Book'n ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our pet care booking platform at booknbuddy.com and related services (the "Service").
By using our Service, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
2.1 Information You Provide
Account Information: Name, email address, phone number, password, and (for Business Users enabling 2-factor authentication) a mobile number used solely for login verification codes
Business Information: Business name, address, services offered, pricing, operating hours, employee codes and role permissions for staff using the platform
Pet Information: Pet names, breeds, ages, health conditions, vaccination records, behavioral notes, grooming preferences, feeding and medication instructions you supply at booking
Booking Information: Reservation dates, service preferences, add-ons and quantities (e.g. medication servings, feedings), special instructions
Payment Information: Billing details processed through Stripe or Square (we do not store full card numbers). Saved-card references (Square Customer IDs) when you opt in to keep a card on file.
Electronic Signatures & Waivers: When you sign a liability waiver or accept terms electronically we capture the signature image, your typed name, the document version accepted, a timestamp, and the IP/device used to sign
Customer Status Records: Business Users may maintain approval or restriction notes about Customer Users (for example, flagging a customer for additional review). These records are visible to the business that created them.
Photos: Pet profile photos and daily update photos uploaded by Business Users or Customer Users, stored in Firebase Cloud Storage
Retail / Till Transactions (Business Users): Product catalog items, sales line items, tips, discounts, and payment method used for walk-in retail sales processed through the in-app point-of-sale
2.2 Information Collected Automatically
Device Information: Browser type, operating system, device identifiers, service worker registration IDs for push notifications
Usage Data: Pages visited, features used, time spent on the Service
Location Data: General location based on IP address. Precise GPS coordinates are collected only when a Business User explicitly enables location tracking during a dog-walking or pet-visit service (for route records and time-on-site verification), and only during the active visit.
3. Information Sharing
3.1 With Other Users
When you make a booking:
Customers see: Business name, address, services, pricing, availability
Businesses see: Customer name, contact info, pet details, booking notes
3.2 With Service Providers
Google Firebase: Authentication, Firestore database, Cloud Storage (photos, waivers), Cloud Functions (server-side logic and scheduled tasks), and Cloud Messaging for push notifications
Google Analytics: Usage analytics (with consent)
Google Maps Platform: Address autocomplete, geocoding, and distance/travel-time calculation (e.g. walks and pet visits)
Stripe & Stripe Connect: Secure payment processing, platform fee collection, and payout routing for businesses that choose Stripe
Square & Square Connect: Secure payment processing (Web Payments SDK, Terminal hardware, saved-card vault, inventory & catalog sync, invoices) for businesses that choose Square. Apple Pay tokens processed via Square's Web Payments SDK are passed through to Square for authorization; we never see the underlying card number.
Apple Pay (indirect): When a customer pays with Apple Pay, Apple generates a one-time token that is passed through the Square Web Payments SDK. We receive only the token, amount, and merchant-assigned transaction ID.
Email delivery: Transactional email (booking confirmations, reminders, payment requests, receipts, grooming-ready alerts, deposit emails, customer invites) is sent via our email provider. We do not use your email for marketing without explicit opt-in.
SMS (2-factor authentication, optional): Business Users who enable 2FA receive one-time login codes via SMS sent through Firebase Authentication. Numbers are used solely for login verification and are not shared or used for marketing.
3.3 What We Do Not Do
We do NOT sell your personal information
We do NOT share your data with advertisers
We do NOT use your pet photos for marketing without consent
4. Payment Processing
Book'n supports two payment processors. Each business chooses one. When you pay or receive a payment:
4.1 Stripe & Stripe Connect
Card details are sent directly to Stripe's PCI-DSS-compliant servers; we never see or store the full card number
Businesses accepting Stripe onboard through Stripe Connect and agree to Stripe's terms; their business bank account is registered with Stripe for payout
Card details are sent directly to Square's PCI-DSS-compliant servers via their Web Payments SDK or Square Terminal hardware; we never see or store the full card number
Businesses accepting Square connect their Square merchant account via OAuth; the resulting access token is stored encrypted and used solely to process payments and sync inventory on that business's behalf
Saved cards ("card on file") are held in Square's Customer vault. We store a reference (Square Customer ID) but not the card itself. You can remove saved cards at any time from your Account Settings.
When you pay with Apple Pay, Apple generates a one-time device-specific token. Book'n passes that token to Square (our payment processor) for authorization. We do not receive or store your underlying card number. See Apple Pay privacy information.
