Schedulista Privacy Policy
Last Updated: December 2, 2021
Thanks for using Schedulista. This policy explains why Hello World LLC and our controlled affiliates and subsidiaries (collectively, "Schedulista," "we," "our," or "us") collect your personal data when you use our website (schedulista.com), mobile apps, and related products and services (collectively, "Services"). It also explains the ways we collect and use your data, for how long we retain it, as well as how you can correct or delete your data.
Third party services that we integrate with are governed under their own privacy policies.
- DATA WE COLLECT
- COOKIES, MOBILE IDS, AND SIMILAR TECHNOLOGIES
- HOW WE USE YOUR DATA
- DISCLOSURE OF DATA
- YOUR CHOICES
- YOUR EUROPEAN UNION PRIVACY RIGHTS
- YOUR CALIFORNIA PRIVACY RIGHTS
- RETENTION OF PERSONAL DATA
- LOCATION OF PERSONAL DATA
- DATA SECURITY
- CHANGES TO THIS PRIVACY POLICY
- QUESTIONS
DATA WE COLLECT
The personal data we collect depends on how you interact with us, the Services you use, and the choices you make. It also depends on whether you are a “Customer” contracting directly with us or a “Client” booking an appointment with a Customer. We collect data about you in various ways when you use our products, including data you provide directly, data collected automatically, and third-party data sources.
Data you provide directly.
We collect personal data you provide to us when, for example, you: schedule an appointment; sign up for and use our Services; consult with our Customer Service team; integrate our Services with another website or service (such as, when a Customer embeds the scheduler on their own website); and communicate with us in any way.
Information you provide directly to us includes:
- Contact information, such as name, physical address, email address, phone number.
- Payment information, including credit card number and other payment details.
- Content and files, such as the photos, documents, or other files you upload to our Services and the content of your communications with us.
- Other details you chose to provide when scheduling your appointment.
Data we collect automatically.
As further described in the "Cookies, Mobile IDs, and Similar Technologies" section below, when you use our Services, some data is collected automatically.
For example, when you visit our websites, our web servers automatically log:
- Identifiers and device information, including your computer's operating system, Internet Protocol (IP) address, browser type and language.
- Geolocation data, such as city, state, and country, depending on your device or app settings.
- Usage data, such as the website you visited before our site, access times, and your activity on our websites.
Data we create or generate.
We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics ("inferences"). For example, we infer your general geographic location (such as city, state, and country) based on your IP address.
Data we obtain from third-party sources.
We obtain data from third parties. These third-party sources include, for example:
- Third-party applications and services, such as social networks you choose to connect with or interact with through our Services.
- Service providers, such as third parties that collect or provide data in connection with work they do on our behalf.
- If you are a Client, the applicable Customer you schedule an appointment with may provide us with your profile and appointment information.
When you are asked to provide personal data, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide data that is necessary for certain Services or features, those Services or features may not be available or function correctly.
COOKIES, mobile ids, and similar technologies
We use cookies, web beacons, mobile analytics and advertising IDs ("mobile IDs"), and similar technologies to operate our websites and online services and to help collect data, including usage data, identifiers, and device information.
What are cookies, mobile IDs, and similar technologies?
Cookies are small text files placed by a website and stored by your browser on your device. A cookie can later be read when your browser connects to a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well. This allows the web server to recognize your browser over time, each time it connects to that web server.
Web beacons are electronic images (also called "single-pixel" or "clear GIFs") that are contained within a website or email. When your browser opens a webpage or email that contains a web beacon, it automatically connects to the web server that hosts the image (typically operated by a third party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content. We also include web beacons in our email messages or newsletters to tell us if you open and act on them.
Mobile analytics and advertising IDs are generated by operating systems for mobile devices (iOS and Android) and can be accessed and used by apps in much the same way that websites access and use cookies. Our apps contain software that enables us and our third-party analytics and advertising partners to access these mobile IDs.
How do we and our partners use cookies, mobile IDs, and similar technologies?
We, and our analytics and advertising partners, use these technologies in our websites, apps, and online services to collect personal information (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) when you use our Services, including personal information about your online activities over time and across different websites or online services.
This information is used to store your preferences and settings, enable you to sign-in, analyze how our websites and apps perform, track your interaction with the site or app, develop inferences, combat fraud, and fulfill other legitimate purposes. We and/or our partners also share the information we collect or infer with third parties for these purposes.
The third-party analytics and advertising providers we use on our websites can be found at https://www.schedulista.com/legal/sub-processors.
