VisiTime Business Privacy Policy
Last Updated: April 21, 2026
1. Introduction
This Privacy Policy explains how VisiTime collects, uses, shares, and protects personal information when you use
the VisiTime Business mobile application. VisiTime Business is intended for business owners, managers, and team
members who operate a business profile, manage services and schedules, accept bookings, and communicate with
their clients. This policy applies only to VisiTime Business. The VisiTime (client) app is covered by a separate
Privacy Policy. By using VisiTime Business, you agree to the practices described here.
2. Who We Are and Your Role
- When you use VisiTime Business, you may act both as a user of our service and as a data controller for personal data about your own clients and team members
- VisiTime acts as a processor for client data you manage through the app (for example, client contacts and booking history)
- As a business, you are responsible for having a lawful basis to process your clients' data and for providing your own privacy notice where required
3. Information We Collect
3.1 Account and Identity Information
- Name, phone number, email address, and profile photo of the account holder and team members
- Role assigned within a business and invitation status
3.2 Authentication Services
- Sign-in via phone number with one-time password (OTP), Google Sign-In, and Apple Sign-In
- We do not receive passwords for third-party services
3.3 Business Profile Data
- Business name, description, category, address (with map pin), and contact information
- Photos of the business and its services
- Working hours and schedule settings
- Services catalogue: names, descriptions, prices, and durations
3.4 Team and Staff Data
- Information about invited team members: name, phone, role, photo, and specialization
- Role-based access control - team members see only what their role permits
3.5 Client Data You Process Through the App
- As a business user, you view and manage data of clients who book with you: client name, phone, and booking history
- VisiTime processes this data on your behalf to provide the Business app features
- You must process client data in accordance with applicable law and your own privacy notice to clients
3.6 Booking and Schedule Data
- Incoming, confirmed, completed, and cancelled bookings with linked services, staff, and clients
3.7 Location Data
- Business address provided during onboarding and pinned on Google Maps - this is public on the business profile
- The Business app itself does not require continuous device location from staff
3.8 Subscriptions and Billing
- Subscription plan and usage associated with your business
- Subscription payments are processed by Stripe under its own privacy terms
- On iOS, subscription upgrades are handled via our website; no in-app purchases are made
- We do not store full card details on our servers
3.9 Communications
- Push tokens to deliver notifications about bookings and subscription status
- Automated status updates sent to your clients on your behalf when their booking state changes
3.10 Analytics and Crash Data
- Firebase Analytics, Crashlytics, and Performance Monitoring, plus Sentry for error monitoring - event logs, crash reports, performance metrics, and device technical data
- Business statistics we compute for you from your own data and display in the app
3.11 Media and Device Permissions
- Camera and photo library - for business, service, and profile photos
- Notifications - to deliver booking and subscription alerts
- You can revoke any permission in device settings
3.12 Device and App Information
- OS version, app version, device identifiers, and network technical data
- Used for security, abuse prevention, and compatibility troubleshooting
4. How We Use Your Information
- Create and manage your business account, team, and role-based access
- Operate scheduling, services catalogue, bookings, CRM, and analytics
- Deliver automated communications to you and to your clients on your behalf
- Process subscription payments and send invoices
- Enforce plan limits and prevent abuse
- Improve reliability and performance
- Comply with legal, tax, and financial obligations
5. Data Sharing and Disclosure
- Clients of your business see your public profile data: name, description, address, services, prices, photos, reviews
- Invited team members see business data according to their role
- We share data with processors strictly to deliver the service (see Section 7)
- We do not sell your or your clients' personal data
- We may disclose data when required by law or to protect rights, safety, or prevent fraud
6. Data Storage and Security
- Data is stored using security controls designed to protect confidentiality and integrity
- HTTPS-only transport and JWT-based session authentication
- Server-side enforcement of role-based access control
- We use trusted third-party providers for specific features (see Section 7)
7. Third-Party Services
VisiTime Business uses the following third-party services, which process data under their own privacy terms:
8. Legal Basis for Processing (GDPR)
We process personal data on the following legal bases:
- Performance of a contract - to provide the Business app and your subscription
- Legitimate interests - analytics, fraud prevention, security, service improvement, and running the VisiTime platform
- Consent - camera, photos, notifications, and optional communications
- Legal obligation - tax, accounting, and other legal requirements
For data about your clients processed through the app, you are the controller and must ensure a valid legal basis.
9. International Data Transfers
- Data may be processed in countries other than your own
- Where required, we apply safeguards for cross-border data transfers (such as Standard Contractual Clauses)
10. Your Rights
You may have the right to:
- Request access to your personal data
- Request correction of inaccurate data
- Request deletion of your account and personal data
- Object to or restrict certain processing where applicable
- Request data portability where applicable
- Withdraw consent where processing is based on consent
Requests about clients' personal data you processed as controller should be directed to you by those clients;
we will assist as processor.
11. Data Retention
- Business profile and booking history are retained while your business account is active
- Financial and billing records are retained per legal and tax requirements (typically up to 7 years)
- Analytics data is retained in aggregated or anonymized form
- On account deletion, data is deleted or anonymized within 30 days, subject to legal retention obligations
12. Account and Business Deletion
- You can request deletion of your account by contacting [email protected]
- When requested by the business owner, we can delete the business profile together with linked services, schedules, and client records managed through the app
- Team members who leave the team lose access, but their personal account remains
- Certain records may be retained for legal, security, fraud prevention, or financial compliance
- Deleting your VisiTime Business account does not cancel active subscriptions billed outside the app - cancel those separately with the payment provider
- Deleting your VisiTime Business account does not delete your Google or Apple account
13. Children's Privacy
VisiTime Business is intended for adults operating a business. We do not knowingly collect personal data from
children.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will post updates on this page and revise the
"Last Updated" date. For material changes that affect your rights we will provide additional notice in the app.
15. Contact Us
Questions, privacy requests, or data protection inquiries:
[email protected].