Privacy Policy

Introduction

Lutily ("we", "our", "us") operates the lutily.com website and the Lutily booking platform. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your information.

Information We Collect

Information you provide

• Account information: Name, email address, phone number, and business details (salon name, address) when you create an account.
• Social login: If you sign in using Google or Facebook, we receive your name and email address from the provider. We do not access your contacts, posts, photos, or any other social media data. We only use this information to create or authenticate your Lutily account.
• Booking information: When clients book appointments, we collect their name, phone number, selected services, and appointment details.
• Waitlist information: Email address, preferred days and times when clients join a waitlist.

Information collected automatically

• Usage data: Pages visited, features used, and general interaction patterns with the platform.
• Device information: Browser type, operating system, and device type.

How We Use Your Information

We use the collected information solely to operate and improve the Lutily platform:

• Appointment management: Processing bookings, sending confirmation and reminder notifications via SMS.
• Phone verification: Sending one-time verification codes via SMS to confirm client phone numbers during the booking process.
• Appointment notifications: Sending SMS messages for booking confirmations, reminders (24 hours and 2 hours before appointments), cancellation notices, and reschedule updates.
• Waitlist notifications: Sending email notifications when a matching time slot becomes available.
• Platform operation: Account management, customer support, and service improvements.

SMS Communications

When a client provides their phone number during the booking process on a Lutily-powered booking page, they consent to receive the following types of transactional SMS messages:

• Phone verification codes (one-time passcodes)
• Booking confirmation messages
• Appointment reminders (24 hours and 2 hours before the appointment)
• Cancellation notifications
• Reschedule notifications

Message frequency varies based on booking activity. Typically 1–5 messages per appointment. Message and data rates may apply. Consent to receive text messages is not a condition of purchasing any goods or services.

Clients can opt out of SMS messages at any time by replying STOP to any message. After opting out, a single confirmation message will be sent and no further messages will follow. For help, contact us at [email protected].

We will not share your mobile phone number or SMS opt-in consent data with any third parties or affiliates for marketing or promotional purposes.

Social Login Data

When you use Google or Facebook to sign in, we receive only your basic profile information (name and email address) needed to create or authenticate your account. We do not:

• Post to your social media accounts
• Access your friends list, photos, or other social data
• Share your data back with social login providers
• Use social login data for advertising or profiling

You can revoke Lutily's access at any time through your Google or Facebook account settings. Revoking access will not delete your Lutily account — contact us to request account deletion.

Data Sharing

We do not sell, rent, or share your personal information with third parties for marketing or promotional purposes. Specifically, we will not share your mobile phone number or any SMS opt-in/opt-out consent data with third parties or affiliates for marketing purposes under any circumstances. We only share data with:

• Service providers: Twilio (SMS delivery), cloud hosting providers, and payment processors — solely to operate the platform. These providers are contractually obligated to use your data only for the services they provide to us.
• Business owners: Salon owners using Lutily can see their own clients' booking information and contact details as needed to manage their business.
• Legal requirements: When required by law, regulation, or legal process.

Data Security

We implement industry-standard security measures to protect your data, including encrypted connections (TLS/SSL), secure database storage, and access controls. Phone numbers are stored in hashed format where possible.

Data Retention

We retain your data for as long as your account is active or as needed to provide services. Booking and client data is retained as long as the associated business account is active. You can request deletion of your data at any time by contacting us.

Your Rights

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Opt out of SMS communications by replying STOP

Data Deletion

You can request deletion of your account and all associated data at any time by emailing [email protected]. We will process deletion requests within 30 days. Upon deletion, we remove your account information, business data, and any social login associations. Some data may be retained as required by law or for legitimate business purposes (e.g., transaction records).

Children's Privacy

Lutily is not intended for use by individuals under the age of 13. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy on this page with a revised "Last updated" date.

Contact Us

If you have questions about this Privacy Policy, contact us at [email protected].