Introduction

SlotFill ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our waitlist-based cancellation recovery platform.

Information We Collect

Information You Provide

Account Information: Name, email address, phone number, and password when you create an account
Profile Information: Business name, practice type, and public profile details
Waitlist Data: Names, phone numbers, and preferences of clients you add to your waitlist
Payment Information: Billing details processed securely through Stripe
Communications: Messages you send through the Service or to our support team

Information Collected Automatically

Usage Data: How you interact with our Service, including features used and actions taken
Device Information: Browser type, operating system, and device identifiers
Log Data: IP address, access times, pages viewed, and referring URLs
Cookies: Session cookies for authentication and preferences

How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve our Service
Send SMS notifications on your behalf to your waitlist contacts
Process payments and manage subscriptions
Send service-related communications and updates
Respond to your inquiries and provide customer support
Monitor and analyze usage patterns to improve user experience
Detect, prevent, and address technical issues and fraud
Comply with legal obligations

Information Sharing

We do not sell your personal information. We may share your information with:

Service Providers: Third parties that help us operate our Service (e.g., Twilio for SMS, Stripe for payments, Supabase for data storage)
Legal Requirements: When required by law, court order, or governmental authority
Business Transfers: In connection with a merger, acquisition, or sale of assets
With Your Consent: When you have given us explicit permission

Data Security

We implement appropriate technical and organizational security measures to protect your personal data, including encryption in transit (TLS) and at rest, secure authentication, access controls, and regular security assessments. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

HIPAA Compliance

For healthcare providers handling Protected Health Information (PHI), SlotFill offers HIPAA-compliant configurations. This includes audit logging, session timeouts, and the option to execute a Business Associate Agreement (BAA). If you are a covered entity under HIPAA, please contact us to discuss your compliance requirements.

Data Retention

We retain your personal data for as long as your account is active or as needed to provide you services. We may retain certain information as required by law or for legitimate business purposes, such as resolving disputes and enforcing our agreements. You may request deletion of your data at any time.

Your Rights and Choices

Depending on your location, you may have the following rights:

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal data
Portability: Request your data in a machine-readable format
Opt-out: Unsubscribe from marketing communications at any time
Withdraw Consent: Where processing is based on consent, withdraw it at any time

To exercise these rights, please contact us at support@slotfill.app or through our contact page.

Cookies and Tracking

We use essential cookies for authentication and maintaining your session. We may use analytics tools to understand how users interact with our Service. You can control cookies through your browser settings, though disabling cookies may affect functionality.

Third-Party Services

Our Service integrates with third-party services:

Supabase: Database and authentication infrastructure
Twilio: SMS messaging services
Stripe: Payment processing
Vercel: Hosting and deployment

Each of these providers has their own privacy policy governing their use of your data.

Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child, we will take steps to delete that information promptly.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at our contact page or email us at support@slotfill.app.