Legal

Privacy Policy

Effective date: April 26, 2026

1. Who we are

HotSeat (“HotSeat”, “we”, “our”, or “us”) operates the platform available at hotseatbooking.ca. We provide appointment booking and business management software for service businesses across North America. Our registered contact email is info@hotseatbooking.ca.

2. Information we collect

Business accounts (shop owners): When you sign up, we collect your name, email address, business name, business type, phone number, and physical address. We store this information to create and manage your HotSeat account and booking page.

Client data (your customers): When a client books an appointment through your HotSeat booking page, we collect their name and phone number. We do not require clients to create accounts — they verify via a one-time SMS code. This data is stored at the location level and is accessible only to the shop that collected it.

Usage data: We collect standard server logs including IP addresses, browser type, pages visited, and timestamps to operate and improve the service.

3. How we use your information

  • To create and manage your HotSeat account and business profile
  • To enable appointment booking and send SMS or email confirmations
  • To operate AI-powered outbound and inbound voice features (when enabled)
  • To display your booking page to your clients
  • To process payments via Stripe (we do not store payment card data)
  • To send transactional emails related to your account
  • To improve the platform through aggregate, anonymised analytics

4. Data sharing

We do not sell your personal information. We share data only with the following categories of service providers, strictly to operate the platform:

  • Supabase — database and authentication infrastructure
  • Stripe — payment processing (governed by Stripe's own privacy policy)
  • Twilio — SMS notifications and voice features
  • Resend — transactional email delivery

All sub-processors are bound by data processing agreements and handle data only as instructed.

5. Data retention

We retain your account data for as long as your account is active. If you close your account, we will delete or anonymise your personal information within 30 days, except where we are required by law to retain it longer. Client booking records are retained for 12 months from the appointment date, after which they are purged.

6. Your rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (“right to be forgotten”)
  • Export your data in a portable format (CSV export is available directly from your dashboard)
  • Withdraw consent for optional data processing at any time

To exercise any of these rights, email us at info@hotseatbooking.ca. We will respond within 30 days.

7. Cookies

We use session cookies strictly necessary for authentication. We do not use third-party advertising cookies or tracking pixels. Analytics, if enabled, are aggregate and do not identify individual users.

8. Security

All data is encrypted in transit (TLS 1.2+) and at rest. Authentication is managed through Supabase Auth with secure, HTTP-only cookie sessions. We conduct regular reviews of our security practices. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security but commit to industry-standard protections.

9. Children's privacy

HotSeat is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on your dashboard. Continued use of HotSeat after changes take effect constitutes acceptance of the updated policy.

11. Contact

Questions about this policy? Email us at info@hotseatbooking.ca.

Terms of Service →Back to home