Privacy Policy – ScanQueue

1. Information We Collect

1.1 Business User Information

• Account details: Name, email address, phone number, business name, business address, and business type.
• Billing information: Payment details processed securely through Stripe. We do not store credit card numbers on our servers.
• Team member data: Email addresses and roles of staff members invited to manage the queue.
• Business configuration: Queue settings, service offerings, operating hours, and notification preferences.

1.2 Customer Information

• Queue details: Name, phone number (optional), email address (optional), party size, special notes, and selected service.
• Custom fields: Businesses may configure additional form fields (e.g., vehicle registration, appointment type). The data collected depends on each business's configuration.
• Appointment data: Scheduled date, time, and service for customers who book appointments.

1.3 Technical & Usage Data

• Device information: Browser type, operating system, and user agent string.
• Location data: Approximate geographic location (country, city, region) derived from your IP address via our hosting provider. We do not collect precise GPS location. IP addresses are hashed (SHA-256) before storage and cannot be reversed to identify you.
• Usage analytics: Pages visited, features used, and interaction patterns collected via Google Analytics.
• Referrer data: The URL that referred you to our site.

2. How We Use Your Information

• Service delivery: Operate queues, manage positions, calculate wait times, and process appointments.
• Notifications: Send queue status updates via SMS, email, WhatsApp, or voice call based on business configuration and customer contact details provided.
• AI-powered features: Provide conversational queue joining via our AI receptionist (chat and voice). See Section 5 for details on AI data processing.
• Billing and payments: Process subscription payments and manage billing through Stripe.
• Service improvement: Analyze usage patterns to improve performance, fix issues, and develop new features.
• Communications: Send transactional emails about your account, onboarding guidance, and service updates.
• Security: Detect abuse, prevent fraud, and enforce rate limits.

3. Sharing of Information

We do not sell, rent, or trade your personal data. We share information only with the following categories of service providers, solely to operate the ScanQueue platform:

We may also share information:

• With law enforcement or regulatory authorities when required by applicable law, subpoena, or court order.
• To protect our rights, safety, or property, or that of our users.
• In connection with a merger, acquisition, or sale of assets (with prior notice to affected users).

4. Cookies & Tracking Technologies

We use a limited number of cookies to operate the service:

• Authentication cookies: Maintain your login session (essential, cannot be disabled).
• Region preference cookie (sq-region): Stores your country preference (AU/US) for localized content. Expires after 30 days.
• Google Analytics cookies: Collect anonymized usage statistics to help us improve the service. You can opt out by installing the Google Analytics Opt-out Browser Add-on.

We do not use advertising cookies or cross-site tracking pixels.

5. AI & Automated Processing

ScanQueue offers optional AI-powered features that businesses can enable:

• AI Chat Receptionist: Customers may interact with a conversational chatbot to join a queue. Conversation messages are processed by OpenAI (GPT-4o). Messages are sent via API and are not used by OpenAI to train their models (per OpenAI's API data usage policy).
• AI Voice Receptionist: Customers may call a phone number to join a queue by voice. Voice conversations are processed by Retell AI and/or Telnyx. Call transcripts and metadata may be retained by these providers according to their own privacy policies.

AI features are optional and activated per business. If a business enables these features, customers interacting via chat or phone call will have their conversation data processed as described above. No automated decisions with legal or significant effects are made based on this data.

6. Data Security

• All data is encrypted in transit using TLS 1.2+.
• Data at rest is encrypted by our database provider (Supabase/AWS).
• Row-Level Security (RLS) ensures business data is isolated — businesses can only access their own data.
• IP addresses are hashed before storage and cannot be reversed.
• Access to production systems is restricted to authorized personnel with multi-factor authentication.
• We conduct regular security reviews and dependency audits.

7. Data Retention

• Customer queue data: Automatically deleted after 30 days by default. Business operators can configure retention between 7 and 365 days. Completed, cancelled, and no-show entries are purged daily by an automated cleanup process.
• Business account data: Retained for the duration of the account. Upon account deletion, all associated data is removed within 30 days.
• Analytics and access logs: Retained for up to 12 months for security and performance monitoring, then deleted.
• Notification logs: Retained for 90 days for delivery troubleshooting, then deleted.
• Payment records: Retained as required by applicable tax and financial regulations (typically 7 years).
• Third-party retention: Data held by our service providers (e.g., Retell AI call recordings, SendGrid email logs) is subject to their respective retention policies. We recommend reviewing their privacy policies linked in Section 3.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

All Users

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, subject to legal retention requirements.
• Data portability: Request your data in a structured, commonly used format.
• Opt-out of notifications: For SMS, reply STOP to any message. For email notifications, contact the business or email us.

Australian Residents

Your rights are protected under the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs). You may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

European Residents (GDPR)

If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR), including the right to restrict processing and the right to object to processing. Our legal basis for processing is: (a) performance of a contract, (b) legitimate interests in operating and improving the service, and (c) compliance with legal obligations. You may lodge a complaint with your local data protection authority.

California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with specific rights:

• Right to know: You can request the categories and specific pieces of personal information we have collected about you.
• Right to delete: You can request deletion of your personal information, with certain exceptions.
• Right to opt-out: We do not sell or share your personal information for cross-context behavioral advertising. No opt-out is necessary, but you may still contact us to confirm.
• Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.
• Categories of PI collected: Identifiers (name, email, phone), commercial information (subscription data), internet activity (usage data, device info), geolocation data (approximate, from IP), and inferences (queue analytics).

To exercise any rights, email privacy@tugadot.com. We will respond within the timeframes required by applicable law (30 days for CCPA, 30 days for GDPR).

9. International Data Transfers

ScanQueue is operated by Tugadot Pty Ltd in Australia. Our service providers are located in the United States and Australia. By using ScanQueue, you acknowledge that your data may be transferred to and processed in these countries. We ensure appropriate safeguards are in place through our providers' data processing agreements and compliance certifications (e.g., SOC 2, GDPR adequacy measures).

10. Children's Privacy

ScanQueue is not directed at children under 13 (or under 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at privacy@tugadot.com and we will promptly delete it.

11. Do Not Track Signals

We do not currently respond to "Do Not Track" browser signals, as there is no industry-standard protocol for compliance. However, we do not engage in cross-site tracking or targeted advertising.

12. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify Business Users of material changes via email or in-app notification. The "Effective Date" at the top indicates when the policy was last revised. Continued use of ScanQueue after an update constitutes acceptance.

13. Contact Us

For privacy inquiries, data requests, or complaints:

We aim to respond to all privacy requests within 30 days.