Privacy Policy

1. Introduction

BookFlow ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered video generation platform.

By using BookFlow, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Account Information

• Personal Identifiers: Name, email address, phone number
• Business Information: Business name, industry, services offered, target audience
• Profile Data: Business description, branding preferences, marketing goals
• Contact Preferences: Communication settings, notification preferences

2.2 Payment Information

• Billing Data: Processed securely through Stripe (we do not store full credit card numbers)
• Transaction History: Subscription details, payment dates, invoice information
• Tax Information: Required for billing compliance where applicable

2.3 Content and Usage Data

• Video Requests: Business descriptions, target audiences, marketing objectives
• Generated Content: AI-created videos and associated metadata
• Usage Analytics: Feature usage, video generation frequency, engagement metrics
• Performance Data: ROI tracking, conversion analytics, appointment booking data

3. How We Use Your Information

3.1 Service Provision

• Video Generation: Creating personalized promotional videos using AI
• Content Delivery: Sending generated videos via WhatsApp and other channels
• Account Management: Managing subscriptions, billing, and user profiles
• Customer Support: Responding to inquiries and providing technical assistance

3.2 AI Training and Improvement

• Model Enhancement: Improving AI video generation quality and relevance
• Feature Development: Developing new capabilities and optimizations
• Quality Assurance: Monitoring and improving service performance
• Personalization: Tailoring content generation to your business needs

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

OpenAI Integration

• Purpose: AI video generation using Sora 2 technology
• Data Shared: Business descriptions, content requirements, generation prompts
• Processing: Subject to OpenAI's privacy policy and data use terms
• Location: Data may be processed in the United States

WhatsApp Business API

• Purpose: Delivering generated videos to your mobile device
• Data Shared: Phone numbers, delivery confirmations
• Processing: Subject to WhatsApp's privacy policy
• Retention: We do not store WhatsApp message content

Stripe Payment Processing

• Purpose: Secure payment processing and subscription management
• Data Shared: Billing information, transaction details
• Security: PCI DSS compliant processing
• Retention: Subject to Stripe's data retention policies

5. Data Retention

5.1 Account Data

• Active Accounts: Retained while your account is active
• Closed Accounts: Deleted within 90 days of account closure
• Legal Requirements: Some data may be retained longer for legal compliance

5.2 Generated Content

• Downloaded Videos: Available for download during active subscription
• Generation History: Retained for 12 months for performance analysis
• Analytics Data: Retained for 24 months for trend analysis

6. Data Security

6.1 Security Measures

• Encryption: Data encrypted in transit and at rest using industry standards
• Access Controls: Strict employee access controls and authentication
• Infrastructure: Secure cloud hosting with regular security audits
• Monitoring: Continuous security monitoring and threat detection

7. Your Privacy Rights

7.1 Access and Control

• Account Access: View and edit your account information anytime
• Data Export: Download your data in portable formats
• Deletion Requests: Request deletion of your personal information
• Correction: Update or correct inaccurate information

7.2 GDPR Rights (EU Residents)

• Right to Access: Obtain copies of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Portability: Receive your data in a machine-readable format
• Right to Object: Object to certain types of data processing
• Right to Restrict: Limit how we process your data

7.3 CCPA Rights (California Residents)

• Right to Know: Information about data collection and use
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of sale of personal information
• Non-Discrimination: Equal service regardless of privacy choices

8. Cookies and Tracking Technologies

8.1 Types of Cookies

• Essential Cookies: Required for basic platform functionality
• Analytics Cookies: Help us understand usage patterns and improve services
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used for personalized advertising (with consent)

9. International Data Transfers

Your information may be processed in countries other than your residence, including the United States, where our service providers operate. We ensure appropriate safeguards are in place for all international transfers.

10. Children's Privacy

BookFlow is not intended for users under 18. We do not knowingly collect personal information from children. If we become aware of such collection, we will delete the information immediately.

11. Contact Information

11.1 Privacy Inquiries

• Email: privacy@bookflow.com
• Response Time: 5-10 business days for most inquiries

11.2 Data Subject Requests

• Email: datarequests@bookflow.com
• Processing Time: 30 days maximum (may be extended for complex requests)

11.3 General Contact

• Support: support@bookflow.com