Privacy Policy

Depending on how you use Book-Well, we may collect the following categories of information:

• Account details. Names, emails, phone numbers, passwords, organization handles, and roles that are required to create owner, team, or client accounts.
• Booking and client content. Services offered, intake form responses, schedules, files, and notes that you provide while using dashboards, public storefronts, or client logins.
• Payment and commerce data. Book-Well passes payment details directly to processors such as Stripe and Square. We store only the minimal identifiers returned from those processors (for example, checkout session IDs or status updates) so that deposits, memberships, and invoices can be tracked.
• Communications. Messages sent through our notification tools, including reminder emails, SMS alerts delivered through Twilio, or internal automations triggered by bookings.
• Google account information. If you connect Google Calendar we collect your email address, the calendar IDs you select, OAuth tokens, and event metadata that is required to sync bookings, confirm availability, and update or delete events.
• Device and usage data. Log files, security telemetry, approximate location (derived from IP address), browser details, and product interaction events that help us troubleshoot issues and keep the platform reliable.

Book-Well processes data in order to:

• Authenticate users and provide access to the owner, team, or client dashboards you belong to.
• Host customizable public sites, service cards, audio, galleries, and storefronts configured by each organization.
• Create, reschedule, or cancel services, including collecting deposits, generating invoices, and syncing calendar events.
• Send transactional communications such as confirmations, reminders, receipts, follow-up messages, and reconnect instructions when an integration (like Google Calendar) requires attention.
• Analyze aggregated usage trends and improve product reliability, onboarding, and support workflows.
• Protect Book-Well, our customers, and their clients from fraud, misuse, or security incidents.

Book-Well lets organization owners connect Google Calendar so bookings, provider availability, and automated reminders can stay in sync. When you grant access, we request the openid, email, profile, https://www.googleapis.com/auth/calendar, and https://www.googleapis.com/auth/calendar.events scopes in order to:

• List the calendars available to you so you can choose which one Book-Well should update.
• Read event summaries, attendee details, and start/end times to detect conflicts before confirming a booking.
• Create, update, or delete events that match the bookings you schedule inside Book-Well.

We store your refresh token, access token, expiration date, and selected calendar ID in your user record so that the sync can run until you disconnect it. Tokens are kept in our database with strict access controls and are never used for advertising or unrelated data mining. If Google reports that a refresh token is no longer valid, we immediately stop syncing and prompt the organization owner to reconnect.

You can revoke access at any time from Book-Well Settings → Integrations or from your Google account security page. Our use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

We disclose information only as needed to provide the service or when legally required:

• Service providers. Book-Well relies on vetted vendors such as Twilio (SMS delivery), Google (calendar sync), Square and Stripe (payments), and cloud hosting partners. Each provider receives only the data necessary to deliver the requested feature.
• Organization members. Owners and authorized team members can view the client data, bookings, media, and payment statuses configured inside their workspace. We do not control how those organizations manage the data they export from Book-Well.
• Legal compliance. We may disclose information when responding to lawful requests, enforcing our agreements, preventing fraud, or protecting the rights, property, or safety of Book-Well, our users, or the public.

We retain account data for as long as an organization maintains a subscription plus any additional period required by law, dispute resolution, or legitimate business needs. Users can:

• Access or update profile information from their dashboard or by contacting the workspace owner.
• Request deletion of their account or client profile by emailing Book-Well or the organization that maintains it.
• Unsubscribe from marketing messages by using the opt-out link contained in those emails.
• Revoke Google Calendar, Square, Stripe, or other integrations from their dashboard at any time.

Depending on your region, you may have additional rights such as the right to portability or to object to processing. We will honor those requests in accordance with applicable law.

Book-Well uses TLS encryption in transit, role-based access controls, routine logging, and automated alerts to protect the information we store. We also monitor integrations (such as Google Calendar) for invalid or expired credentials and prevent further syncing until the issue is resolved. No online service can guarantee absolute security, so we encourage organizations to adopt strong passwords, least-privilege roles, and two-factor authentication wherever possible.

If you have questions or would like to exercise a privacy right, contact Well-Launched Productions LLC at admin@well-launched.com. Please include the organization handle or booking reference so we can route your request quickly.