← Back to homepage

Privacy Policy

Effective date: April 1, 2026

Servegalo, Inc. ("Servegalo", "we", "us") operates the Servegalo platform. This Privacy Policy explains what personal information we collect, how we use it, and the choices you have.

1. Information We Collect

From business account holders

  • Account data — name, email address, business name, phone number, and billing information provided at sign-up.
  • Usage data — pages visited, features used, API calls, and session metadata.
  • Payment data — credit card details are processed by Stripe and never stored on our servers. We receive only a payment token and last-four digits.

From end-clients (your customers)

  • Booking data — name, phone number, email address, appointment details, and notes entered during the booking process.
  • Communication records — SMS and chat conversation history generated through the platform.

Automatically collected

  • IP address, browser type, device identifiers, referring URL, and cookie data when you use the dashboard or embed widget.

2. How We Use Information

  • Provide, operate, and improve the platform.
  • Send transactional communications (booking confirmations, reminders, receipts).
  • Send marketing communications to account holders where legally permitted and with opt-out available.
  • Detect and prevent fraud, abuse, and security incidents.
  • Comply with legal obligations.

3. Sharing of Information

We do not sell personal information. We share data only with:

  • Service providers — Twilio (SMS delivery), AWS SES (email), Stripe (payments), Firebase/Google (infrastructure). Each is bound by a data processing agreement.
  • Business account holders — end-client data is made available to the business that collected it through our platform.
  • Law enforcement — when required by a valid legal process.

4. Data Retention

Account data is retained for the duration of the subscription plus 90 days after cancellation, then deleted. Booking and client records are retained until the business account holder requests deletion or closes their account. Anonymised aggregate analytics are retained indefinitely.

5. Your Rights

Depending on your location you may have rights to access, correct, delete, or port your personal data, and to object to or restrict certain processing. To exercise these rights, email privacy@servegalo.com. We respond within 30 days.

End-clients wishing to exercise rights over data held by a business that uses our platform should contact that business directly.

6. Cookies

We use essential cookies for authentication and security, and optional analytics cookies. See our Cookie Policy for details and how to opt out.

7. Children's Privacy

The platform is not directed to children under 13. We do not knowingly collect personal information from children. If you believe we have done so in error, contact us and we will delete it promptly.

8. International Transfers

We are based in the United States. Data may be processed in the US and other countries where our service providers operate. Where required, we rely on Standard Contractual Clauses for transfers from the EEA or UK.

9. Security

We implement industry-standard safeguards including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews. No system is completely secure; please notify us immediately at security@servegalo.com if you suspect a breach.

10. Changes to This Policy

We may update this policy from time to time. We will notify account holders of material changes by email and update the "Effective date" at the top of this page. Continued use of the platform after the effective date constitutes acceptance of the updated policy.

11. Contact

Servegalo, Inc.
Attn: Privacy
privacy@servegalo.com