Privacy Policy

1. Introduction

Booking Relay ("we," "us," or "our") is committed to protecting your privacy and the privacy of your customers. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you subscribe to our AI receptionist services (the "Service"). By using our Service, you agree to the collection and use of information in accordance with this policy. We operate from the United States of America, and by using our Service, you acknowledge that your data will be processed in the United States.

2. Information We Collect

We collect information in two primary categories: Client Data and End-User Data. Client Data refers to information about you, the MedSpa owner or administrator, including your business name, billing address, email address, phone number, and payment information. End-User Data refers to the information regarding your patients or customers that passes through our AI system. This includes names, phone numbers, appointment times, service preferences, and transcripts of conversations held with the AI receptionist. We act as a Data Processor (or Service Provider) regarding End-User Data, processing it solely on your behalf.

3. How We Use Your Information

We use the collected information for specific business purposes. Service Delivery: We use Client and End-User Data to operate the AI receptionist, schedule appointments, and manage calendar integrations. AI Improvement: We may use anonymized and aggregated data to improve the accuracy and responsiveness of our AI models. Communication: We use your contact details to send invoices, technical notices, and support messages. Legal Compliance: We may use data to comply with applicable legal obligations, such as tax laws or law enforcement requests.

4. Data Sharing and Disclosure

We do not sell your data or your patients' data. We may share information with Third-Party Service Providers who assist us in operating our Service, such as cloud hosting providers (e.g., AWS, Google Cloud), payment processors (e.g., Stripe), and telecommunication providers. These third parties are authorized to use your personal information only as necessary to provide these services to us. Mobile Information Exclusion: No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties. Legal Requirements: We may disclose information if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend our rights or property, or prevent fraud.

5. International Data Transfers

Booking Relay is based in the United States of America. If you are accessing our Service from outside the United States, including from the European Economic Area (EEA) or other regions with laws governing data collection and use that may differ from U.S. law, please note that you are transferring your personal information to the United States. By providing your information to the Service, you consent to any transfer and processing in accordance with this Policy.

6. Data Security

We implement industry-standard security measures designed to protect your data from unauthorized access, alteration, disclosure, or destruction. This includes encryption of data in transit and at rest. However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

7. Data Retention

We retain Client Data for as long as your account is active or as needed to provide you the Service. We retain End-User Data (appointment logs and transcripts) for a period necessary to fulfill the purposes outlined in this policy or as required by your specific Service Agreement. You may request the deletion of data by contacting us, subject to our legal obligations to retain certain records.

8. Your Rights and Responsibilities

Client Rights: You have the right to access, correct, or request deletion of the personal information we hold about you. MedSpa Owner Responsibility: As the controller of your patients' data, you are responsible for ensuring that you have obtained the necessary consents (such as HIPAA authorization in the US or GDPR consent in Europe) to share your patients' data with a third-party AI provider like Booking Relay.

9. Children's Privacy

Our Service is intended for business use. We do not knowingly collect personally identifiable information from children under the age of 18 without parental consent facilitated by the MedSpa provider.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: Phone/WhatsApp: 888-854-3011 Country of Operations: United States of America