4.4 Platform Fee
Book'n charges a platform commission on payments processed through Stripe Connect or Square Connect. The rate depends on the Business's chosen payout schedule: 1.5% on Stripe Connect weekly payout, 3% on Stripe Connect daily payout, and 1.5% on Square Connect. This fee is taken at the time of the transaction and recorded on the Business's invoice. The chosen processor pays the remainder to the Business.
5. Cookies & Analytics
We use Google Analytics to understand how visitors use our site. This helps us improve the user experience. Analytics cookies are only set after you provide consent.
Cookie Type
Purpose
Duration
Essential
Authentication, security, basic functionality
Session
Preferences
Remember your settings (theme, language)
1 year
Analytics
Understand how you use our Service
2 years
Your Cookie Preferences:
Checking your preferences...
6. Push Notifications & Emails
With your permission, we send notifications to help you manage bookings and stay informed. You can opt out at any time.
6.1 Browser Push Notifications
When you allow browser notifications, a subscription is registered through our service worker and Firebase Cloud Messaging. We use this to send:
New booking requests and booking status changes (Business Users)
Daily care updates with photos (when your business sends them)
Package request status
You can revoke push access at any time through your browser's site settings.
6.2 Transactional Emails
We send emails for booking confirmations, reminders, payment requests, receipts, deposit notifications, grooming-ready alerts, customer invites, welcome messages, and similar service communications. We do not send marketing emails without separate, explicit consent.
7. Electronic Signatures & Waivers
When you electronically sign a liability waiver, consent form, or business-specific agreement through our platform, we capture:
The typed or drawn signature you provide
The document version accepted
A timestamp and the IP address used to sign
Your pet's identifier (when the waiver is pet-specific)
These records are retained with the associated booking for the applicable retention period so that the signing business can demonstrate the agreement if needed. You remain the author of your signature; businesses are licensed to use it for the single transaction you signed.
8. Platform Administrator Access
A small number of Book'n platform administrators (our support/engineering team) have access to production data for the limited purposes of customer support, troubleshooting, security investigations, and platform maintenance. Administrator access is logged and subject to confidentiality obligations. We do not browse user data for any other purpose and we do not use your data to train machine learning models.
9. Data Storage & Security
We implement appropriate security measures to protect your information:
Encryption: Data encrypted in transit (HTTPS/TLS) and at rest
Authentication: Secure login with password hashing
Access Controls: Limited access on a need-to-know basis
Infrastructure: Hosted on Google Cloud Platform with enterprise-grade security
However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.
10. Data Retention
We retain your information for as long as needed:
Data Type
Retention Period
Account Information
Until account deletion + 30 days
Booking Records
7 years (financial/tax purposes)
Pet Information
Until account deletion
Support Communications
3 years
Signed Waivers & Consent Records
7 years (legal defense purposes)
Daily Update Photos
Until booking + 2 years, or until customer deletes
Retail / Till Sales Records
7 years (tax and audit purposes)
Analytics Data
26 months (anonymized)
11. Your Rights
Depending on your location, you have the right to:
Access - Request a copy of your personal data
Correct - Update or correct inaccurate information
Delete - Request deletion of your account and data
Export - Receive your data in a portable format
Withdraw Consent - Opt out of analytics at any time
Object - Object to certain processing of your data
To Exercise Your Rights: Contact us at info@booknbuddy.com with your request. We will respond within 30 days.
12. International Data Transfers
Your information may be transferred to and processed in countries other than your own, including Canada and the United States (where our service providers operate). These countries may have different data protection laws.
By using our Service, you consent to such transfers. We ensure appropriate safeguards are in place to protect your information.
13. Canadian Privacy Laws (PIPEDA)
For users in Canada, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws. This includes:
Obtaining meaningful consent for data collection
Limiting collection to necessary purposes
Providing access to your personal information
Maintaining accurate and complete records
Implementing appropriate security safeguards
14. Third-Party Services
We use the following third-party services. Each has its own privacy policy governing their use of your data.
Google Firebase — Authentication, Firestore database, Cloud Storage (photos, signed waivers), Cloud Functions (server-side scheduled tasks and triggers), Cloud Messaging (push notifications)
Google Analytics — Website usage analytics (with consent only)
Google Maps Platform — Address autocomplete, geocoding, distance and travel-time calculation for walks and pet visits
Our services are not intended for children under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
16. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by:
Posting the updated policy on this page
Updating the "Last updated" date
Sending an email notification for significant changes
Your continued use of the Service after changes constitutes acceptance of the updated policy.
Contact Us
If you have questions about this Privacy Policy or want to exercise your data rights, contact us at:
