Privacy Policy

1. What we collect

From account holders (businesses):

• Name, email, phone, business name.
• Billing data (processed by Stripe / Mercado Pago).
• Services, schedule, and professional configuration.

From end customers (who book with you):

• Name, phone number, or email if applicable.
• AI assistant conversation messages.
• History of bookings at your business.

Automatically:

• Technical data: browser, IP, analytics events via Google Analytics 4.
• Cookies — see Cookies Policy.

2. What we use it for

• Operate the service: process bookings, sync your calendar, send confirmations.
• Improve the product through aggregated, anonymized analysis.
• Communication: service notifications, support, and updates.

3. Who we share it with

We do not sell personal data. We share only with:

• Infrastructure providers (Supabase, AWS) under confidentiality agreements.
• Payment processors (Stripe, Mercado Pago, PayU) by country.
• Meta / WhatsApp, when you use the WhatsApp Business integration.
• Authorities, where legally required.

4. Your rights

• Access your data.
• Request correction or deletion.
• Export your data (bookings, customers, configuration).
• Close your account anytime; data is deleted within 30 days.

5. Storage and security

• Data stored on encrypted infrastructure (Supabase, AWS).
• TLS on all communications.
• WhatsApp tokens stored securely.

6. Retention

We retain data while your account is active. After closure, we delete within 30 days unless legally required to retain longer.

7. Children

Appcitas is not directed at children under 13.

8. Changes

We may update this policy. We will notify you of material changes by email.

9. Contact

privacidad@appcitas.com