DISCLAIMER — NOT LEGAL ADVICE This document is a thorough template/starting point generated to unblock app-store submission. It must be reviewed by a qualified attorney before reliance or publication, especially the HIPAA, liability, governing-law, and data-retention sections. AppointHub is not responsible for any consequences arising from use of this template without legal review.
Privacy Policy
Effective Date: May 17, 2026 Last Updated: June 30, 2026
AppointHub, Inc. ("AppointHub," "we," "our," or "us") operates the AppointHub platform, which includes the business web portal at https://appoint-hub.com and the consumer mobile application ("App") (collectively, the "Services"). This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our Services.
Please read this Privacy Policy carefully. By using our Services you agree to the practices described here. If you do not agree, please do not use the Services.
Table of Contents
- Who We Are and How to Contact Us
- Scope of This Policy
- Information We Collect
- How We Use Your Information
- How We Share Your Information
- Subprocessors and Third-Party Services
- HIPAA and Protected Health Information
- Data Retention
- Security
- Your Rights and Choices
- SMS / Text Messaging
- Children's Privacy
- Cookies and Analytics
- Breach Notification
- International Data Transfers
- Changes to This Policy
- Contact Us
1. Who We Are and How to Contact Us
AppointHub, Inc. is a Delaware corporation that provides a two-sided appointment-management SaaS platform serving businesses (healthcare providers, salons, fitness studios, law firms, automotive shops, educational services, and professional services) and their clients (consumers).
Privacy inquiries: Email: privacy@appoint-hub.com Website: https://appoint-hub.com/contact Mailing Address: [Address to be confirmed by legal counsel]
2. Scope of This Policy
This Privacy Policy applies to:
- Business Users ("Businesses"): Sole proprietors, clinics, studios, or companies that create an AppointHub business account to manage appointments and staff.
- Consumer Users ("Consumers"): Individuals who download the AppointHub mobile app to book and manage appointments with Businesses.
- Visitors: Anyone who visits https://appoint-hub.com without a registered account.
This Policy does not apply to third-party services linked from our platform (e.g., payment processors, video-call providers). Please review those services' own privacy policies.
3. Information We Collect
3.1 Information You Provide Directly
Account Registration
- Full name, email address, phone number
- Password (stored as a bcrypt hash — never in plain text)
- Role (Consumer or Business Owner)
Business Profile (Business Users)
- Business name, industry type, description
- Physical address(es), city, state, ZIP code, country
- Business phone, email, website URL
- Logo image and branding assets
Appointment and Booking Data
- Appointment date, time, duration, status
- Service requested and any service-specific metadata (e.g., CPT codes for healthcare, vehicle make/model for automotive)
- Notes or special instructions attached to appointments
- Reschedule and cancellation history
Intake Forms
- Responses to intake-form templates (demographic information, health history, consent fields, e-signatures with timestamp and IP address)
- For healthcare Businesses, intake-form responses may constitute Protected Health Information (see Section 7)
Secure Messaging
- Text messages exchanged between Consumers and Businesses through the in-app messaging system
- For healthcare Businesses, message content may constitute PHI and is encrypted at rest
Delegate Relationships
- Names and email addresses of delegates (e.g., caregivers, family members) added by Consumers
- Role of each delegate (manager, companion, etc.)
Profile and Preference Data
- Timezone, preferred notification channels
- Multi-factor authentication (MFA) method and settings
- Default delegate selection
Payments and Subscriptions
- Billing-related information is handled by our payment processor (see Section 6). We do not store full credit-card numbers on our servers.
3.2 Information Collected Automatically
Device and Technical Data
- IP address, device type, operating system version, browser type
- App version, session identifiers, crash logs
- Expo push notification token (required to deliver push notifications to mobile devices)
Location Data (Mobile App)
- Coarse location: used to display nearby businesses in the search/scheduling flow
- Precise GPS location: collected only when a Consumer books a mobile (come-to-you) service and explicitly enters a service address, or when a Business User is navigating to a Consumer's location and the "On the Way" travel-tracking feature is active. Location tracking stops as soon as the appointment reaches "Arrived" status or the provider exits the appointment screen.
- We do not run continuous background location tracking without your explicit consent.
