Privacy Policy

Nuvoro ("we," "us," or "our") provides an online scheduling and business management platform. This policy describes how we collect, use, disclose, and safeguard information when you use nuvoro.net, Nuvoro booking pages, the Nuvoro iOS and Android mobile applications, the Nuvoro dashboard, and related services (the "Service").

Who we are

Nuvoro operates the Service for businesses ("Organizations") and their end customers ("Clients") who book appointments, purchase services or products, receive reminders, or otherwise interact with an Organization through Nuvoro. Depending on the context, Nuvoro may process information for its own platform operations and/or as a service provider to an Organization.

Organizations control their client relationships

Organizations are responsible for their own services, client relationships, staff access, privacy notices, intake questions, consent language, booking requirements, cancellation policies, no-show policies, and compliance obligations. Nuvoro provides tools that Organizations may use to collect, store, and manage information, but Organizations decide what information they request from Clients and how they use it to provide their services.

Nuvoro does not provide the professional, health, beauty, wellness, venue, retail, or other services offered by Organizations. If you are a Client, questions about an Organization's services, advice, treatment, policies, or use of your information should be directed to that Organization.

Clients who book through Nuvoro

If you book an appointment, purchase a service or product, complete intake questions, accept booking consent text, provide card-on-file details, or otherwise interact with an Organization through Nuvoro, we process the information needed to provide that booking experience. This may include your name, contact information, appointment details, service selections, add-on services, notes, intake answers, consent acknowledgements, payment status, reminders, messages, and related booking history.

The Organization you book with can access information related to your appointments and client profile in Nuvoro so it can provide its services, manage its schedule, communicate with you, process payments where enabled, and maintain business records.

Accountability

Nuvoro is responsible for personal information under its control. We have designated a privacy contact for questions about this policy and our privacy practices. You can reach us at [email protected].

Consent and booking requirements

We collect, use, and disclose personal information with knowledge and consent where required, except where permitted or required by law. Consent may be provided through account registration, booking flows, settings, payment forms, communications, or other clear actions in the Service.

Some Organizations may configure optional intake questions, booking consent text, card-on-file requirements, deposits, no-show policies, or service-specific booking requirements. These requirements are controlled by the Organization and may vary by service. Organizations are responsible for ensuring that any sensitive, health-related, biometric, financial, or otherwise regulated information they ask Clients to provide is appropriate, lawful, and supported by any required notice or consent.

Information we collect

• Account and profile data: name, email, phone, physical or billing address, account identifiers, user IDs, business name, subdomain, staff profile details, and similar information provided when registering or using the dashboard.
• Booking and operational data: appointments, services, staff, availability, blocks, service bundles, product sales, inventory checkout details, client notes, booking notes, messages sent through the platform, and metadata needed to run scheduling and notifications.
• Client-submitted information: contact details, appointment requests, intake answers, consent acknowledgements, card-on-file status, booking history, and other information a Client provides to an Organization through Nuvoro.
• Payment-related data: limited transaction, subscription, invoice, payment status, connected-account, processor, and billing identifiers needed to operate subscription billing, optional client payments, deposits, no-show policies, refunds, reconciliation, and support.
• Technical and diagnostic data: IP address, device and browser type, app platform, general log information, crash logs, diagnostic data, cookies, tokens, and similar technologies used for security, preferences, troubleshooting, analytics, and fraud prevention.
• Integration data: tokens, identifiers, configuration, and metadata needed when an Organization connects third-party services such as calendar, video, communications, payment, or other integrations.

How we use information

We use personal information to:

• Provide, maintain, secure, and improve the Service;
• Authenticate users, manage sessions, prevent fraud, and protect accounts;
• Operate booking pages, calendars, staff schedules, client records, inventory, and service bundles;
• Send transactional messages such as confirmations, reminders, schedule emails, receipts, and notices;
• Process subscription billing and support payment integrations selected by Organizations;
• Provide customer support, troubleshoot issues, and investigate errors or abuse;
• Comply with law, enforce our terms, and protect the rights, safety, and integrity of Nuvoro, users, Organizations, Clients, and the public;
• Analyze usage in aggregate or de-identified form to improve product experience where permitted.

Payments, Stripe, and Square

Nuvoro uses Stripe for subscription billing. Organizations may also connect Stripe or Square to accept client payments, deposits, or card-on-file details through Nuvoro. Payment card information is entered into secure interfaces provided by the applicable payment processor. Nuvoro does not store raw card numbers or CVV codes on our servers.

