Privacy Policy

Last updated: June 21, 2026

Short version: we collect what we need to make bookings work, we don't sell your data, and you can delete your account whenever you want. The longer version is below.

What we collect

From providers: name, email, phone, business address, service catalog, schedule, photos, payment details (handled by Stripe, never stored by us).

From customers: name, email, phone, the bookings you make, optional address for on-site services, payment receipts.

Automatically: IP address, user agent, basic analytics (page views, error reports). We use first-party analytics — no third-party trackers.

How we use it

• To run bookings: route the request from customer to provider, send confirmations, reminders, reviews, and cancellation emails.
• To bill providers: Stripe charges your card; we get a receipt, not your card number.
• To improve the product: aggregated, anonymous usage stats. No individual profiling.
• To comply with the law: respond to legitimate legal requests, prevent fraud and abuse.

Who we share with

• The provider you're booking with sees your name, email, phone, and notes.
• The customer can see the provider's public page and the contact info on it.
• Processors we rely on: Stripe (payments), Mailgun/SES (email delivery), Meta Cloud API (WhatsApp templates), OpenAI/Gemini (only for the AI assistant feature, and only when a provider explicitly invokes it).
• We do not sell or rent your data to advertisers.

Cookies

We use session cookies to keep you logged in and a preference cookie to remember dark mode. We do not use third-party tracking cookies. You can clear them at any time from your browser settings.

Your rights

• Access: export your data from your account settings.
• Correct: edit anything you've entered, anytime.
• Delete: close your account from your account settings. We retain a copy for 90 days for recovery, then it's gone.
• Object: email privacy@serveeta.com to opt out of any non-essential processing.

Data residency

Data is stored in EU and US regions depending on your account location. We don't transfer personal data outside these regions except through processors with adequate safeguards.

Children

Serveeta is not intended for children under 16. If a provider's category targets minors (e.g. tutoring), a guardian must create the booking on the child's behalf.

Security

We use TLS for all traffic, hashed passwords (Argon2id), and least-privilege access controls. Found a vulnerability? Please email security@serveeta.com — we run a responsible-disclosure program.

Changes

Material changes are announced 30 days in advance via email and on this page.

Contact

Questions about privacy: privacy@serveeta.com.

This policy is a starting point. Before going live, review it against the privacy law in each jurisdiction you operate (GDPR, CCPA, etc.) and have a lawyer sign off.