Usage and Analytics Data
- Pages/screens viewed, features used, button clicks
- Aggregated and de-identified usage statistics used to improve the Services
Log Data
- Server-side audit logs recording API calls, authentication events, and data-change events (actor, action, timestamp, affected resource, before/after diff, IP address, user agent)
4. How We Use Your Information
We use the information we collect for the following purposes:
| Purpose | Lawful Basis |
|---|---|
| Providing, operating, and improving the Services | Contract performance |
| Sending appointment confirmations, reminders, and status updates | Contract performance / Legitimate interest |
| Enabling real-time in-app messaging between Consumers and Businesses | Contract performance |
| Processing and managing intake forms and e-signatures | Contract performance / Legal obligation |
| Enabling travel tracking for mobile-service appointments | Contract performance (with consent) |
| Delivering push notifications (confirmation requests, reschedule alerts, etc.) | Consent |
| Verifying identity and preventing unauthorized access (MFA, refresh-token rotation) | Legitimate interest / Legal obligation |
| Audit logging for compliance, security, and fraud prevention | Legal obligation / Legitimate interest |
| Sending transactional emails (password resets, MFA codes) | Contract performance |
| Aggregated analytics to improve platform performance and feature development | Legitimate interest |
| Responding to legal requests and enforcing our Terms of Service | Legal obligation |
We do not sell your personal information to third parties for their independent marketing purposes.
5. How We Share Your Information
5.1 Within the Platform
- Consumer appointment details (name, service booked, date/time) are shared with the Business the Consumer has booked with, and with any delegates the Consumer has authorized.
- Business staff members with appropriate permissions can view Consumer information within their business account.
5.2 Subprocessors
We share information with service providers that help us operate the platform. See Section 6 for a full list.
5.3 Legal Requirements
We may disclose information if required by law, subpoena, court order, or government authority, or when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of AppointHub, our users, or the public.
5.4 Business Transfers
If AppointHub is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
5.5 Aggregated or De-Identified Data
We may share aggregated or de-identified information that cannot reasonably be used to identify you.
6. Subprocessors and Third-Party Services
AppointHub uses the following categories of subprocessors. Where applicable (particularly for healthcare Businesses subject to HIPAA), we have signed Business Associate Agreements (BAAs) with these providers.
| Subprocessor | Purpose | Data Shared | BAA Signed |
|---|---|---|---|
| Render | Cloud hosting and infrastructure (API, database, Redis) | All platform data (encrypted at rest) | Yes |
| Backblaze B2 (S3-compatible) | File/object storage for uploads (logos, attachments) | Uploaded files | Yes |
| Amazon Web Services (SES) | Transactional email delivery (password reset, MFA codes, notifications) | Email address, email content | Yes |
| Firebase / Google Cloud Messaging (FCM) | Push notification delivery to Android and iOS devices | Device push token, notification payload | Yes |
| Daily.co | Telehealth video sessions (when enabled by a Business) | Video session data | Review required |
| Twilio | SMS delivery for SMS-based MFA and notifications | Phone number, message content | Review required |
| Stripe (if applicable) | Payment processing | Payment card data (Stripe handles storage; AppointHub receives only tokens) | N/A — PCI scope |
| Expo / EAS | Mobile app build and update delivery | App binary; no personal data | N/A |
Note for healthcare Businesses: We strongly recommend confirming current BAA status with each subprocessor before treating their services as HIPAA-compliant conduits for PHI.
7. HIPAA and Protected Health Information
7.1 Applicability
For Businesses that operate in the healthcare industry (e.g., medical practices, therapy clinics, telehealth providers), AppointHub acts as a Business Associate as defined by the Health Insurance Portability and Accountability Act (HIPAA), 45 C.F.R. Parts 160 and 164. In that capacity, we handle Protected Health Information (PHI) on behalf of the Covered Entity (the healthcare Business).
Healthcare Businesses are required to execute a Business Associate Agreement (BAA) with AppointHub before using the platform for any workflows involving PHI. Contact legal@appoint-hub.com to obtain or review a BAA.
7.2 What Constitutes PHI on Our Platform
PHI includes, but is not limited to:
- Appointment records that include a patient's name, date of service, and healthcare provider
- Intake-form responses containing health history, diagnoses, medications, or insurance information
- Secure messages that include clinical information
- Any combination of information that could identify an individual and relates to their past, present, or future physical or mental health condition or healthcare payment
7.3 How We Protect PHI
- Encryption in transit: All data is transmitted over TLS 1.2 or higher (HTTPS).
- Encryption at rest: The database (PostgreSQL on Render), object storage (Backblaze B2), and Redis cache are configured with encryption at rest.
- Field-level encryption: For Businesses that have enabled the
complianceSettings.encryptPatientNotesflag, message content and clinical notes are encrypted at the application layer before storage. - Access controls: Role-based access control (RBAC) limits which staff members can view PHI.
- Audit logging: All access to, and modification of, PHI-containing records is logged with actor, timestamp, IP address, and before/after diffs. Logs are retained for a minimum of six (6) years in compliance with HIPAA's documentation-retention standards.