Stripe and Square process payment information under their own terms, privacy policies, and security programs. Nuvoro may receive limited payment identifiers, status, last-four card details, card brand, transaction IDs, invoice IDs, customer IDs, connected-account IDs, and related metadata needed to operate billing, display payment status, provide support, and maintain records.

If a payment processor experiences a security incident affecting payment information, that processor may be responsible for investigating and notifying affected parties as required by law. Where Nuvoro is notified that information connected to our Service may be affected, we will take reasonable steps to assist with notices, investigation, and user support as required by applicable law.

Sharing and subprocessors

We may share information with service providers and subprocessors that help us host, secure, email, message, analyze, troubleshoot, support, or process payments for the Service, under obligations appropriate to their role. We may also disclose information if required by law, to enforce agreements, to investigate abuse or security incidents, or to protect the rights, safety, and integrity of Nuvoro, users, Organizations, Clients, or the public.

Organizations control their own client lists, booking data, staff access, and business records within the Service. They are responsible for their own privacy practices toward their Clients and staff.

Retention

We retain information as long as needed to provide the Service, support Organizations, maintain business records, meet legal obligations, resolve disputes, investigate abuse, prevent fraud, and enforce agreements. Retention periods may vary by data type, account status, legal requirements, backups, and operational needs.

Security

We implement technical and organizational measures designed to protect personal information, including encryption in transit, access controls, secure credential handling, monitoring, and operational safeguards. No platform, transmission method, or storage system can be guaranteed to be completely secure. Users and Organizations are responsible for maintaining the confidentiality of their login credentials and for controlling staff access within their accounts.

Breach notification

If we become aware of a security incident affecting personal information under Nuvoro's control, we will investigate and take steps appropriate to the nature of the incident. We will notify affected users, Organizations, Clients, and/or regulators where required by applicable law and within legally required timeframes.

Accuracy

We take reasonable steps to keep personal information accurate, complete, and up to date as necessary for the purposes for which it is used. Users and Organizations can update certain information directly in the Service. To request a correction, contact us at [email protected] or [email protected].

Your rights and choices

Depending on where you live, including Canada, you may have rights to access, correct, delete, or restrict certain processing of your personal information, or to withdraw consent where processing is consent-based. We may need to verify your request. Some requests may be limited by legal, contractual, billing, fraud-prevention, dispute-resolution, security, backup, or business-record obligations.

If you are a Client of an Organization, we may direct certain requests to that Organization because it controls the client relationship and business records associated with your appointment or service.

Challenging compliance

You may contact us with questions or concerns about this policy or our privacy practices at [email protected]. We will review privacy complaints and respond as appropriate. If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada at priv.gc.ca.

International processing

Our infrastructure and subprocessors may be located in Canada, the United States, or other regions. Personal information may be transferred, stored, or processed outside your province, state, or country and may be subject to the laws of those jurisdictions. Where information is transferred across borders, we take steps consistent with applicable law.

Children

The Service is not directed at children under 13, or the minimum age in your jurisdiction. We do not knowingly collect personal information from children in that group. Organizations are responsible for ensuring they have any legally required consent when collecting information from minors through their own services.

Changes

We may update this policy from time to time. We will post the revised policy on this page and update the "Last updated" date. Material changes may be communicated through the Service or by email where appropriate.

Frequently asked questions

Who can see my booking information?

The Organization you book with can see information needed to manage your appointment and provide its services, such as your name, contact details, selected service, appointment time, notes, intake answers, consent acknowledgements, and payment status where applicable.

Does Nuvoro store my credit card?

No. Nuvoro does not store raw card numbers or CVV codes. Card information is processed by payment processors such as Stripe or Square. Nuvoro may store limited payment metadata such as payment status, transaction identifiers, card brand, and last four digits where needed for records and support.

Why do I receive appointment reminders?

Organizations may use Nuvoro to send appointment confirmations, reminders, receipts, schedule updates, and other transactional messages related to bookings or services.

Does Nuvoro sell personal information?

Nuvoro does not sell personal information. We use information to operate, secure, support, and improve the Service, and to provide features selected by Organizations.

Can I delete or correct my information?

You can contact us at [email protected] or [email protected]. If you are a Client of an Organization, certain requests may need to be handled by that Organization because it controls its client records and service history.

What happens if Stripe, Square, or another provider has a breach?

Third-party providers are responsible for their own systems and independent processing activities. Where Nuvoro is notified that information connected to our Service may be affected, we will take reasonable steps to assist with notices, investigation, and user support as required by applicable law.

Contact

Questions about this Privacy Policy: [email protected] or visit our contact page.