Privacy policy

Inthechair Privacy Policy

Because Inthechair understands that the privacy of your personal information is important to you, we have established privacy policies and practices. This notice explains how your data will be used and shared by Inthechair. By visiting Inthechair.com, you accept the policies and practices described in this privacy policy. This privacy policy is incorporated into, and is subject to, the Terms of Use. Any capitalized terms not defined in this policy have the meaning set forth in the Terms of Use.

What Our Privacy Policy Covers

Inthechair is committed to the privacy and confidentiality of the information provided by its users. This Privacy Policy describes the type of personal data that Inthechair (“Inthechair,” “we,” or “us”) collects through your use of our website, our products, support, payment and mobile apps, our marketing, demonstrations, and promotions, and our communications with you through our website or by phone, email, or live chat and online services, including your comments and feedback (collectively, the “Services”). The term “Personal Data” refers to any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. Personal Data includes, without limitation, personally identifiable information about you, such as your name, date of birth, email address or postal address, and payment information.

Please note that by submitting Personal Data manually or in electronic form to us and/or by using our website, you give your consent that all Personal Data submitted on each occasion may be processed by and/or shared with Inthechair and its service providers, in the manner and for the purposes described in this Privacy Policy. If you do not want us to collect or process Personal Data, please do not provide it, but you may not be able to take advantage of our Services or certain features of our Services.

Security

We follow generally accepted industry standards to protect the personally identifiable information submitted to us. As an example, all credit card information is encrypted using secure socket layer technology (SSL). However, no method of transmission is 100% secure. Therefore, Inthechair does not guarantee any confidentiality or privacy with respect to any of your personal information or User Submissions. Inthechair does not assume any liability to third parties whose information you include on the Site, or which you post in any User Submissions. Please keep your username and password secure.

Importing Google Contacts

Inthechair enables users to import their existing Google contacts to their Inthechair accounts to create customer contacts. This import feature is powered by Google OAuth and Inthechair, which requests the owner of the Inthechair account to authorize the transfer of contact information and does not attempt to access your Google password. Inthechair doesn’t use the contact information obtained during the import process for other purpose, or push it to external 3rd party apps without your consent.

Children’s Information

Inthechair’s services, platform, and communications whether educational or marketing in nature are not directed at children under thirteen years of age. We do not knowingly collect personal information from children under thirteen. If we obtain actual knowledge that a child under thirteen has provided personal information to us, we will promptly delete that information. Please report any suspected instances to privacy@Inthechair.com.

Information You Provide Voluntarily

Signup Information. When you sign up for the Inthechair platform, you will be asked to provide your name, email address, phone number, physical or mailing address, business name, and industry type, as well as information related to your business service offerings, working hours, and staff members.

Customer or Staff Information. With your consent, you may import staff or customer contact information to Inthechair for the purposes of scheduling appointments, events, or classes with staff or customers. This information includes the staff or customer’s name, phone number, email address, physical or mailing address, and an image of their likeness. For example, with your consent, you may link your Inthechair account with your Google Contacts account, or other similar service, which allows Inthechair to obtain personal information from that account. This import feature is powered by Google OAuth and Inthechair, which requests the Inthechair account owner to authorize the transfer of contact information and does not attempt to access your Google password. Inthechair does not use the contact information obtained during the import process for any other purpose, and does not share contact information with third parties without your consent.

Staff Profiles. A Inthechair account holder may create one or more additional staff profiles with his or her colleagues, or members of their organization. Those colleagues or members may voluntarily give us certain information. This can include their names, email addresses, phone numbers, and short descriptions of personal or professional characteristics intended to inform the Inthechair user’s customers or clientele. If you receive an invitation from a Inthechair account holder but do not wish to become a Inthechair user, please contact the account holder who sent the invitation to discuss other means of managing your appointment calendar.

External Calendars. A Inthechair user may also connect their external or third-party calendar with Inthechair, if they have a Inthechair Premium subscription. Our 2-way calendar sync integration will check the duration and free/busy status of the events in your external calendar, as well as the titles of any events. We do not check who you’re meeting with, their email, or any other details about events in your calendar.

Billing Information. If you purchase a paid subscription to Inthechair Premium or Inthechair Live Booking, our third-party payment processors will collect and store your billing address and credit card information.