- Minimum necessary: The platform is designed so that only the data necessary for each function is accessed or transmitted.
7.4 Consumer Rights Regarding PHI
If a healthcare Business collects your PHI through AppointHub, that Business is the Covered Entity responsible for honoring your HIPAA rights (right of access, amendment, accounting of disclosures, etc.). AppointHub will support the Covered Entity in fulfilling those rights. For requests related to your PHI, please contact the specific healthcare Business directly.
8. Data Retention
| Data Category | Retention Period |
|---|---|
| Active account data | For the life of the account |
| Appointment records | 7 years after appointment date (healthcare); 3 years (other industries) |
| Intake forms and e-signatures | 7 years (healthcare); 3 years (other industries) |
| Secure messages | 7 years (healthcare); 2 years (other industries) |
| Audit logs | 6 years minimum (HIPAA requirement) |
| Push notification tokens | Refreshed with each login; removed on account deletion or opt-out |
| Location data (travel tracking) | Not persisted beyond the appointment record (ETA values are ephemeral; only last-known travel status is stored) |
| Deleted account data | Anonymized or purged within 30 days of deletion request, except where retention is required by law |
| Backup data | Retained up to 90 days in encrypted backups; purged thereafter |
9. Security
We implement administrative, technical, and physical safeguards appropriate to the sensitivity of the data we process:
- TLS everywhere: All API traffic and web portal traffic is encrypted in transit (HTTPS/WSS).
- Password hashing: Passwords are stored as bcrypt hashes; we never store or log plain-text passwords.
- Token security: JWT access tokens expire in 1 hour; refresh tokens expire in 30 days, are rotated on every use, and are stored as hashed values in the database.
- MFA: Time-based OTP (TOTP), email-based OTP, and SMS-based OTP are supported as second factors.
- Rate limiting: Authentication endpoints (login, registration, password reset) are rate-limited to prevent brute-force attacks.
- Timing-safe comparisons: Password-reset code verification uses constant-time comparison to prevent timing attacks.
- Path-traversal prevention: File-upload handling validates real paths to prevent directory-traversal attacks.
- Audit logging: All significant actions are logged and retained.
No system is 100% secure. We cannot guarantee absolute security of your information.
10. Your Rights and Choices
Depending on your jurisdiction, you may have the following rights:
10.1 Access and Portability
You may request a copy of the personal information we hold about you.
10.2 Correction
You may correct inaccurate or incomplete information through your account settings or by contacting us.
10.3 Deletion ("Right to Be Forgotten")
You may request deletion of your account and associated personal data. We will honor such requests subject to our legal obligations (e.g., retaining audit logs as required by HIPAA, tax law, or other applicable regulations).
10.4 Restriction and Objection
You may request that we restrict processing or object to certain processing activities (e.g., marketing communications).
10.5 Withdraw Consent
Where processing is based on your consent (e.g., push notifications, location tracking), you may withdraw consent at any time through your device settings or app notification preferences. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
10.6 Push Notifications
You can disable push notifications at any time through your device's OS notification settings or within the App's notification preference screen.
10.7 Location Data
You can revoke location permissions for the App at any time through your device's OS settings. Revoking location access will disable the travel-tracking feature for mobile-service appointments.
10.8 California Residents (CCPA/CPRA)
California residents have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know, the right to delete, the right to correct, the right to opt out of the sale/sharing of personal information, and the right to non-discrimination. AppointHub does not sell personal information. To exercise your rights, contact privacy@appoint-hub.com.
10.9 EEA/UK Residents (GDPR/UK GDPR)
If you are located in the European Economic Area or United Kingdom, you have rights under the GDPR or UK GDPR. Our legal bases for processing are described in Section 4. To exercise your rights or lodge a complaint with a supervisory authority, contact privacy@appoint-hub.com.
10.10 Mobile App Permissions
The AppointHub mobile app asks for the following device permissions. Each is optional, requested only when you use the related feature, and can be changed at any time in your device's Settings. We collect this data only to operate the features below — we do not sell it, and we do not use it for advertising or share it with data brokers.
- Location (While Using the App) — Finds businesses near you and shows your live travel time to upcoming appointments. Used only while the app is open.
- Location (Always / Background) — Powers the optional "leave-by" lock-screen activity for in-office appointments: it keeps your estimated arrival time accurate and marks you as arrived when you reach the location, even while your phone is locked. Only requested after you've already allowed "While Using the App," and only while you have an upcoming appointment with this feature on. Your location is never used for advertising and is not shared with third parties.
- Motion & Fitness — Detects when you start driving so the leave-by activity can switch to "on your way" without draining your battery with constant GPS.
- Camera — Lets you take a profile photo, a business logo, or a photo to attach to a message.