What controls are available?
- Advertising controls. Our advertising partners may participate in associations that provide simple ways to opt out of ad targeting, which you can access at:
- United States: NAI (http://optout.networkadvertising.org) and DAA (http://optout.aboutads.info/)
- Canada: Digital Advertising Alliance of Canada (https://youradchoices.ca/)
- Europe: European Digital Advertising Alliance (http://www.youronlinechoices.com/)
- Browser cookie controls. Most web browsers are set to accept cookies by default. If you prefer, you can go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this could affect certain features or Services of our website. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and may need to be recreated.
- Mobile analytics and advertising ID controls. iOS and Android operating systems provide options to limit tracking and/or reset the analytics IDs.
- Email web beacons. Most email services have settings which allow you to prevent the automatic downloading of images, including web beacons, which prevents the automatic connection to the web servers that host those images.
- Do Not Track. Some browsers have incorporated "Do Not Track" ("DNT") features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our websites do not currently respond to browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the cookie controls and advertising controls described above.
These choices are specific to the browser you are using. If you access our Services from other devices or browsers, take these actions from those systems to ensure your choices apply to the data collected when you use those systems.
HOW WE USE YOUR DATA
We need to know your personal data to perform the functions of our Services and to provide you the Services you request. We use personal data collected through our Services for purposes described in this Privacy Policy or otherwise disclosed to you.
For example, we use each category of personal data (listed above in the "Data We Collect" section) for the following purposes:
- Product and Service delivery, including securing, troubleshooting, improving, and personalizing our Services.
- Business operations, such as improving our internal operations, securing our systems, and detecting fraudulent or illegal activity.
- Personalization, including understanding you and your preferences to enhance your experience and enjoyment using our Services.
- Customer support, such as troubleshooting and responding to your questions.
- Communications, such as sending you appointment confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages.
- Marketing, including communicating with you about new services, offers, promotions, and other information about our Services and Customers (see the "Your Choices" section below for how to change your preferences for promotional communications).
We combine data we collect from different sources to give you a more seamless, consistent, and personalized experience.
DISCLOSURE OF DATA
Schedulista may disclose personal data with your consent or as necessary to complete your transactions or provide the Services you have requested or authorized.
In addition, we share each of the categories of personal data described above, with the types of third parties described below, for the following business purposes:
- Public information. You may select options available through our Services to publicly display and share your name and/or username and certain other information, such as your profile, content and files, or geolocation data.
- Service providers. We share personal data with vendors or agents working on our behalf for the purposes described in this Privacy Policy. For example, companies we have hired to provide Customer Service support or assist in protecting and securing our systems and Services may need access to personal data to provide those functions.
- Financial services & payment processing. When you provide payment data, for example to make a purchase, we will share payment and transactional data with banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, or other related financial services.
- Affiliates. We enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access is needed to provide our Services and operate our business.
- Corporate transactions. We may disclose personal data as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.
- Legal and law enforcement. We will access, disclose, and preserve personal data when we believe that doing so is necessary to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
- Security, safety, and protecting rights. We will disclose personal data if we believe it is necessary to:
- Protect our Customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
- Operate and maintain the security of our Services, including to prevent or stop an attack on our computer systems or networks; or
- Protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.
Third-party analytics companies also collect personal data through our website and apps including identifiers and device information (such as cookie IDs, device IDs, and IP address), geolocation data, usage data, and inferences based on and associated with that data, as described in the "Cookies, Mobile IDs, and Similar Technologies" section above.
These third-party vendors may combine this data across multiple sites to improve analytics for their own purpose and others. For example, we use Google Analytics on our website to help us understand how users interact with our website. You can learn how Google collects and uses information at www.google.com/policies/privacy/partners.
Please note that some of our Services include integrations, references, or links to services provided by third parties whose privacy practices differ from ours. If you provide personal data to any of those third parties, or allow us to share personal data with them, that data is governed by their privacy statements.
Finally, we may share de-identified information in accordance with applicable law.
YOUR CHOICES
Access, correction, and deletion.
If you wish to request access to, or correction or deletion of, your data, please contact us at privacy@schedulista.com.
However, to the extent permitted by applicable law, we reserve the right to decline requests that are unreasonable, excessive, or prohibited by law, could adversely affect the privacy or other rights of another person, or where we are unable to authenticate you as the person to whom the data relates.
Communications preferences.
