Privacy Policy

Last updated: 9/15/2025

1. Information We Collect

Business Information: We collect information you provide directly to us, including:

• Business name, address, and contact details
• Authorized user names, email addresses, and phone numbers
• Payment and billing information (processed securely through Stripe)
• Service configuration and integration settings
• Support communications and service requests

Client Data (Your Customers): Through our service, we may process:

• Contact information (names, phone numbers, email addresses)
• Communication content (SMS, WhatsApp messages)
• Booking and appointment information
• Payment and deposit information
• Service preferences and treatment history

Technical Data: We automatically collect:

• Usage data and service performance metrics
• Device information and IP addresses
• Log files and error reports
• Cookies and similar tracking technologies

2. Legal Basis for Processing

We process personal data under the following legal bases:

• Contract Performance: To provide our booking automation services
• Legitimate Interest: To improve our services and prevent fraud
• Consent: For marketing communications and optional features
• Legal Obligation: To comply with applicable laws and regulations
• Vital Interest: To protect health and safety in medical contexts

3. How We Use Your Information

Service Provision: We use information to:

• Provide 24/7 AI booking automation services
• Process and respond to missed calls and messages
• Qualify leads and schedule appointments
• Collect deposits and process payments
• Send automated reminders and confirmations
• Integrate with your existing systems (calendars, CRM)

Business Operations: We also use information to:

• Provide customer support and technical assistance
• Process payments and manage billing
• Improve our services and develop new features
• Ensure security and prevent fraud
• Comply with legal and regulatory requirements
• Generate anonymized analytics and reports

4. SMS/WhatsApp Communications

Service Communications: By using our service, you consent to receive SMS and WhatsApp messages for service-related purposes including booking confirmations, reminders, and support.

Opt-Out Rights: You can opt out at any time by:

• Replying STOP to any SMS or WhatsApp message
• Replying HELP for assistance
• Contacting us directly at support@uppace.ai
• Using the unsubscribe link in email communications

Important: Message and data rates may apply. Opting out of service communications may impact the functionality of our booking automation service.

5. Data Security

We implement comprehensive security measures to protect personal information:

• End-to-end encryption for all communications
• Secure data transmission using SSL/TLS protocols
• Regular security audits and penetration testing
• Access controls and authentication mechanisms
• Secure data centers with physical security measures
• Regular staff training on data protection
• Incident response procedures for data breaches

6. Data Sharing and Disclosure

We do not sell, rent, or trade personal information. We may share information only in these limited circumstances:

• Service Providers: With trusted third parties who assist in service delivery (WhatsApp, Stripe, GoHighLevel)
• Legal Requirements: When required by law, court order, or regulatory authority
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• Consent: When you have given explicit consent for specific sharing
• Vital Interest: To protect health, safety, or prevent harm

7. Your Rights (GDPR/UK GDPR)

If you are in the UK or EU, you have the following rights regarding your personal data:

• Right of Access: Request copies of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Rights Related to Automated Decision-Making: Human review of automated decisions

To exercise these rights, contact us at support@uppace.ai. We will respond within 30 days.

8. Data Retention

We retain personal data for the following periods:

• Active Accounts: For the duration of service provision
• Inactive Accounts: 2 years after last activity
• Financial Records: 7 years for tax and accounting purposes
• Support Communications: 3 years for service improvement
• Legal Requirements: As required by applicable laws

After retention periods expire, data is securely deleted or anonymized.

9. International Data Transfers

Some of our service providers may be located outside the UK/EU. We ensure adequate protection through Standard Contractual Clauses (SCCs) and other appropriate safeguards as required by law.

10. Third-Party Services

We integrate with third-party services that have their own privacy policies:

• WhatsApp Business API: Meta's privacy policy applies to WhatsApp communications
• Stripe: Payment processing subject to Stripe's privacy policy
• GoHighLevel: CRM integration subject to GHL's privacy policy
• Google/Outlook: Calendar integration subject to respective privacy policies

11. Children's Privacy

Our service is not intended for individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware of such collection, we will delete the information promptly.

12. Changes to This Policy

We may update this privacy policy periodically. We will notify you of material changes via email or through our service. Continued use after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us: