Privacy Policy

Effective Date: June 25, 2025

1. Introduction

Welcome to Quikly ("Quikly", "we", "our", or "us"). We are committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our website and use our services, including our integrations with third-party services like Google Calendar.

2. Information We Collect

We may collect the following types of information:

  • Personal Information: Name, email address, phone number, and other contact details.
  • Booking Information: Details related to appointments, services booked, and transaction history.
  • Payment Information: Billing details and payment method information.
  • Technical Data: IP address, browser type, operating system, and usage data.
  • Google Account Information: When you connect your Google Calendar, we collect your Google account email, name, profile picture, and email verification status through Google's OAuth2 authorization process.
  • Calendar Integration Data: Calendar event information, appointment synchronization data, sync timestamps, and OAuth access tokens necessary for Google Calendar integration.
  • SMS Communication Data: Phone numbers, message content, delivery status, and timestamps for appointment reminders and notifications sent through our SMS service.
  • Feedback: Customer reviews and responses to surveys.

3. Google Calendar Integration

Our Google Calendar integration allows you to synchronize your Quikly appointments with your Google Calendar. Here's what you need to know:

  • Authorization: We use Google's OAuth2 authorization system to securely access your Google Calendar. You must explicitly grant permission for each scope we request.
  • Permissions Requested: We request access to create and modify calendar events, read your basic profile information (name, email), and verify your email address.
  • Data Access: We only access the specific data needed to synchronize your appointments. We do not read, modify, or access your existing personal calendar events.
  • Event Creation: We create calendar events containing appointment details including service names, customer information, appointment times, and booking notes.
  • Token Security: OAuth access and refresh tokens are encrypted and stored securely. These tokens allow us to maintain calendar synchronization without requiring repeated authorization.
  • Revocation: You can revoke our access to your Google Calendar at any time through your Google Account settings or by disconnecting the integration in your Quikly dashboard.

4. How We Use Your Information

We use the collected information to:

  • Provide and manage our booking services.
  • Process transactions and send related information.
  • Communicate with you regarding your account and our services.
  • Send appointment reminders, confirmations, and notifications via SMS.
  • Improve our website and services through analytics.
  • Synchronize your appointments with your Google Calendar when you enable this integration.
  • Create, update, and manage calendar events on your behalf.
  • Maintain authentication with Google services for continued calendar synchronization.
  • Comply with legal obligations.

5. Sharing Your Information

We may share your information with:

  • Google Services: When you enable Google Calendar integration, we share appointment information with Google to create and manage calendar events in your account. This includes appointment times, service details, customer names, and booking notes.
  • Twilio SMS Services: When you use our SMS features, we share phone numbers and message content with Twilio to deliver appointment reminders and notifications. Twilio processes this data in accordance with their Privacy Policy and applicable telecommunications regulations.
  • Service Providers: Third-party vendors who assist in providing our services (e.g., payment processors, email service providers).
  • Legal Authorities: When required by law or to protect our rights.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets.

We do not sell or rent your personal information to third parties.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. For Google Calendar integration specifically:

  • OAuth tokens are encrypted at rest using industry-standard encryption methods.
  • All communications with Google services use secure HTTPS connections.
  • Access to calendar integration features requires user authentication.
  • We implement CSRF protection for OAuth authorization flows.
  • Calendar synchronization includes error handling to prevent data corruption.

However, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your information for different purposes and periods:

  • Account Information: Retained while your account is active and for a reasonable period after closure for legal compliance.
  • Google Calendar Integration Data: OAuth tokens and sync data are retained while the integration is active. When you disconnect the integration, we delete the tokens and cease synchronization.
  • Calendar Events: Events created in your Google Calendar remain under your control. Disconnecting our integration does not delete previously created events.
  • Appointment History: Retained for business purposes and legal compliance, typically for 7 years or as required by applicable law.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access the personal data we hold about you.
  • Request correction or deletion of your data.
  • Object to or restrict processing of your data.
  • Withdraw consent where processing is based on consent.
  • Request data portability (receive your data in a structured, machine-readable format).
  • Lodge a complaint with a supervisory authority.

To exercise these rights, please contact us using the information provided below. We will respond to your request within 30 days.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. These technologies help us:

  • Remember your preferences and settings.
  • Analyze website traffic and usage patterns.
  • Provide personalized content and advertisements.
  • Improve our services and user experience.

You can control cookie settings through your browser preferences. However, disabling certain cookies may affect the functionality of our website.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards to protect your information.

11. Children's Privacy

Our services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Effective Date" at the top of this policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Quikly Privacy Team

Email: [email protected]

Address:

3 Jasmine Place, Blockhouse Bay

Auckland, New Zealand 0600