Technical Support. If you call, email, or otherwise contact Inthechair for technical support, you may provide personal information such as your name, email address, or phone number to Inthechair.

Third Party Integrations within Inthechair

Inthechair integrates with a number of third-party apps and software platforms to allow for greater functionality and expanded services offerings. Some examples of these integrations include MailChimp and Infusionsoft, for which the Inthechair user must maintain their own MailChimp or Infusionsoft account, respectively. If you use these integrations within Inthechair, you should be aware of the separate privacy policies for those services and platforms. It is also important to obtain your customers’ consent before passing or transmitting their personal information from Inthechair to a third party app.

When handling requests from your customers to remove personal data from your systems, you may be obligated to remove personal data from any third party platforms that you have activated an integration with in your Inthechair account. Inthechair cannot, for example, delete personal information held by MailChimp as part of your usage of a MailChimp account. However, Inthechair will practice due diligence in supporting any requests to delete personal information from a third party app, service, or platform, insofar as Inthechair can assist in helping the Inthechair user communicate those requests to third party apps, services, and platforms directly.

Information Collected Automatically

Cookies. A cookie is a small data file that is automatically saved on your computer's hard drive when you visit a website. These cookies may contain information used to record the websites you visit, but do not contain any personally identifiable information such as your name, address, or credit card information. Inthechair uses cookies to give you a personalized experience. If you have signed up with Inthechair, cookies allow our website to recognize you when you return and give you access to your personal account options. We may also use cookies to keep track of the ways in which customers find us and navigate through our website. This information will be used internally to help us determine where improvements can be made to our website and services. If you do not wish cookies to be saved to your system, you may change your browser's settings so that your computer does not accept them. If cookies are disabled, however, you will not be able to purchase our product and we will not be able to recognize you as a registered user.

Device Data. When you visit Inthechair.com or use the Inthechair platform, Inthechair may automatically record information that includes the web address that you came from and are going to, your device model and unique identifier, operating system type and version, browser type and version, IP address, mobile network carrier, timezone and location. Whether or not Inthechair collects some or all of this information depends on what type of device you use and your device settings. To learn more, please check the policies of your device manufacturer and software provider, and the settings on your device.

Analytics and Web Behavioral Data. Inthechair uses third party service providers such as Google Analytics, FullStory, and Mixpanel to learn more about how users interact with Inthechair.com and the Inthechair platform. This includes the collection and tracking of data regarding the characteristics, including demographic information such as male/female gender, and activities, such as time spent viewing a specific webpage, of visitors and users. You may opt-out of Google Analytics, FullStory, and Mixpanel tracking. Refer to the section “Your Rights and Choices” below for more information.

How We Use Your Information

Inthechair may use personal information about you to provide Platform-related services, including:

The ability to connect with and book appointments with customers online. This may include personal information about you, including your name, phone number, email address, links to social media profiles, and images depicting your likeness that you provide willingly to Inthechair. This may also include information about your business, including your business name, industry type, contact information, physical location, branding elements including but not limited to your business logo, and any service offerings and their associated costs.

The ability to understand and improve Inthechair products. From time to time, Inthechair may conduct surveys or issue requests for beta testers to measure and analyze user interest in products, services, content, or technical support. Information you provide may include your name, phone number, email address, business name, and industry type. Inthechair does this to help improve the platform and refine the quality of educational or advertising communications.

Issue service-related communications. Inthechair may send you service and administrative emails, in-app messages, or push notifications to your mobile device to inform you about events or appointments on your Inthechair calendar, reschedulings or cancellations, changes made to your platform configurations (such as changes made to staff working hours), transactional information about payments received from customers or refunded to customers, as well as any new features, security issues, or platform outages that may affect your usage of the Inthechair platform. These messages are considered operationally essential to the Setmove service and you may not opt out of these messages.

Send promotional communications. Subject to your opt-out preference, Inthechair may send you emails or mail about special offers, gifts, platform features or paid subscription offerings that we think are relevant to you. You may opt out of receiving these communications at any time; refer to the section “Your Rights and Choices” below for more information. Inthechair does not share your information with third-party advertisers who would send you communications promoting their goods or services.

Provide technical support. We will use your information when responding to your questions, comments, feedback, or requests for technical support.

Protecting rights and interests. We may use your information when it is reasonably necessary to comply with legal process, respond to claims, or protect the rights, property or safety of our company, employees, customers, or the public.