- Photos — Lets you choose an existing image from your library for those same uploads.
- Notifications — Sends appointment reminders, confirmations, and message alerts. Notifications are never required to use the app.
You can revoke any of these in iOS Settings → AppointHub (or Android Settings → Apps → AppointHub → Permissions) at any time; the related feature simply turns off.
To exercise any right, email privacy@appoint-hub.com. We will respond within the timeframe required by applicable law (typically 30 days).
11. SMS / Text Messaging
Consent. When you create an AppointHub account, you may provide your mobile phone number and opt in to receive a one-time verification code by SMS. You opt in by entering your mobile number and tapping "Send code" during registration in the AppointHub mobile app or web portal, after being shown a disclosure stating that you agree to receive a one-time verification code by SMS.
What we send. SMS messages are strictly transactional: a one-time passcode (OTP) used to verify that you control the phone number on your account. We do not send marketing or promotional text messages.
Message frequency. Message frequency varies and is typically one message per verification request.
Rates. Message and data rates may apply, depending on your mobile carrier and plan.
Opt-out / help. Reply STOP to any message to opt out of further SMS, or HELP for help. You can also remove your phone number in your account settings. Opting out of SMS does not affect email-based access to your account.
No sharing of mobile data. We do not share or sell your mobile phone number or your SMS opt-in/consent to any third parties or affiliates for their own marketing or promotional purposes. Your number is shared only with our SMS delivery provider (Twilio) solely to deliver the verification messages you requested, as described in Section 6 (Subprocessors).
12. Children's Privacy
The Services are not directed to children under the age of 13 (or under 16 in the EEA/UK). We do not knowingly collect personal information from children under these ages. If you believe a child has provided us with personal information without parental consent, please contact us at privacy@appoint-hub.com and we will delete that information promptly.
For healthcare Businesses serving pediatric patients, the healthcare Business (as the Covered Entity and/or COPPA operator) is responsible for obtaining appropriate parental consents before using AppointHub to process minors' PHI.
13. Cookies and Analytics
12.1 Web Portal (Browser)
The AppointHub web portal (https://appoint-hub.com) uses:
- Strictly necessary cookies: Session/authentication tokens required for portal operation. These cannot be disabled without breaking the portal.
- Functional cookies: User preferences such as font-size accessibility settings, sidebar collapse state, and notification-viewed timestamps stored in localStorage.
- Analytics: We may use aggregated, privacy-respecting analytics to understand feature usage. No cross-site tracking pixels are embedded.
You can manage cookies through your browser settings. Disabling strictly necessary cookies will prevent you from logging in.
12.2 Mobile App
The mobile App uses:
- Expo SecureStore: Refresh tokens and business context identifiers are stored in the device's secure keychain/keystore (encrypted by the OS). This is not a cookie.
- AsyncStorage / localStorage: Non-sensitive preferences (notification viewed state, view preferences) are stored in local storage on the device.
- No third-party advertising cookies or tracking SDKs are embedded in the App.
14. Breach Notification
In the event of a data breach that affects your personal information, we will:
- Notify affected users without undue delay and, where required by law, within the statutory deadline (e.g., 72 hours under GDPR; 60 days for HIPAA Breach Notification Rule).
- For HIPAA-covered breaches, notify affected individuals, the relevant Covered Entity, and the U.S. Department of Health and Human Services (HHS) as required by 45 C.F.R. § 164.400–414.
- Describe the nature of the breach, the categories of data affected, steps we have taken, and recommended steps you can take to protect yourself.
Notifications will be sent by email to the address associated with your account. Business Users should ensure their account email address remains current.
15. International Data Transfers
AppointHub is based in the United States. If you access our Services from outside the United States, your information will be transferred to and processed in the United States, where data-protection laws may differ from those in your jurisdiction.
For transfers from the EEA or UK, we rely on appropriate safeguards (such as Standard Contractual Clauses or the UK International Data Transfer Agreement) where required. Contact privacy@appoint-hub.com for copies of applicable transfer mechanisms.
16. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page.
- Send an in-app notification or email to registered users.
- Require affirmative re-acceptance for material changes that affect how we process your data.
Your continued use of the Services after the effective date of any changes constitutes your acceptance of the updated Policy.
17. Contact Us
For privacy questions, data-subject requests, or to report a concern:
Email: privacy@appoint-hub.com Legal/BAA inquiries: legal@appoint-hub.com Website: https://appoint-hub.com/privacy Mailing Address: [To be updated with company registered address]
AppointHub, Inc. — https://appoint-hub.com This Privacy Policy was generated as a thorough starting template. It has not been reviewed or approved by legal counsel and should not be relied upon without such review.