Privacy Policy

Information is used to deliver the booking system, authenticate users, show the correct business data, send transactional messages, process billing, prevent abuse, improve reliability, and measure marketing performance where analytics consent has been given.

• Provide dashboards, public booking pages, client portals, and reminders
• Maintain tenant separation between businesses
• Operate subscription billing and payment-provider integrations
• Troubleshoot errors, investigate abuse, and keep the service secure
• Use optional Google Ads and Meta Pixel analytics or ad conversion tracking only after visitor consent where required

Elas Booking uses trusted infrastructure and service providers to host the app, store data, send emails, process payments, and monitor production operation.

• Hosting and deployment providers such as Vercel
• Database and authentication providers such as Supabase
• Email delivery providers such as Resend
• Payment providers such as Stripe, and external payment instructions for manual workflows
• Monitoring, advertising, and analytics providers such as Google Ads and Meta Pixel where enabled and consented

Elas Booking uses essential storage for login, security, preferences, and product operation. If a visitor chooses to allow analytics tracking, the site may load the Google tag for Google Ads and, where enabled, Meta Pixel. These tools may use cookies or device identifiers and receive page or event data, such as page views, page URL and title, browser or device context, and signup conversion events, to measure ads and campaign performance.

• Essential cookies and storage support login, sessions, security, PWA behavior, and saved preferences
• Google Ads conversion tracking helps measure page views, ad attribution, and new-business signup conversions
• Meta Pixel, if enabled, helps measure page views and conversion events for Facebook and Instagram ads
• Optional ad and analytics scripts should load only after the visitor accepts analytics tracking from the consent prompt
• Visitors can decline optional analytics tracking from the consent prompt and may also use controls offered by Google, Meta, or their browser
• Paid advertising should not start until tracking and consent behavior has been tested

Business owners are responsible for the client data they collect through their booking pages and for following applicable privacy, consent, retention, and communication laws in their region.

• Only collect booking form data that is needed
• Keep client records accurate
• Use payment and email settings responsibly
• Respond to client privacy requests where required

Elas Booking is designed with multi-tenant isolation, role-based access, secure authentication flows, and audit logging for sensitive actions. Data is retained as needed to provide the service, meet operational requirements, and support billing or security needs.

• Use strong passwords and enable two-factor authentication where available
• Limit staff access to people who need it
• Remove unused users and rotate provider secrets when needed
• Contact support if you believe an account is compromised

Business owners can export business workspace data from the billing settings area. Full business deletion, account deletion, and client data deletion are support-assisted during the MVP so ownership, billing, domains, and retention obligations can be checked safely.

• Business owners can request or download a data export
• Deletion requests require identity and business ownership verification
• Some billing, fraud-prevention, tax, security, or legal records may need to be retained
• Clients should contact the business first for business-controlled client data requests