Meeting legal and tax compliance. We may use your information to meet legal or regulatory requirements, including the reporting of financial information (such as payments submitted to Inthechair) for tax purposes.

Third Parties With Whom We Share Information

Inthechair uses other service providers and third party platforms to perform key functions on our behalf or assist in providing services to you. A list of such providers used by Inthechair as of May 25, 2018 is given below; Inthechair may add future providers or third parties as consistent with this Privacy Policy. Key functions for each third party may include the following:

  • Mandrill. The sending of appointment confirmations, reminders, reschedule notices, cancellations, invites to access a customer account, invites to access a staff profile, requests for reviews, and thank-you emails.
  • Intercom. The tracking of account-related information such as sign-up date and date the user last accessed the Inthechair Platform, the tracking of device information such as browser, operating system, and device type, the sending of educational or promotional content through email or in-app messages, and facilitating one-on-one instant chat sessions between the Inthechair user and a Inthechair support staff.
  • Twilio. The sending of SMS appointment reminders to the Inthechair user’s end customer.
  • Google App Engine. The hosting of the Inthechair platform and any data accrued via usage of the Inthechair platform, as consistent with this Privacy Policy.
  • Braintree. The processing of payments and the tracking of payment information for subscribers of Inthechair’s paid products, including the Inthechair Premium service.
  • Jbilling. The processing of payments and the tracking of payment information for subscribers of Inthechair’s paid products, including the Inthechair Premium service.
  • Typeform. The collecting of user-submitted contact information from users who nominate themselves to partner with Inthechair as an affiliate, reseller, evangelist, or promotional guru.
  • Google Analytics. The tracking of activities from users on the Inthechair website and the Inthechair platform. This may include but is not limited to time on site, bounce rate, click rates, and more.
  • FullStory. The tracking of behavioral data from users of the Inthechair website and the Inthechair platform. This may include but is not limited to click maps, scrolling behaviors, click rates, and more.
  • Mixpanel. The tracking of behavioral data from users of the Inthechair website and the Inthechair platform. This may include but is not limited to click maps, scrolling behaviors, click rates, and more.

Google API Disclosure

IntheChair's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Compliance with Laws, Regulations, and Requests

Inthechair may share your data if we believe disclosure is reasonable and necessary to comply with laws, regulations, legal requests, judicial requests, or governmental requests, and to enforce or investigate possible violations of our Terms of Use or this Privacy Policy, or otherwise address security or technical issues that may lead to possible violations.

With your consent. We may share some or all of your information to any other third party with your affirmative consent. For instance, we display personal testimonials of satisfied customers in addition to other endorsements. With your consent we may post your testimonial along with your name. If you wish to update or delete your testimonial, you may contact us at help@inthechair.com.

Your Rights and Choices

Communicating with a Supervisory Authority. If you are located in the European Economic Area (EEA), you have the right to reach out and communicate with a supervisory authority in relation to the processing of your Personal Data, but we would appreciate the opportunity to speak with you first and resolve your issues.

Request to Delete Data. You may submit a written request to delete all personal information from the Inthechair platform. Inthechair will fulfill the request within 30 days of the receipt of request. The Inthechair account owner should email a formal request to privacy@Inthechair.com to initiate this process.

As a Inthechair user, you may also manually delete individual staff profiles or customers in your Inthechair account. If a customer requests that you delete their personal information, you may also pass on this request to the Inthechair privacy team for processing, by having the account administrator send an email to privacy@Inthechair.com.

Request to Correct Personal Information. You may submit a written request to correct any inaccuracies in your personal information that is held by Inthechair. Please have the Inthechair account holder send all such requests to privacy@Inthechair.com . Upon receipt of the request, Inthechair will fulfill the terms of the request within 30 days.

Request for Records (Data Portability). You may also submit a written request for Inthechair to provide you historical Staff and Appointment records from your account, or any other personal data about you that Inthechair maintains. Please have the Inthechair account holder send all such requests to privacy@Inthechair.com . Upon receipt of the request, Inthechair will fulfill the terms of the request within 30 days.