You can choose whether you wish to receive promotional communications from us by email and SMS. If you receive promotional email or SMS messages from us and would like to stop, you can do so by following the directions in the email or replying “STOP” to the SMS message.
These choices do not apply to mandatory service communications that are part of certain of our Services, or to surveys or other communications that may have their own unsubscribe method.
Analytics and advertising.
Our third-party analytics and advertising partners typically provide options to opt-out of certain data collection or use. See the "Cookies, Mobile IDs, and Similar Technologies" section above for more details.
Your European Union privacy rights
If the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:
- You can request access to, and rectification or erasure of, personal data;
- If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of your personal data in a usable and portable format;
- If the processing of personal data is based on your consent, you can withdraw consent at any time for future processing;
- You can to object to, or obtain a restriction of, the processing of personal data under certain circumstances; and
- For residents of France, you can send us specific instructions regarding the use of your data after your death.
To make such requests, contact us at privacy@schedulista.com.
When we are processing data on behalf of a Customer as a data processor (for example, when processing data about your scheduled appointments), you should direct your request to the appropriate Customer. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.
We rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the Services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.
YOUR CALIFORNIA PRIVACY RIGHTS
If you are a California resident and the processing of personal information about you is subject to the California Consumer Privacy Act (“CCPA”), you have certain rights with respect to that information.
Right to know.
You have a right to request that we disclose to you the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information.
Note that we have provided much of this information in this Privacy Policy. You may make such a “request to know” by contacting us at privacy@schedulista.com.
Right to request deletion.
You also have a right to request that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request to delete, contact us at privacy@schedulista.com.
Right to opt-out.
You have a right to opt-out from future “sales” of personal information. Please note the following:
- We do not “sell” personal information as defined by the CCPA and have not done so in the past 12 months.
- We do not knowingly sell the personal information of minors under 16 years of age.
Other CCPA rights.
You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.
Further, to provide or delete specific pieces of personal information we will need to verify your identity to the degree of certainty required by law. We will verify your request by asking you to send it from the email address associated with your account or requiring you to provide information necessary to verify your account.
Finally, you have a right to receive notice of our practices at or before collection of personal information, and you have a right to not be discriminated against for exercising these rights set out in the CCPA.
“Shine the Light” law.
Additionally, under California Civil Code § 1798.83, also known as the "Shine the Light" law, California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes ("California Customers") may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes.
Please be aware that we do not disclose personal information to any third parties for their direct marketing purposes as defined by this law.
California Customers may request further information about our compliance with this law by e-mailing privacy@schedulista.com. Please note that businesses are required to respond to one request per California Customer each year and may not be required to respond to requests made by means other than through the designated e-mail address.
RETENTION OF PERSONAL DATA
We retain personal data for as long as necessary to provide the Services and fulfill the transactions and Services our Clients and Customers have requested, or for other essential purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types in the context of different Services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations.
If you are a Client booking with a Customer, you may direct questions about the Customer’s retention of your personal data to them directly.
LOCATION OF PERSONAL DATA
The personal data we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. Currently, we primarily use data centers in the United States. The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem.
We take steps designed to ensure that the data we collect under this Privacy Policy is processed according to the provisions of this Privacy Policy and applicable law wherever the data is located. If you are a Customer, you can review our Data Processing Addendum at: https://www.schedulista.com/resources/dpa.pdf.
Location of processing European personal data.
We transfer personal data from the European Economic Area, United Kingdom, and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use a variety of legal mechanisms, including contracts where appropriate, to help ensure your rights and protections.
To learn more about the European Commission’s decisions on the adequacy of personal data protections, please visit: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en .
DATA SECURITY
The security of your personal data is important to us. We take reasonable and appropriate steps to help protect personal data from unauthorized access, use, disclosure, alteration, and destruction. Where appropriate, your personal data is encrypted in transit using secure socket layer technology (SSL).
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
CHANGES TO THIS PRIVACY POLICY
We will update this Privacy Policy when necessary to reflect changes in our Services, how we use personal data, or the applicable law. When we post changes to this Privacy Policy, we will change the “last updated” date at the beginning of this Privacy Policy.
If we make material changes to this Privacy Policy, we will provide notice or obtain consent regarding such changes as may be required by law.
QUESTIONS
Any questions, concerns, or complaints for Schedulista or about this Privacy Policy should be addressed to privacy@schedulista.com or by mail:
Hello World LLC,
1419 S Jackson St, #111,
Seattle WA 98144, USA.