Trust & security
Your clients are yours.
No jargon, no fear-mongering. Here's how we keep your work — and your clients' details — safe, in plain words.
You own your client list
Export everything to CSV anytime — contacts and visit history included. We're the ops layer that runs your booking and payments, never a middleman between you and your clients.
Payments handled by Stripe
Card details are processed by Stripe and never touch our servers (PCI-DSS handled on their side). Payouts go straight to your bank — we don't hold your money in between.
Encrypted secrets
Third-party tokens — like your calendar credentials — are encrypted at rest with AES-256-GCM, so a connection you grant stays sealed.
Texting done right
Clients opt in explicitly, every message identifies you, and replying STOP unsubscribes instantly. The program is A2P 10DLC registered, so reminders keep landing the right way.
Privacy by law
We respect GDPR and CCPA, honor the Global Privacy Control signal, and offer a clear “Do Not Sell or Share” option. The defaults lean toward your clients' privacy, not against it.
An audit trail
Sensitive actions — exports, payouts, permission changes — are written to an append-only log, so there's always a record of what happened and when.
Still have a question?
Ask anything before you trust us with it.
We'll answer plainly — and if something's still on the roadmap, we'll say so.