Privacy Policy

Welcome to Bukenio. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application, mobile applications, and related services (collectively, the "Services").

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide to us when you:

• Create an account (business or customer)
• Make a booking or appointment
• Process payments
• Communicate with us
• Use our services

This information may include:

• Name and contact information (email address, phone number)
• Business information (business name, address, description)
• Payment information (processed securely through Stripe)
• Profile information (bio, profile pictures)
• Booking and appointment details
• Communication preferences and history

1.2 Automatically Collected Information

When you access our Services, we automatically collect certain information, including:

• Device information (device type, operating system, browser type)
• Usage data (pages visited, features used, time spent)
• IP address and location data (approximate geographic location)
• Log data (access times, errors, performance data)
• Cookies and similar tracking technologies

1.3 Information from Third Parties

We may receive information from third-party services you choose to connect with our Services:

• Clerk: Authentication and user management services
• Stripe: Payment processing and financial data
• Social Media: If you choose to connect social media accounts

2. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide, maintain, and improve our booking and scheduling services
• Account Management: To create and manage your account, authenticate users, and provide customer support
• Bookings and Appointments: To process and manage bookings, send confirmations and reminders
• Payment Processing: To process payments, handle refunds, and manage subscriptions
• Communications: To send you service-related emails, notifications, and marketing communications (with your consent)
• Analytics: To understand how users interact with our Services and improve functionality
• Security: To detect, prevent, and address fraud, security breaches, and technical issues
• Legal Compliance: To comply with legal obligations and protect our rights

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

3.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our Services:

• Convex: Database and backend infrastructure
• Clerk: Authentication and user management
• Stripe: Payment processing
• Cloud hosting providers: For data storage and infrastructure
• Email service providers: For sending transactional and marketing emails

3.2 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity.

3.3 Legal Requirements

We may disclose your information if required by law, court order, or legal process, or to protect the rights, property, or safety of Bukenio, our users, or others.

3.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

4. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Secure authentication through Clerk
• PCI-DSS compliant payment processing through Stripe
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Monitoring and logging of system activities

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

5. Data Retention

We retain your personal information for as long as necessary to provide our Services, comply with legal obligations, resolve disputes, and enforce our agreements. When we no longer need your information, we will securely delete or anonymize it.

Specific retention periods:

• Account Information: Retained while your account is active and for up to 3 years after account closure
• Booking Records: Retained for 7 years for business and tax purposes
• Payment Information: Retained according to Stripe's data retention policies and applicable financial regulations
• Communication Records: Retained for 3 years or as required by law

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal obligations)
• Portability: Request a copy of your data in a structured, machine-readable format
• Objection: Object to processing of your personal information for certain purposes
• Restriction: Request restriction of processing in certain circumstances
• Withdraw Consent: Withdraw consent where processing is based on consent
• Opt-out: Opt-out of marketing communications at any time

To exercise any of these rights, please contact us at privacy@bukenio.com. We will respond to your request within 30 days.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Services. Cookies are small data files stored on your device. We use:

• Essential Cookies: Required for basic functionality and security
• Authentication Cookies: To keep you logged in and maintain your session
• Analytics Cookies: To understand how users interact with our Services
• Preference Cookies: To remember your settings and preferences

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our Services.

8. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy, including standard contractual clauses approved by regulatory authorities.

10. Third-Party Links and Services

Our Services may contain links to third-party websites or services that are not owned or controlled by Bukenio. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access.

11. Mobile Applications

When you use our mobile applications (iOS and Android), we may collect additional information:

• Device Information: Device identifiers, model, operating system version
• Push Notifications: With your permission, we may send push notifications for bookings and reminders
• Location Data: With your permission, we may collect location data to show nearby services
• Camera and Photos: With your permission, to upload profile pictures or business photos

You can manage app permissions through your device settings at any time.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. For significant changes, we may provide additional notice, such as via email or through a prominent notice on our Services.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

14. Legal Compliance

This Privacy Policy is designed to comply with applicable data protection laws, including:

• General Data Protection Regulation (GDPR) for users in the European Economic Area
• California Consumer Privacy Act (CCPA) for California residents
• Other applicable regional and national privacy laws