Skip to main content
Service Engine

Privacy Policy

Last updated: February 16, 2026

Service Engine ("we," "us," or "our") operates a SMS, booking, and AI agent platform designed for local service businesses such as salons, barbershops, cleaning services, personal trainers, and similar businesses ("Business Users"). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our website, dashboard, APIs, and related services (collectively, the "Platform").

By using the Platform, you agree to the terms of this Privacy Policy. If you do not agree with the terms of this policy, please do not access or use the Platform.

1. Information We Collect

Business Information

When you create an account and set up your business on Service Engine, we collect information you provide directly, including:

  • Business name, address, phone number, and email address
  • Hours of operation and service offerings (names, durations, pricing)
  • Business owner or administrator name and contact details
  • Business logo and branding preferences

Client Data

When your clients interact with your booking page or receive SMS messages through the Platform, we collect and store:

  • Client name, phone number, and email address (when provided)
  • Appointment history, including service type, date, time, and status
  • SMS opt-in and opt-out status

SMS Message Content

We store the content of SMS messages sent and received through the Platform. This includes automated messages (appointment reminders, follow-ups, review requests), manual messages sent from your inbox, and inbound messages from your clients. Message content is stored to provide conversation history in your shared inbox and to enable the AI agent to maintain context.

Payment Information

Payment processing is handled entirely by Stripe. We do not store credit card numbers, bank account numbers, or other sensitive financial data on our servers. We retain only a reference to your Stripe customer ID and subscription status to manage your account.

Usage Data

We automatically collect certain information when you access the Platform, including:

  • Pages viewed, features used, and actions taken within the dashboard
  • Device type, browser type, and operating system
  • IP address and approximate geographic location
  • Referring URLs and session duration

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide Platform services: Operate the booking system, send and receive SMS messages, run the AI agent, and manage your shared inbox.
  • Send automated messages on your behalf: Deliver appointment reminders, missed-call text-backs, post-appointment follow-ups, and review requests as configured in your automation settings.
  • Process payments: Manage your subscription billing, process upgrades and cancellations, and provide billing history.
  • Improve the Platform: Analyze usage patterns to fix bugs, develop new features, and optimize performance.
  • Communicate with you: Send account-related notifications, security alerts, and (with your consent) product updates.
  • Ensure security: Detect and prevent fraud, abuse, and unauthorized access to the Platform.

3. Third-Party Services

We rely on trusted third-party service providers to operate the Platform. These providers have access to information only as necessary to perform their functions and are obligated to protect your data in accordance with their own privacy policies.

  • Twilio — Provides SMS delivery, phone number provisioning, and messaging infrastructure. Twilio processes phone numbers and message content to deliver and receive SMS on your behalf. Twilio Privacy Policy
  • Stripe — Handles all payment processing, subscription management, and billing. Stripe collects and processes payment method details directly. Stripe Privacy Policy
  • Clerk — Provides authentication, session management, and account security. Clerk processes your email address, name, and authentication credentials. Clerk Privacy Policy
  • Anthropic — Powers the AI agent that responds to inbound SMS messages. Inbound message content and relevant business context (services, hours, pricing) are sent to Anthropic's API to generate responses. Anthropic Privacy Policy
  • Supabase — Provides the PostgreSQL database infrastructure where business data, client records, appointments, and messages are stored. Supabase Privacy Policy
  • Vercel — Hosts the web application and serverless API functions. Vercel processes request data including IP addresses and request metadata. Vercel Privacy Policy

4. Data Retention

  • Business data is retained for as long as your account remains active. When you cancel your subscription, your data is retained for 30 days to allow for data export or account reactivation.
  • SMS messages are retained for 12 months from the date they are sent or received. After 12 months, message content is automatically purged. Conversation metadata (timestamps, phone numbers) may be retained longer for compliance purposes.
  • Client records are retained for as long as the associated business account is active. When a business account is deleted, all associated client records are deleted.
  • Data deletion is available on request at any time. You may request deletion of your entire account and all associated data by contacting us at privacy@serviceengine.app.
  • Data export is available for 30 days after account cancellation. You may export your business data, client records, appointment history, and message history in standard formats through the dashboard or by contacting support.

5. Data Security

We take the security of your data seriously and implement industry-standard measures to protect it:

  • Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security). API calls to third-party services are also encrypted via TLS.
  • Encryption at rest: Data stored in our database is encrypted at rest using AES-256 encryption provided by our infrastructure providers.
  • Row-level security: Our database enforces row-level security (RLS) policies to ensure that each business can only access its own data. Queries are automatically scoped to the authenticated organization.
  • Multi-tenant isolation: Business A cannot view, access, or modify data belonging to Business B. Tenant isolation is enforced at the database level, not just the application level.
  • Authentication: User accounts are secured with Clerk, which supports multi-factor authentication, session management, and secure credential storage.

While we implement robust security measures, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

6. Your Rights

You have the following rights regarding your personal data:

  • Access: You can access your data at any time through the dashboard. Business information, client records, appointments, and message history are all available directly in the Platform.
  • Deletion: You may request the deletion of your account and all associated data. Deletion requests are processed within 30 days.
  • Export: You may export your data in standard formats (CSV, JSON) through the dashboard or by contacting support.
  • Correction: You may update or correct your business information and client records directly through the dashboard at any time.
  • Opt out of marketing: You may opt out of marketing communications at any time by clicking the unsubscribe link in any marketing email or by contacting us directly. Opting out of marketing does not affect account-related communications (billing notices, security alerts, service updates).

To exercise any of these rights, contact us at privacy@serviceengine.app.

7. Client Data (Your Customers)

This section addresses the data of your clients — the end consumers who book appointments and communicate with your business through the Platform.

  • You are the data controller. As a Business User, you determine the purposes and means of processing your clients' personal data. You decide what information to collect, what messages to send, and how to use the Platform to interact with your clients.
  • We are the data processor. Service Engine processes your clients' data on your behalf and according to your instructions. We do not use your client data for our own marketing or sell it to third parties.
  • Consent is your responsibility. You are responsible for obtaining appropriate consent from your clients before collecting their personal information and sending them SMS messages. This includes informing clients that their data will be processed through the Platform and its third-party providers.
  • Client opt-out. Clients can opt out of receiving SMS messages at any time by replying STOP to any message. When a client opts out, their phone number is added to the opt-out list and no further messages will be sent. Business Users can view opt-out status in the client management section of the dashboard.

We recommend that Business Users maintain their own privacy policy that describes how they collect and use client data, including their use of Service Engine as a service provider.

8. Children's Privacy

The Platform is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal data from a child under 13 without verified parental consent, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at privacy@serviceengine.app.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

  • We will update the "Last updated" date at the top of this page.
  • For material changes, we will notify you via email to the address associated with your account.
  • We will also display a notification within the dashboard to ensure you are aware of the changes.

Your continued use of the Platform after a revision becomes effective constitutes your acceptance of the revised Privacy Policy.

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: privacy@serviceengine.app

We aim to respond to all privacy-related inquiries within 10 business days.

← Back to Service Engine