Unsubscribe to Emails. At any time you may unsubscribe from Inthechair promotional and educational emails by following the “unsubscribe” link in the footer of every email. If you continue to receive emails after unsubscribing, please check that you don’t have a duplicate Inthechair account registered to a different email address (this is a common issue). Please note that if you unsubscribe from promotional emails from us, you will continue to receive operationally essential emails such as appointment confirmations, payment receipts, and others. You may deactivate some but not all of these operationally essential emails under your Account Settings for Notifications.

Cookies. You may disable or restrict cookies by modifying your browser settings.

Third Party Analytics. You may opt out of Google Analytics, FullStory, and Mixpanel tracking by using the Opt-Out features on each service provider’s website.

You may opt out of the Google Analytics service by installing the opt-out browser tool, located here: https://tools.google.com/dlpage/ gaoptout . For more information on Google’s privacy policy, please visit https://policies.google.com/ privacy

You may opt out of the FullStory service by navigating to the opt-out feature here: https://www.fullstory.com/ optout/ . For more information on FullStory’s privacy policy, please visit https://www.fullstory.com/ legal/privacy/ .

You may opt out of the Mixpanel service by navigating to the opt-out feature here: https://mixpanel.com/ optout/. For more information on Mixpanel’s privacy policy, please visit https://mixpanel.com/legal/ privacy-policy/.

End-user Opt-out

If you want to exercise your rights as Data Subjects under GDPR with respect to Customer information, we recommend that you reach out to the company to whom you provided your personal information. We will, of course, assist our customers in responding to Data Subjects questions and requests.

Links to Other Websites

There may be links to other websites from Inthechair.com. Inthechair does not control any third- party websites and we are not responsible for these sites' use of personal information. We encourage you to become familiar with the privacy practices of any linked site when you visit them.

Retention of Data

Inthechair will generally retain your information for as long as reasonably necessary to provide services to you, and to comply with applicable laws. After you deactivate your account, Inthechair will continue to retain copies of information to comply with our legal obligations (for example, maintaining records of payments made to Inthechair for tax and financial auditing purposes).

Transfer or assignment in connection with business transfers or bankruptcy. In the event of a merger, acquisition, reorganization, bankruptcy, or other sale of all or a portion of our assets, any user information owned or controlled by us may be one of the assets transferred to third parties. We reserve the right, as part of this type of transaction, to transfer or assign to third parties your Personal Data and other information we have collected from users of the Services. Other than to the extent ordered by a bankruptcy or other court, or as otherwise agreed to by you, the use and disclosure of all transferred user information will be subject to this Privacy Policy. However, any information you submit or that is collected after this type of transfer may be subject to a new privacy policy adopted by the successor entity.

Best Practices for Meeting GDPR Compliance with Your Customers

General Data Protection Regulation” (GDPR) is a European Union (EU) regulation designed to protect EU citizen privacy when it comes to submitting personal data to a business or service. Inthechair is generally considered to be a “data processor,” which provides tools to help you as a Inthechair user become GDPR compliant, but ultimately that responsibility is up to you as the “data controller.” Please refer to the Inthechair blog and Inthechair support website for more information on best practices in meeting GDPR compliance.

Privacy Policy Changes

This notice replaces all previous disclosures we may have provided you about our information practices. We reserve the right to revise and modify this policy at any time, without notice, and to apply these changes in policy to information previously collected, where legally permissible. We will notify you of changes by posting the policy changes on our website. Your continued use of the Site constitutes your acceptance to this privacy policy and any updates. This privacy policy is effective as of May 25, 2018.

California Privacy

If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Data by Inthechair to a third party for the third party’s direct marketing purposes. To make such a request, please send an email to [] or write us at the address listed below.

Do Not Track Requests

We do not process “Do Not Track” (“DNT”) signals. Our third-party service providers may also not respond to DNT signals.

About HIPAA Compliance

Inthechair does not currently meet HIPAA compliance. The Inthechair platform sends customer information [i] in email notifications to Inthechair users who are account holders or staff members with a Inthechair staff profile, and [ii] to your Google Calendar or Microsoft Office 365 Calendar if you have a 2-way sync activated with your Inthechair Premium subscription. We DO NOT share your customer's information with any other third parties.

Contact Us

Inthechair has a designated Data Protection Officer (DPO), who may respond to any queries or requests sent to us regarding your privacy. If you have any questions about our Privacy Policy, please send an email to privacy@Inthechair.com. The examples contained in our Privacy Policy are illustrative and are not intended to be exhaustive.