Privacy Policy

Last updated: September 12, 2025

Effective date: September 12, 2025

GDPR Compliant CCPA Compliant
Privacy at a Glance
We Don't Sell Data

Your personal information is never sold to third parties.

Secure Storage

All data is encrypted and stored securely using industry standards.

You Control Data

Access, modify, or delete your data at any time.

Transparent Practices

Clear and honest about how we handle your information.

1. Introduction

Welcome to WaitAm. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and protect your information when you use our booking platform and related services.

This policy applies to all WaitAm services, including our website, mobile applications, and API services.

2. Information We Collect

Personal Information You Provide

Account Information
  • Name and contact details
  • Email address and phone number
  • Business information
  • Profile picture and preferences
Booking Information
  • Appointment details and history
  • Service preferences
  • Special requests and notes
  • Cancellation reasons
Payment Information
  • Payment method details
  • Billing address
  • Transaction history
  • Invoice information
Communication
  • Messages and support inquiries
  • Feedback and reviews
  • Survey responses
  • Marketing preferences

Information We Collect Automatically

  • Usage Data: How you interact with our platform, features used, time spent
  • Device Information: Device type, operating system, browser information
  • Location Data: IP address and general location (with permission)
  • Cookies and Tracking: As described in our Cookie Policy

3. How We Use Your Information

Service Provision

Provide, maintain, and improve our booking platform and related services.

Communication

Send notifications, confirmations, updates, and respond to your inquiries.

Security

Protect against fraud, unauthorized access, and ensure platform security.

Analytics

Analyze usage patterns to improve our services and user experience.

Marketing

Send promotional content and personalized recommendations (with consent).

Legal Compliance

Meet legal obligations and enforce our terms of service.

4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

Contract Performance

Processing necessary to provide our services and fulfill our contract with you.

Consent

When you explicitly consent to processing for specific purposes like marketing.

Legal Obligation

Processing required to comply with legal requirements and regulations.

Legitimate Interest

For business operations, security, and service improvement where balanced against your rights.

5. How We Share Your Information

We never sell your personal data. We only share information as described below.

Service Providers

We work with trusted third-party service providers who help us operate our platform:

Payment Processors

Stripe for secure payment processing

Cloud Infrastructure

AWS for secure data storage and hosting

Communication

Email and SMS delivery services

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to this privacy policy.

Legal Requirements

We may disclose information when required by law, court order, or to protect our rights and safety.

6. Data Security

We implement comprehensive security measures to protect your data:

Encryption

Data encrypted in transit and at rest using industry-standard protocols

Access Control

Strict access controls and regular security audits

Infrastructure

Secure cloud infrastructure with 99.9% uptime

Staff Training

Regular security training for all team members

7. Your Privacy Rights

You have the following rights regarding your personal data:

Request a copy of all personal data we hold about you, including how it's being used.

Request correction of inaccurate or incomplete personal data.

Request deletion of your personal data in certain circumstances.

Request your data in a machine-readable format to transfer to another service.

Object to processing based on legitimate interests or for direct marketing purposes.
Exercise Your Rights

To exercise any of these rights, contact us at [email protected]

We will respond to your request within 30 days as required by law.

8. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

Active Account Data

Retained while your account is active and for service provision

Financial Records

7 years for tax and accounting purposes

Marketing Data

Until you withdraw consent or 2 years of inactivity

Support Records

3 years for quality assurance and legal purposes

9. International Data Transfers

Your data may be transferred and processed in countries other than your residence. We ensure appropriate safeguards:

  • Adequacy Decisions: Transfers to countries recognized by the EU as having adequate data protection
  • Standard Contractual Clauses: Binding agreements with recipients to protect your data
  • Certification Schemes: Partners certified under recognized privacy frameworks

10. Changes to This Privacy Policy

We may update this privacy policy from time to time. When we make significant changes, we will:

1
Notify You

Send email notification of significant changes

2
Update Date

Update the "Last Modified" date at the top of this policy

3
Highlight Changes

Provide a summary of key changes in our notification

11. Contact Us

If you have questions about this privacy policy or our data practices, please contact us:

Privacy Officer
[email protected]
Data Protection Officer
[email protected]

Related Legal Documents

Terms of Service
Cookie Policy
Contact Us