SpaSphere.ai Logo
    Blog

    Privacy Policy

    Effective Date: July 1, 2025

    Welcome to SpaSphere ("we", "our", or "us"). This Privacy Policy explains how we collect, use, and protect your information when you use our platform, including our booking tools, business dashboard, integrations (e.g., Google Calendar, Stripe), and hosted public websites.

    By using SpaSphere, you agree to the terms of this Privacy Policy.

    1. Information We Collect

    a. Account Information

    • Name, email address, phone number
    • Business name and address
    • Profile photo or logo

    b. Appointment & Client Data

    • Service bookings, client notes, and medical concerns (if entered)
    • Calendar events and scheduling data

    c. Payment Information

    • Billing address
    • Stripe account ID (for business owners)
    • Stripe payment tokens (note: we do not store card numbers)

    d. Google Calendar Integration

    If you choose to connect your Google Calendar:

    • Your Google account email
    • Encrypted access and refresh tokens
    • Synced appointment event IDs

    We never access your emails or contacts.

    e. Technical Data

    • IP address
    • Browser type and version
    • Device information
    • Cookies (used for login sessions and preferences)

    2. How We Use Your Information

    We use your information to:

    • Provide and personalize your SpaSphere experience
    • Schedule and sync appointments
    • Process payments via Stripe
    • Send appointment confirmations and reminders
    • Analyze platform usage to improve performance
    • Ensure security and prevent abuse

    We do not sell or rent your personal data.

    3. Sharing Your Information

    We share your data only as necessary:

    • Google: Only if you connect your calendar
    • Stripe: For secure payment processing
    • Service Providers: Hosting, analytics, and support (bound by confidentiality agreements)
    • Legal Authorities: If required by law or to protect our rights

    4. Data Security

    We take your privacy seriously:

    • All third-party tokens are encrypted using industry-standard encryption (Fernet)
    • All data is transmitted securely over HTTPS
    • Role-based access control protects sensitive data
    • Regular backups and system monitoring are in place

    5. Your Rights

    You have the right to:

    • Access or correct your personal information
    • Disconnect integrations like Google Calendar
    • Delete your account
    • Request export or deletion of your data (email: support@spasphere.ai)

    6. Data Retention

    We retain data only as long as needed to deliver our services or comply with legal requirements. You can request deletion at any time.

    7. Children's Privacy

    SpaSphere is not intended for children under 13. We do not knowingly collect information from minors.

    8. California Privacy Rights

    If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including the right to access, correct, or delete your personal information.

    SpaSphere does not sell your personal data. We only collect and process information to support your use of the platform.

    To exercise your rights, contact us at support@spasphere.ai.

    9. Changes to This Policy

    We may update this Privacy Policy from time to time. If material changes are made, we will notify you via email or dashboard notification.

    10. Contact Us

    If you have any questions about this Privacy Policy, you can reach us at:

    SpaSphere, LLC.

    Email: support@spasphere.ai