Privacy Policy

At Perceny, Inc., accessible from https://www.perceny.com, one of our main priorities is the privacy of our users. This Privacy Policy describes the types of information that is collected and recorded by Perceny, Inc. and how we use it.

This Privacy Policy applies to all users of the Platform, including Business Users (Owners, Managers, Stylists, and Staff) and End Clients (customers of businesses that use our Platform). Different types of data are collected depending on your role, as described in Section 6.

If you have questions or require more information about our Privacy Policy, please contact us using the details in Section 19.

We collect information that you provide directly to us, information generated by your use of the Platform, and information collected automatically.

Information You Provide

• Account registration: name, email address, phone number, and password.
• Business profile: business name, address, service offerings, operating hours, and photos.
• Payment information: billing address and payment method details (see Section 5 for how card data is handled).
• Communications: any information you provide when you contact us for support, submit feedback, or communicate with us directly.

Information Generated by Your Use

• Appointment history, booking records, and service notes.
• Transaction records, invoices, and payment history.
• Staff attendance and performance data (for Business Users).
• Client profiles, notes, and preferences (created and managed by Business Users).
• Reviews and ratings.
• Messages and notifications sent through the Platform.

Information Collected Automatically

• IP address, browser type, and device type.
• Pages visited, time spent on pages, and clickstream data.
• Cookies and similar tracking technologies (see Section 11).

Card on File — Clients

When a payment method is saved on the Platform — whether you enter it yourself during booking or checkout, it is entered at a kiosk, or a business staff member adds it to your client profile — it is stored via Stripe as a tokenized payment method. The applicable business may charge this card for services rendered, no-show fees, late-cancellation fees, outstanding balances, memberships, BNPL installments, or other amounts as described in our Terms of Service.

Card on File — Business Users

Payment methods provided by Business Users for platform subscription billing are stored via Stripe and used for recurring Subscription charges, plan upgrades, and any other outstanding amounts owed to Perceny, Inc..

Stripe Connect — Business Payouts

Business Owners who configure payouts via the Platform provide bank account information and identity verification details through Stripe Connect. This information is collected and held by Stripe in accordance with their terms and privacy policy. We may store reference identifiers for your Stripe Connect account for operational purposes.

Removing a Saved Card

You may request the removal of a saved payment method at any time through the Platform's account settings or by contacting the business. Removal of a card does not cancel any outstanding balance obligations. We will process removal requests in accordance with Stripe's policies.

We use the information we collect to:

• Provide, operate, and maintain the Platform and all its features.
• Process payments, manage Subscriptions, and handle billing for Business Users.
• Enable businesses to manage appointments, clients, staff, and operations.
• Facilitate payment processing for services rendered through the Platform.
• Send transactional communications: appointment confirmations, reminders, receipts, and payment notifications.
• Communicate with you about your account, including support requests and important updates.
• Send marketing and promotional communications (where you have opted in).
• Improve, personalize, and expand the Platform.
• Understand and analyze how users use the Platform.
• Develop new features, products, and services.
• Monitor and prevent fraud, unauthorized access, and abuse.
• Comply with legal obligations.
• Enforce our Terms of Service.

Perceny, Inc. does not sell client data collected by businesses to third parties, and does not use such data for advertising purposes beyond what is necessary to operate the Platform. We access business-collected client data only for: providing and improving Platform services, complying with legal obligations, investigating abuse or fraud, and as directed by the business.

We do not sell your personal information. We may share your information in the following circumstances:

Service Providers

We share information with trusted third-party service providers who assist us in operating the Platform, including:

• Stripe, Inc. — payment processing, card storage, and payouts.
• Cloud hosting and infrastructure providers.
• Email and SMS notification providers.
• Analytics providers.
• Customer support tools.

These service providers are contractually obligated to protect your information and may only use it to provide services to us.

Business Operations

End Client data is shared with the Business User who manages that client relationship. This includes appointment details, payment records, and profile information necessary to provide services.

Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency), or if we believe disclosure is necessary to protect the rights, property, or safety ofPerceny, Inc., our users, or others.

Business Transfers

In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on the Platform before your data is transferred.

Like most websites, Perceny, Inc. uses cookies. These cookies are used to store information including visitors' session tokens, preferences, and the pages on the Platform that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and other information.

We use the following types of cookies:

• Essential cookies: Required for the Platform to function, including authentication tokens and session management.
• Performance cookies: Help us understand how users interact with the Platform so we can improve it.
• Functional cookies: Remember your preferences such as language and display settings.

You can choose to disable cookies through your individual browser options. Note that disabling certain cookies may affect the functionality of the Platform.

Perceny, Inc.'s Privacy Policy does not apply to other websites or third-party services. We advise you to consult the respective Privacy Policies of these third-party service providers for more detailed information. Key third parties include:

• Stripe, Inc. — stripe.com/privacy
• Google (for Google Calendar integration, if enabled) — policies.google.com/privacy
• Apple / Google Play (for mobile app distribution) — subject to their respective platform privacy policies.

Transactional Messages

When you provide your email address or phone number to Perceny, Inc. or to a business using the Platform, you may receive transactional communications sent on behalf of Perceny, Inc. or the applicable business, including appointment confirmations, reminders, cancellation notices, payment receipts, and account security alerts. These messages are necessary for the operation of the Platform.

