Privacy Policy

• Account info — name, email, phone, business details.
• Client records — names, contact info, appointment history, notes you enter.
• Payment data — handled by Stripe; SIA never stores raw card numbers.
• Health information — only if you turn on HIPAA mode and use intake forms.
• Technical — device info, IP, browser type, audit logs of who accessed what.

To operate your account, run the booking flow, deliver SMS/email reminders, process payments, and improve the product. We do not sell your data, ever.

• Export — download every record we hold about your clients from Settings → Compliance.
• Erasure — request deletion at any time; the account is anonymised within 30 days.
• Do not sell — applies by default. We have nothing to opt out of.
• Access — email privacy@getsia.app.

When you enable HIPAA mode, intake form submissions are flagged with a HIPAA bit, audit logs gate sensitive reads, and we sign a BAA with you on request.

We use first-party cookies for authentication only. No tracking pixels, no third-party advertising cookies.

Questions? Email privacy@getsia.app.