prices, availability rules
• Staff information: names, profile photos, descriptions, roles, schedules, service assignments, and bookability status
• Booking preferences and settings
• Account credentials, including phone numbers and password hashes for managers and staff PINs for receptionists and staff
• Booking history and operational records associated with the business

When a customer books an appointment through a business that uses Kai Booking, we collect on behalf of that business:

• First name and last name
• Phone number
• Booking details: service selected, service options, prices, add-ons, date and time of appointment, assigned staff
• Booking history: previous bookings made through the same business
• Verification codes sent and received via SMS during the booking process

We do not collect payment information from booking customers, as Kai Booking does not process payments. All payments occur directly between the customer and the business.

We may collect certain information automatically when you use the Service, including:

• IP address and approximate geographic location
• Browser type and version
• Operating system and device type
• Pages viewed and actions taken on the Service
• Date and time of access
• Referring website addresses

We use cookies and similar tracking technologies to operate the Service, remember user preferences, and analyze usage. The categories of cookies and similar technologies we use include:

• Essential cookies: Required for authentication, session management, and core Service functionality. These cannot be disabled without breaking the Service.
• Preference cookies: Remember language settings, display preferences, and similar non-essential customizations.
• Analytics cookies: We currently use Google Analytics or similar analytics tools to understand how users interact with the Service. We may add additional analytics, error monitoring, or session recording tools in the future. We will update this Privacy Policy when we do.

You may disable cookies in your browser settings, but doing so will likely prevent you from using essential parts of the Service.

We do not use cookies for cross-site advertising or behavioral targeting, and we do not sell your personal information to advertisers.

If you book an appointment through a Kai Booking-powered business, your booking information is collected on behalf of that business and is accessible to that business and its authorized staff. The business is responsible for how it uses and retains your information beyond the operational needs of the booking.

We use the following third-party service providers (subprocessors) to operate the Service:

• Supabase, Inc. — Database, authentication, file storage, and realtime infrastructure
• Vercel Inc. — Application hosting and content delivery
• Twilio Inc. — SMS message delivery
• Google LLC — Translation services via the Google Cloud Translation API; analytics services via Google Analytics
• Functional Software, Inc. (d/b/a Sentry) — Application error monitoring and performance telemetry

These subprocessors process information on our behalf under contractual obligations to maintain its confidentiality and security and to use it only for the purposes for which we engage them. We may add or replace subprocessors. A current list will be maintained in this Privacy Policy.

We may disclose information if required to do so by law, subpoena, court order, or other legal process, or if we believe in good faith that disclosure is necessary to:

• Comply with a legal obligation
• Protect and defend our rights or property
• Investigate or prevent suspected fraud, security violations, or technical issues
• Protect the personal safety of users of the Service or the public
• Enforce our Terms of Service or other agreements

If we are involved in a merger, acquisition, asset sale, financing, reorganization, bankruptcy, or similar transaction, your information may be transferred as part of that transaction. We will provide notice before personal information is transferred and becomes subject to a different privacy policy.

We may share information for any other purpose with your express consent.

We do not sell personal information to advertisers, data brokers, or any other third party for monetary or other valuable consideration. We do not "share" personal information for cross-context behavioral advertising as those terms are defined under the CCPA.

You may request the following at any time by emailing info@kaibooking.com:

• Access: A copy of the personal information we hold about you and your business
• Correction: Correction of inaccurate information
• Deletion: Deletion of your account and associated data, subject to the retention periods described in Section 6 and any legal obligations we have to retain certain records
• Portability: A copy of your data in a portable format
• Withdrawal of consent: Where applicable, withdrawal of consent for specific processing activities

We will respond to verified requests within 45 days. We may extend this period by an additional 45 days if reasonably necessary, with notice to you. We may require you to verify your identity before fulfilling certain requests.

If you booked an appointment through a business that uses Kai Booking, your booking information is collected on behalf of that business. Requests to access, correct, or delete your booking information should be directed to the business that took your booking.

If you contact us at info@kaibooking.com with such a request, we will direct you to the appropriate business and may, at our discretion, assist that business in fulfilling your request.

If you are a California resident, you have the following rights under the California Consumer Privacy Act and the California Privacy Rights Act:

• Right to know what personal information we collect, use, disclose, and (if applicable) sell about you
• Right to delete personal information we have collected from you, subject to certain exceptions
• Right to correct inaccurate personal information
• Right to opt out of sale or sharing of personal information for cross-context behavioral advertising. We do not sell or share personal information for these purposes.
• Right to limit use of sensitive personal information. We do not use sensitive personal information for purposes that would trigger this right.
• Right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us at info@kaibooking.com. We will verify your identity before responding to a request. You may designate an authorized agent to make a request on your behalf, subject to verification.

We do not knowingly process the personal information of California residents under the age of 16. (See Section 9.)

We extend equivalent rights to residents of other US states with applicable privacy laws (including but not limited to Virginia, Colorado, Connecticut, Utah, and other states whose laws come into effect during the period this Privacy Policy is in force). Contact us at info@kaibooking.com to exercise these rights.