Privacy Policy

1. Information We Collect

Information You Provide: We collect information you provide directly when registering or using our Platform, including:

• Full name, email address, and phone number
• Mailing or service address (for mobile beauty services)
• Payment information — processed via Stripe; we do not store full card numbers
• Profile photos and service preferences
• Communications with providers and with us

Automatically Collected Information:

• Usage data: pages viewed, features used, booking history
• Device information: browser type, operating system, device identifiers
• IP address and general location data derived from IP
• Session data via our authentication cookie (bm_session)

2. SMS / TCPA Consent

By providing your phone number and creating an account, you expressly consent to receive transactional SMS messages from Beauty Meet using automated technology. These messages include booking confirmations, appointment reminders, rebooking prompts, and important account notifications.

To opt out: Reply STOP to any SMS message at any time. After opting out, you will receive a single confirmation message, and no further messages will be sent to that number. Note that opting out of SMS may affect your ability to receive time-sensitive booking updates.

Message frequency varies based on your activity. Message and data rates may apply. For help, reply HELP or contact hello@beautymeetapp.com.

3. How We Use Your Information

• To create and manage your account and authenticate your identity
• To process bookings, payments, and refunds
• To send appointment confirmations, reminders, and service updates via SMS and email
• To connect you with beauty professionals and facilitate service delivery
• To detect and prevent fraud, abuse, or violations of our Terms of Service
• To improve and personalize the Platform
• To comply with legal obligations and respond to lawful requests
• To send occasional marketing communications (where you have consented and may opt out at any time)

4. Third-Party Sharing

We do not sell your personal information. We share your information only as follows:

• Providers: Your name and relevant contact details are shared with the beauty professional you book, solely to fulfill your appointment.
• Stripe: Payment information is processed by Stripe, Inc. Stripe's processing is governed by their Privacy Policy.
• Twilio: SMS messages are delivered via Twilio, Inc. Twilio receives your phone number to deliver messages on our behalf.
• Legal requirements: We may disclose information when required by law, subpoena, or to protect the rights and safety of users or the public.
• Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Payment Data

Credit card and payment details are processed and stored by Stripe, Inc. Beauty Meet stores only a Stripe customer ID and payment method token — never full card numbers, CVVs, or sensitive card data. Stripe maintains PCI-DSS Level 1 compliance.

6. CCPA — California Residents

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you specific rights regarding your personal information:

• Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you in the past 12 months, as well as the categories of sources, business/commercial purposes for collection, and categories of third parties with whom we share information.
• Right to Delete: You may request deletion of personal information we have collected, subject to certain exceptions (e.g., completing a transaction, legal obligations).
• Right to Opt-Out of Sale: We do not sell your personal information. If this ever changes, we will provide a "Do Not Sell My Personal Information" mechanism.
• Right to Non-Discrimination: We will not discriminate against you for exercising any CCPA rights. You will not receive different prices, reduced quality of service, or be denied services for exercising these rights.

To submit a CCPA request, email hello@beautymeetapp.com with the subject "CCPA Request." We will respond within 45 days.

7. GDPR — European Users

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including the right to access, correct, port, and erase your personal data, and to object to or restrict processing. Our lawful basis for processing is primarily contract performance and, for marketing communications, consent. To exercise GDPR rights, contact hello@beautymeetapp.com.

8. Data Retention & Deletion

We retain your account information for as long as your account is active, or as needed to provide services. Booking records are retained for a minimum of 3 years for legal and accounting purposes. You may request account deletion by emailing hello@beautymeetapp.com. Certain records may be retained longer where required by law or for legitimate business interests (e.g., dispute resolution, fraud prevention).

9. Cookies & Tracking

We use a single session cookie ("bm_session") strictly for authentication and keeping you logged in. We do not use tracking cookies, advertising pixels, analytics SDKs, or any third-party tracking technology. We do not share browsing data with advertising networks.

By continuing to use the Platform, you consent to our use of session cookies as described. You may disable cookies in your browser, but this will prevent you from logging in or using core functionality.

10. Security

We implement industry-standard security measures including TLS/HTTPS encryption for all data in transit, bcrypt password hashing, and access controls. No method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

11. Children's Privacy

Our Platform is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email or an in-app notice. Your continued use of the Platform after the effective date of a revised policy constitutes your acceptance of the changes.

13. Contact & Privacy Requests

For all privacy-related requests, questions, or concerns — including data access, deletion, CCPA, or GDPR requests — contact us at: