Privacy Policy

SpaOne POS is a salon and spa point-of-sale software platform operated by TATT VENTURES, LLC (“Company,” “we,” “us,” or “our”), a California limited liability company. Our website is www.spaonepos.com.

From our business customers (salons/spas):

• Business name, address, phone, email
• Owner/operator name and contact details
• Payment and billing information
• Twilio account credentials (encrypted at rest)

From our customers' end-users (salon clients):

• Name, phone number, email address
• Appointment history and visit records
• Loyalty points and transaction history
• Birthday month (for promotional purposes)

We use collected information to:

• Provide and operate the SpaOne POS platform
• Send SMS appointment reminders on behalf of our salon customers
• Send SMS marketing promotions on behalf of our salon customers (only to clients who have opted in)
• Process payments and maintain transaction records
• Improve our platform and customer support

SpaOne POS sends SMS messages on behalf of salon and spa businesses using our platform. By providing a phone number to a salon using SpaOne POS, end-users may receive:

• Appointment reminders
• Promotional offers and birthday messages
• Win-back and re-engagement messages

Message and data rates may apply. Message frequency varies by salon. To opt out, reply STOP to any message. For help, reply HELP or contact the salon directly.

We do not sell phone numbers or use them for any purpose other than the above.

We do not sell your personal information. We share data only with:

• Twilio Inc. — our SMS delivery provider
• Service providers necessary to operate our platform (hosting, payments, etc.)
• Law enforcement when required by law

We retain business customer data for the duration of the subscription plus 3 years. End-user SMS opt-out records are retained indefinitely to honor opt-out requests.

We use industry-standard encryption (TLS in transit, AES-256 at rest) to protect your data. Twilio credentials are stored encrypted and auth tokens are never exposed after entry.

Depending on your state, you may have the right to:

• Access the personal data we hold about you
• Request deletion of your data
• Opt out of SMS communications by replying STOP

To exercise these rights, contact us at info@spaonepos.com.

Our platform is not directed to children under 13. We do not knowingly collect data from children.

We may update this policy periodically. We will notify business customers by email. Continued use of SpaOne POS after changes constitutes acceptance.