Marketing & Promotional Messages

How We Use Your Contact Information for Messaging

Your email address and phone number are used to:

• Deliver appointment reminders and confirmations.
• Send payment receipts and outstanding balance notifications.
• Transmit one-time passcodes and security alerts.
• Notify you of changes to your booking or account status.
• Send promotional offers, if you have opted in.

Business User Messaging

When a Business User sends messages to their clients through the Platform, the business is the sender of record. Perceny, Inc. acts as a technology conduit for such messages. The business is solely responsible for complying with the TCPA, CAN-SPAM Act, and any other applicable laws governing electronic communications to their clients.

Business Users may optionally connect their Perceny, Inc. account to their Google Calendar. This integration is entirely optional. When enabled:

• Appointment data (including appointment date, time, duration, service name, and staff member assignment) may be synced to the connected Google Calendar.
• Client names and contact details may be included in calendar event details depending on your sync settings.
• Google may receive information about your appointments as part of the sync process. This data is subject to Google's Privacy Policy.

You can disconnect the Google Calendar integration at any time through your account settings. Disconnecting will stop future syncing but will not automatically remove previously synced events from your Google Calendar.

Perceny, Inc. maintains an audit log for each business workspace that records actions taken by users within that workspace. This is a security and accountability feature that helps Business Owners monitor activity and investigate discrepancies.

What the Audit Log Records

• The identity of the user who performed an action (e.g., which staff member processed a payment, modified an appointment, or edited a client profile).
• The type of action performed (e.g., created, updated, deleted, charged, refunded).
• The date and time of the action.
• The affected record (e.g., which appointment, ticket, or client profile was modified).

Who Can Access Audit Logs

Audit log data is accessible to the business Owner and authorized Managers within the workspace. Perceny, Inc. may also access audit log data for: investigating fraud or abuse, resolving support disputes, and complying with legal obligations.

Staff Awareness

By using the Platform as a Staff member or Stylist, you acknowledge and consent to the fact that your actions within the Platform are logged and may be reviewed by your business Owner or Manager. This logging is an inherent part of the Platform's accountability infrastructure.

Retention

Audit log data is retained for the duration of the business account and for up to 2 years after account closure, after which it is deleted or anonymized.

Retention Periods

We retain your personal data for as long as necessary to provide the Platform services, comply with our legal obligations, resolve disputes, and enforce our agreements. Specifically:

• Account data: retained for the duration of your account and for up to 3 years after account deletion to satisfy legal and tax obligations.
• Transaction records: retained for a minimum of 7 years in accordance with financial record-keeping requirements.
• Appointment and service records: retained for the duration of the business relationship and up to 3 years thereafter.
• Payment method tokens: retained until you remove the card from the Platform or the business relationship ends, after which we request deletion from Stripe.

Account Deletion — Business Users

When a Business User deletes their account, Perceny, Inc. will remove Platform-controlled personal data within 30 days, subject to applicable retention obligations described above. Business-collected client data within the workspace will also be deleted unless the Owner first exports it.

Data Deletion — End Clients

We implement industry-standard technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using TLS/HTTPS.
• Encrypted storage of sensitive credentials.
• Access controls limiting data access to authorized personnel only.
• PCI DSS compliance via Stripe for all payment card data.
• Regular security reviews and monitoring.

No method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security. In the event of a data breach affecting your personal data, we will notify you as required by applicable law.

Under the California Consumer Privacy Act (CCPA), California consumers have the right to:

• Request that a business disclose the categories and specific pieces of personal data it has collected about them.
• Request that a business delete any personal data it has collected from them, subject to certain exceptions.
• Request that a business that sells consumers' personal data not sell their personal data.
• Not be discriminated against for exercising their CCPA rights.

Perceny, Inc. does not sell personal data to third parties. If you would like to exercise any of your CCPA rights, please contact us at [email protected]. We will respond to your request within one month.

If you are located in the European Economic Area (EEA), you have the following data protection rights under the General Data Protection Regulation (GDPR):

• The right to access — You have the right to request copies of your personal data.
• The right to rectification — You have the right to request correction of inaccurate or incomplete data.
• The right to erasure — You have the right to request erasure of your personal data, under certain conditions.
• The right to restrict processing — You have the right to request restriction of processing of your personal data, under certain conditions.
• The right to object to processing — You have the right to object to our processing of your personal data, under certain conditions.
• The right to data portability — You have the right to request that we transfer your data to another organization, or directly to you, under certain conditions.

If you make a request, we will respond within one month. To exercise any of these rights, please contact us at [email protected].

If you are an End Client and the data you wish to exercise rights over is held by a Business User, you may need to contact that business directly, as they are the data controller for your client profile within their workspace.

Perceny, Inc. does not knowingly collect any personally identifiable information from children under the age of 13. The Platform is not directed at children. If you are a parent or guardian and you believe your child has provided us with personal information, please contact us immediately at [email protected] and we will take steps to remove that information from our records as quickly as reasonably practicable.

We encourage parents and guardians to monitor and guide their children's online activity.