Privacy Policy

Last updated: April 7, 2026

1. Introduction

BookedHer ("we," "us," or "our") operates the website bookedher.com and related services (the "Platform"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Platform.

By using BookedHer, you agree to the collection and use of information as described in this policy.

2. Information We Collect

Information you provide:

  • Name, email address, and phone number (during registration)
  • Password (stored securely using bcrypt hashing — we never store plain-text passwords)
  • Business information for beauty professionals (business name, services, pricing, availability, city/state/zip)
  • Portfolio photos uploaded by beauty professionals
  • Booking details (date, time, service selected, notes)
  • Reviews and ratings

Information collected automatically:

  • Device and browser information (user agent, screen size)
  • IP address
  • Pages visited and interactions on the Platform
  • Cookies and similar technologies (see Section 8)

Information from third parties:

  • Payment information processed by Stripe (we do not store credit card numbers, CVVs, or full card details)

3. Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Contract performance — to provide you with the Platform services you requested (account creation, bookings, subscriptions)
  • Legitimate interests — to improve our Platform, prevent fraud, and ensure security
  • Legal obligations — to comply with applicable laws and regulations
  • Consent — where you have provided consent for specific processing activities (e.g., marketing communications, non-essential cookies)

4. How We Use Your Information

  • To create and manage your account
  • To facilitate bookings between clients and beauty professionals
  • To process subscription payments via Stripe
  • To display beauty professional profiles and portfolios to clients
  • To send transactional communications (booking confirmations, account updates)
  • To improve and maintain the Platform
  • To enforce our Terms of Service
  • To comply with legal obligations

We do not use your personal information for automated decision-making or profiling that produces legal or similarly significant effects.

5. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share information with:

  • Stripe — to process payments (subject to Stripe's Privacy Policy)
  • Vercel — our hosting provider (subject to Vercel's Privacy Policy)
  • Neon — our database provider (subject to Neon's Privacy Policy)
  • Other users — beauty professional profiles (name, business name, portfolio, services, city, reviews) are publicly visible. Client names are visible to beauty professionals for confirmed bookings.
  • Law enforcement — when required by law, subpoena, or court order
  • Business transfers — in connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction

6. Your Rights

You have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you
  • Correction — request that we correct inaccurate data
  • Deletion — request that we delete your personal data
  • Portability — request your data in a machine-readable format
  • Opt-out of marketing — opt out of marketing communications at any time
  • Opt-out of profiling — opt out of any automated profiling or targeted advertising
  • Right to appeal — if we deny your request, you may appeal by contacting us. If you are unsatisfied with our response, you may file a complaint with the Maryland Attorney General's Office

To exercise any of these rights, contact us at privacy@bookedher.com. We will respond within 45 days. If we need additional time, we will notify you of the extension and the reason.

7. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know — you may request the categories and specific pieces of personal information we have collected about you
  • Right to delete — you may request deletion of your personal information, subject to certain exceptions
  • Right to opt-out of sale — we do not sell your personal information. If this changes, we will provide a "Do Not Sell My Personal Information" link
  • Right to non-discrimination — we will not discriminate against you for exercising your CCPA rights

To make a CCPA request, email privacy@bookedher.com with the subject line "CCPA Request." We will verify your identity before processing your request.

Categories of personal information collected in the past 12 months: identifiers (name, email, IP address), commercial information (booking history, subscription data), internet activity (browsing history on our Platform), and professional information (for Beauty Pros: business name, services, portfolio).

8. Cookies

We use cookies for:

  • Essential cookies — to maintain your login session and remember your preferences. These are required for the Platform to function.
  • Analytics cookies — to understand how visitors use the Platform (if applicable). You may opt out of these via the cookie consent banner.

You can control cookies through your browser settings. Disabling essential cookies may affect the functionality of the Platform.

9. Data Security

We implement industry-standard security measures to protect your personal information, including:

  • HTTPS/TLS encryption for all data in transit
  • Encrypted database storage at rest
  • Bcrypt password hashing
  • Secure, HttpOnly session cookies
  • Rate limiting on authentication endpoints
  • Security headers (X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy)
  • No storage of raw payment card data (handled by Stripe)

While we strive to protect your data, no method of transmission or storage is 100% secure. If we discover a data breach that affects your personal information, we will notify affected users and applicable authorities in accordance with Maryland law and other applicable data breach notification laws.

10. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Specifically:

  • Account data — retained while your account is active. Upon deletion request, removed within 30 days. To request removal, email privacy@bookedher.com.
  • Transaction records — retained for 7 years as required for tax and accounting purposes.
  • Server logs — retained for up to 90 days for security and debugging purposes.
  • Backup data — may persist in encrypted backups for up to 30 days after deletion.

11. International Data Transfers

Our Platform is hosted in the United States. If you access the Platform from outside the United States, your information may be transferred to, stored, and processed in the United States. By using the Platform, you consent to such transfers.

12. Children's Privacy

BookedHer is not intended for users under the age of 18. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected data from a minor, we will delete it promptly. If you believe a minor has provided us personal information, please contact us at privacy@bookedher.com.

13. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify you by email (if we have your email address) and by posting the updated policy on this page with a new "Last updated" date. Your continued use of the Platform after 30 days following the posting of changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or your personal data, contact us at:

BookedHer
Email: privacy@bookedher.com
Mail: BookedHer, PO Box [TBD], Maryland, USA

Note: Physical mailing address will be updated once our business PO Box is established.

← Back to BookedHer