tuagenda.digital

Privacy Policy

Last updated: March 9, 2026

1. Information We Collect

We collect information you provide directly when creating an account: name, email address, business name, and timezone. We also collect appointment data, client information you enter, and service usage data. If you connect third-party services (Google Calendar, WhatsApp, Stripe), we receive authentication tokens and basic profile information necessary for the integration.

2. How We Use Your Information

We use your information to: operate and maintain the scheduling platform, process and manage appointments, send notifications and reminders (email and WhatsApp), process subscription payments through Stripe, generate Google Meet links for virtual appointments, and improve our services. We do not sell, rent, or share your personal information with third parties for marketing purposes.

3. Data Storage and Security

Your data is securely stored on Supabase, which uses Amazon Web Services (AWS) infrastructure. All data is encrypted in transit (TLS/SSL) and at rest. Passwords are stored hashed, and API keys are encrypted. We implement Row Level Security (RLS) to ensure you can only access your own organization's data. For more details about infrastructure security, see Supabase's privacy policy at supabase.com/privacy.

4. Third-Party Services

We use the following third-party services: Supabase (database and authentication), Stripe (payment processing), Google Calendar API (Google Meet links), OpenAI (AI agent for WhatsApp scheduling), Resend (email notifications), and Vercel (hosting). Each service has its own privacy policy and only receives the minimum data necessary for its function.

5. Cookies and Analytics

We use essential cookies necessary for authentication and session functionality. We do not use tracking cookies, advertising cookies, or third-party analytics. Session cookies are automatically deleted when you close your browser or when your session expires.

6. Your Rights

You have the right to: access your personal data, correct inaccurate data, delete your account and all associated data, export your data in a readable format, and withdraw consent for data processing. To exercise any of these rights, contact us at contacto@neuroflowai.dev.

7. Data Retention

We retain your data as long as your account is active. If you delete your account, all personal data is removed within 30 days, except for transaction records required by law (Stripe invoices). Inactive client appointment data is anonymized after 24 months.

8. Contact

If you have questions about this privacy policy or our data practices, contact us at contacto@neuroflowai.dev.

    Privacy Policy | tuagenda.digital